last executing test programs: 4m10.296326321s ago: executing program 0 (id=1): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file1\x00', 0x800010, &(0x7f0000000940)=ANY=[@ANYBLOB="646d61736b3d30303030303030303030303030303030303030303030302c756e695f786c6174653d312c6e6f6e756d7461696c3d302c726f6469722c666d61736b3d30303030303030303030303030303030e3a513334f6f9a6a6e6f6e756d7461696c3d302c756e695f786c6174653d312c6e6f6e756d7461696c3d302c756e695f786c6174653d302c757466383d312c756e695f786c6174653d302c757466383d312c756e695f786c6174653d312c6e6f6e756d7461696c648bb5e16f733178666c6f7070792c726f6469722c756e695f786c6174653d312c71756965742c0016a3b6cfc30a6b6ea8fea18cfc48fdd94c0591b42f43fe4be411b5eba2b809955bea57e386f8294c57f39de988284b07250e04596d1625907104c7f7796ae6f91c6d546cb460e8b2c9f6166ae1ff7a5e66800828d764d89a7151af89d574fa143d4284ea920ab7710355977cb7d4b018aee77791a5e50d85c1613c85812975fd5e3d04fd210f76395f7105bf864c063699d12dd45cc1460e03464dc0d782ea786b15ba648d54b57be073d0eeb56c7d2c5af204a735e18b4d736bf0c43c8c9a9778e1e7952cc6c38049d08f73b01e70c6b5c24fea92b569adeb26efdef668541efc1e32038bd2498b929710e0be39045a86e3f654705943bcaecd1cf6a32d51da0a12de44dd93c1cc98711ac512d7dade70b92f7c4e34d987f0c5af374a9baaa8644fa97bc143ea5a761e234dcf880549870e770adf64caa74cf759c1828206"], 0xf5, 0x2f4, &(0x7f0000000bc0)="$eJzs3ctrE1scwPFf3kl7e9PF5XK5qBwqiCIdmoA7FxZpQQwobSNYQZjaqYZMk5IJhYjYLgS3rl104VIEEdy5EXHbjX+Br1033VmwODKZmXSajmla6dPvZ9Gczvn95pyZc6aP02Zm5eKT2fKMpX234xLUL1GJeeVFOfd+6dPJ8Xd/uZ8rNTo8kcsrFRWRWw9eDLyt9954/feblCz3315ZzX9dPjEh8mPinkRVyVIV27ZtNVWt1iNO8nTJKmtKXTcN3TJUqWIZtbrSm/X6lGmoGbM6N9dQemW6r2euZliW0isNVTYaql5V9VpD6Xf1UkVpmqb6egTNwfJFt9RFOiUWn6/Ztqw6A5RaFNu2Q6IX/ULCe039XmdxmLSNf8fYLZMjtpc9w35Ys+Ot8U9uM/44ftzr//PTbq5/HD/jNyevDhcKI2NKpUVmH88X54vuq1v/sVdKYoohS2PnJ9fFmSMeiTgfR68URoZUU7+cmV3w8hfmi+43h+EZLz8nWefnlEC++Pk5N19tzk9ITzA/L1n5Jzw/7+dLNJCflLOnA/maZOXDHamKKdPi5G7kP8wpdflaoa39TDMOAAAAAAAAAICjSFMtG+v3kdafejOalmr+x0erPuNsduLcgNb6+pBkZT18fX4odH0/Lv/HD/DAAQAAAAD4g1iN+2XdNI3a3hRizzIdmkiIiFMQeTTgdKbjDv/1etxd68lTYQcY69zEpkLmgruDl2Nex2QvT9QuC1ERCW5x36yRdM7lKz8mI2Hp0R1NgMFk6JlP7+shSzfBkt7dxE51PbXaC5F1f8t/oTF2ZPv92LqZcLf4F+Z2rV/a0eXwy0K6/UQNfnH3a3b4ovGttcQHAAAA4AgJ/OIEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyK5uHubft39zlXiPiN96S7b258Rz338AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAh9DPAAAA///EKa42") sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x3) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) socket$packet(0x11, 0x3, 0x300) syz_emit_vhci(&(0x7f0000000480)=ANY=[@ANYBLOB="04"], 0x7) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04021d02aac2aaaaaa10060407ab1d7b94a7920c00"/32], 0x20) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f00000022c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000030000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989425f5d0b79f6584d0416d7c4bb9f547b328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f01000000010000006e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b98d2de10c21d3ea02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d000000200008000000000000001abc11c800000000000000000000000928ee53595a779d243a48cea769470424d20a04c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1000}, 0x94) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r3, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xb}, 0xe) sendmmsg(r3, &(0x7f0000000600)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000140)="a6", 0x1}, {0x0}], 0x2}}], 0x1, 0x20000) r4 = socket$inet6(0xa, 0x3, 0xff) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x16, &(0x7f0000fcb000), 0x4) close_range(r2, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x11e) setsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f00000004c0)={{{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@multicast2, 0x4e20, 0x1000, 0x4, 0x5, 0x2, 0x80, 0x20, 0x2e, 0x0, 0xffffffffffffffff}, {0xff00000000, 0x1000000005, 0x6, 0x7, 0x3fd, 0x7fd, 0x3, 0xc}, {0xffffffff, 0x5, 0x8, 0x5}, 0x2, 0x6e6bb6, 0x0, 0x1, 0x1, 0x3}, {{@in6=@remote, 0x4d7, 0x3c}, 0x2, @in=@empty, 0x3503, 0x3, 0x3, 0x5, 0x10, 0x5, 0x2}}, 0xe8) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_subtree(r5, &(0x7f0000000200), 0x2, 0x0) ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, &(0x7f0000000040)={0x10000, 0x7305be4b}) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000180)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x3b}, {}, {0x0, 0x5}, 0x400, 0x0, 0x1, 0x1, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x32}, 0x2, @in=@multicast2, 0x0, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0x4}}, 0xe8) rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00') sendfile(r6, 0xffffffffffffffff, &(0x7f0000000100)=0x89, 0x8) syz_mount_image$hfsplus(&(0x7f0000007340), &(0x7f0000000000)='./file2\x00', 0xe0000c, &(0x7f0000000800)=ANY=[@ANYBLOB='uid=', @ANYRESHEX, @ANYBLOB=',decompose,part=0x0000000000000007,decompose,nobarrier,part=0x0000000000000003,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c0039b3ef4dc25ea3d29a7938c2f80649c0338094c5f2a95f302af111b61773b3af0dd098367ae1483ac4721749f7f796f49086af5cff4717e31243b604779be814ccdabac139e01b980cbdb8f89163d42c404b62ad1b72f40e6c3fe0b2b414a670eae3e1c4367b1d54fe00847531a3c28a9aca19882c67160f0dcc46bae664b26926f50ce5b8000006923b7921d5c8f2c1e0372139fd"], 0x3, 0x643, &(0x7f0000000180)="$eJzs3UtsG2kdAPD/OI4TB9TN7qa7Ba1EtJUWRESbh1IIF8pDKIcVWpUD56h1G6tuWiUuSiuEwkscuHCoOJdDbpyQeo9UznBBveZYCdRLDyg3oxmPHeftvGoHfr9q/H2fv5lv/vO352Gn1gTwf2t+IoobkcT8xOeraXtzfaa2uT4zlHfXIiKtFyKKzSKSpYjkZbP7ZvrwlfTJfP7koPU8q87devV283WzVWwtnJTS2vDByx2lueBaPsV4RAzk5V6D3Y66Y7zbB463n3//Yf8gm4Gm23y1lTjotcYea8dZ/MT7LdA/kuZ5c4/RiJHsDN28Doj86FB4t9GdvWMd5QAAAOCCem8rttYajUav4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICLJL//f5JPhVZ9PJLW/f9LHbOXehjqmdjodQAAAAAAAAAAcCKNgc7W17ZiK1bjUrs3yf7m/2nWGMsevxSPYyUqsRzXYjUWoh71WI6piBjtGKi0ulCvL091seT0vktOn+tGAwAAAAAAAMD/ul/H/Pbf/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoB8kEQPNIpvGWvXRKBQjYjgiSul8axH/aNUvso1eBwAAAADvwHtbsRWrcanVbiTZZ/6Pss/9w/E4lqIe1ahHLSpxJ/suoPmpv7C5PlPbXJ95kE57x/3TfxqZLsPIRozmdw/7r/lKNkc57kY1e+Za3I6HUSt3jnKlFc/+cf3qTTr293JdRnYnL9Mt/2Ne9ofRLCOD7YxM5rGleXz/8Ex8/81J1zSermkqCu1vfsbOIecjeZnsKntvd86no5DlO/XR4ZmI+PqLv/xssbZ0f/HuykT/bNIJNTPRaDQzMZS1Wpn4+MhMDMXOTNx45/Gfncls2y+32/Px4/hpTMR4fBHLUY2fx0LUoxLj8aOstpC/n9PH0V2ZKuwc+uaO1hdHRVLKX5fmUfR4MX2aLXspqvGTeBh3ohI3sn/TMRXfjtmYjbmOV/hyF3t94Xh7/dVv5JX0kP77vOwPaV7f78hr5zF3NOvrfGY7Sx+c/bGx+NW8kq7jNxHxwzPcztPZnYn0LPHiy82+Dw/PxJ+z64SV2tL95cWFR12u77O8TPej3/XVWSJ9v3yQvlhZa+e7I+37cN++qaxvrN1X2NN3ud131J5ayq/h9o40nfV9vG/fTNZ3paNvz/VW+3oIgD428s2RUvlf5b+Xn5d/W14sfz78g6HvDH1SisG/DX63ODnwWeGT5K/xPH65/fkfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4uZUnT+8v1GqV5SMrSXbz/4iuZu6otG7ndPjMSRSzG/kcZ2SVWq0yHH0RxrEqtX9GdDyT9DqefqgM9dubv7fHJeD8Xa8/eHR95cnTb1UfLNyr3KssDc7Ozk3Ozd6YuX63WhuI9LEy2esogfOwfdLPmoO9jgcAAAAAAAAAAAA42uE/A2j9d8DT/Zygx5sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXHDzE1HciCSmJq9Npu3N9ZlaOrXq23MWI6IQEckvIpKXETejOcVox3DJQet5Vp279ert5uvtsYqt+QuHLdedtXyK8YgYyMuzGu/2qcdL2luYJuxq6XTBwZn5bwAAAP//uI4Hww==") 4m8.278728917s ago: executing program 0 (id=9): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000300)={[{@barrier}, {@delalloc}, {@jqfmt_vfsv0}, {@barrier}, {@auto_da_alloc}, {@errors_remount}]}, 0x1, 0x59c, &(0x7f0000001840)="$eJzs3U9oHGUbAPBnZrNN/+T70g++Dz6lh6JChdJN0j9aPbVXsVDoQfCiYbMNJZtsySbahIDpvYg9iEov9aYHj4oHD+LFo1cvimeh2KDQ9KArm51N03S3bmI2W7O/H0z2fWdm93nfmX3e7AwzTAB962j9TxrxVERcTCKGNywbiGzh0cZ6qytLxfsrS8UkarVLvySRRMS9laVic/0kez0UEcsR8f+I+CYfcTxd/8h9zUJ1YXFqvFwuzWb1kbnpqyPVhcUTV6bHJ0uTpZlTL7505uzpM2MnxzY2935tYy2/tb7e+PHmuze+e+X2zU8/O7JcfH88iXMxlC3b2I+d1Ngm+Ti3af7pbgTroaTXDWBbclme11PpfzEcuSzrW6ltHBwGd6V5QBfVBiNq6zYUgT6QSHroU83fAfXj3+a0m78/7pxvHIDU466uLBXfiWb8gca5idi/dmxy8NfkoSOT+vHm4d1sKHvS8vWIGB0YePT7n2Tfv+0b3YkG0lVfn2/sqEf3f7o+/kSL8Weoee70b2qOf6vZ+LfaIn6uzfh3scMYv7/+00dt418fjKdbxk/W4yct4qcR8WaH8W+99uXZdstqH0cci9bxm5LHnx8euXylXBpt/G0Z46tjR15u3/+Ig23iN87Z7l9ryMb+78valHbY/y++/fyZ5cfEf/7Zx+//Vtv/QES812H8/9z75NV2y+5cT+7WfwVsdf8nkY/bHcZ/4dzRH7Kis4YAAAAAAAAAALCD0rVr2ZK0sF5O00KhcQ/vf+NgWq5U545frszPTDSueTsc+bR5pdVwo57U62PZ9bjN+slN9VO5LGDuwFq9UKyUJ3rcdwAAAAAAAAAAAAAAAAAAAHhSHNp0//9vubX7/zc/rhrYq9o/8hvY6+Q/9K+H8z/pWTuA3ef/P/StmvyH/iX/oX/Jf+hf8h/6l/yH/iX/oX/JfwAAAAAAAAAAAAAAAAAAAAAAAAAA6IqLFy7Up9r9laVivT4xsDA/VXnrxESpOlWYni8WipXZq4XJSmWyXCoUK9N/9XlJpXJ1NGbmr43MlapzI9WFxTemK/MzzWeKlvJd7xEAAAAAAAAAAAAAAAAAAAD88wytTUlaiMg36mlaKET8KyIOJ5FcvlIujUbEvyPi+1x+sF4f63WjAQAAAAAAAAAAAAAAAAAAYI+pLixOjZfLpdnuFQayUF0M0XlhYCsrR8Tyzjaj/olbflc+24A93nR7o5B7Mr6HT36hh4MSAAAAAAAAAAAAAAAAAAD0qQc3/Xb6jj+62yAAAAAAAAAAAAAAAAAAAADoS+nPSUTUp2PDzw1tXrovWc2tvUbE27cufXBtfG5udqw+/+76/LkPs/kne9F+oFPNPE0jop7HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAPVhcWp8XK5NLvNwmAH6/S6jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADb8WcAAAD//y4WzlE=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) sendmsg$NFNL_MSG_COMPAT_GET(r0, 0x0, 0x800) openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) pwrite64(r0, &(0x7f0000000240), 0x0, 0xfffffffffffff630) pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xc00) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200080, &(0x7f0000000040)={[{@jqfmt_vfsv1}]}, 0xfa, 0x56c, &(0x7f0000000940)="$eJzs3c9rFFccAPDvbBKjxtYIIm0PJeChFuvGJP1hoQd7LK1UaO92SdYg2biS3YhJheqhXnopUiilQukf0HuP0n+gf4XQClIktIdepsw6azbJ7ibG1WzdzwdG35s3mzdvZr6P9/btsgEMrInsn0LEqxHxbRJxuKVsOPLCiUfHrT28PpttSaTpZ38lkeT7mscn+f9jeeaViPjt64iTha311lZWF0qVSnkpz0/WF69M1lZWT11aLM2X58uXp2dmzrwzM/3+e+9uffHo7tr65vl/fvj07kdnvjm+9v0v94/cTuJsHMrLWtvxFG60ZiZiIr8mI3F204FTPaisnyR7fQLsylAe5yOR9QGHYyiPeuDF91VEpMCASsQ/DKjmOKA5t+86D05fvFnegw8bE6DRre1PHr03Evsbc6ODa8mGmVF2JcZ7UH9Wx69/3rmdbdG79yEAtnXjZkScHh7e0P+9HC393+6d3sExm+vQ/8Hzczcb/7w12mb8V3g8/ok245+xNrG7G9vHf+F+D6rpKBv/fdB2/Pt40Wp8KM+91BjzjSQXL1XKWd+WdZMnYmQ0y3dbzzmzdi/tVNY6/su2rP7mWDA/j/vDm9a75kr10tO0udWDmxGvDbdr//r4N2lz/7PrcX6HdRwr33m9U9n27X+20p8j3mh7/9fnOkn39cnJxvMw2Xwqtvr71rHfO9W/1+3P7v/B7u0fT1rXa2tPXsdP+/8tdyqbSPJF0yd8/vclnzfS+/J910r1+tJUxL7kk637p9df28w3j8/af+J4+/jv9vwfiIgvdtj+W0dvdTy0H+7/3BPd/w6JNOlYdO/jL3/sVP/O+r+3G6kT+Z6d9H9dznRD4mmuHQAAAAAAAPSbQkQciqRQfJwuFIrFR5/vOBoHC5VqrX7yYnX58lw0vis7HiOF5kr3WMvnIabyz8M289Ob8jMRcSQivhs60MgXZ6uVub1uPAAAAAAAAAAAAAAAAAAAAPSJsQ7f/8/8MbTXZwc8c37yGwbXtvHfi196AvpSl/h/8X7xF9jA+B8Gl/iHwSX+YXCJfxhc4h8Gl/iHwSX+AQAAAAAAAAAAAAAAAAAAAAAAAAAAoKfOnzuXbenaw+uzWX7u6sryQvXqqblybaG4uDxbnK0uXSnOV6vzlXJxthrj2/y9SrV6ZWo6lq9N1stJfbK2snphsbp8uX7h0mJpvnyhPPJ8mgUAAAAAAAAAAAAAAAAAAAD/K7WV1YVSpVJekpDYVWK4P06jN4k0TdM+OI1+SOx1zwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6/4LAAD//6lkOFk=") 4m0.380001866s ago: executing program 0 (id=14): r0 = socket(0x10, 0x803, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, 0x0, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002480)=@newtfilter={0x4c, 0x2c, 0x1, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_ADDEND={0x8, 0x5, 0x14d8}, @TCA_FLOW_KEYS={0x8, 0x1, 0x15bf8}]}}, @TCA_RATE={0x6, 0x5, {0x2, 0xe}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000000}, 0x24040084) 4m0.010179299s ago: executing program 0 (id=15): pipe(&(0x7f0000000000)) pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) r1 = gettid() capset(&(0x7f00000000c0)={0x19980330, r1}, &(0x7f0000000040)={0x200000, 0x200000, 0xfffffffd, 0x0, 0x4}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) fcntl$setpipe(r0, 0x407, 0x100000) 3m55.784948457s ago: executing program 0 (id=18): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x50) socket(0x2, 0x3, 0xff) prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) setrlimit(0x3, &(0x7f0000000000)={0x3, 0xad}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0) io_pgetevents(0x0, 0x7f, 0x0, 0x0, &(0x7f0000002f80)={0x77359400}, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x13, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f00000002c0)=""/251, &(0x7f0000000940), &(0x7f0000000200), 0xa7c, r3}, 0x38) 3m55.202219858s ago: executing program 32 (id=18): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x50) socket(0x2, 0x3, 0xff) prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) setrlimit(0x3, &(0x7f0000000000)={0x3, 0xad}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0) io_pgetevents(0x0, 0x7f, 0x0, 0x0, &(0x7f0000002f80)={0x77359400}, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x13, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f00000002c0)=""/251, &(0x7f0000000940), &(0x7f0000000200), 0xa7c, r3}, 0x38) 3m45.196784741s ago: executing program 1 (id=28): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20a00, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x200801f, &(0x7f00000001c0), 0x0, 0x4f8, &(0x7f0000000480)="$eJzs3VFrW1EdAPD/vU3cunWm0z3Mgdtwk3bo0nZ1W/FhKog+DdT5PmubldK0GW26rWVohx9AEFHBF33yRfADCLKPIMJA30VFEd30wYfplSQ3teuStnNpou3vB6c55+Yk/3N6yck5915yAzi2LkfEeERkWZZdi4hSvj3NU2y1UqPeq5dP5xopiSy795ckknxb+71O5I+n85edjIivfDHi68nbcdc2Npdmq9XKal6eqC8nr7Ns8/ri8uxCZaGyMj09dWvm9szNmcme9HM0Iu58/g/f+/ZPvnDnF598/Nv7fxr/RquDLTv70Uutrheb/4u2QkSsHkawASk0e9hyc8BtAQBgb435/oci4mMRcS1KMdSczQEAAABHSfaZkXidtM7/AQAAAEdTGhEjkaTl/HrfkUjTcrl1De+5OJVWa2v1T2Sl7eMFo1FMHyxWK5P5tQOjUUwa5an8Gtt2+cau8nREnI2I75aGm+XyXK06P9AjHwAAAHB8nN61/v97qbX+BwAAAI6Y0UE3AAAAADh01v8AAABw9Fn/AwAAwJF2Iu7Gl+7ezdr3v55/tLG+VHt0fb6ytlReXp8rz9VWH5YXarWF5m/2Le/3ftVa7eGnYmX9yUS9slafWNvYvL9cW1+p31984xbYAAAAQB+dvfT8N0lEbH16OI2ILNnxXDEiG9pZudD/9gGHJ32Xyr8/vHYA/Tc06AYAA2NKD8dXcdANAAZuv3Gg68U7v+x9WwAAgMMx9pHt8//NBBwf+fn/JBl0Q4C+c/4fjq9CRLI16EYAA1HcawZgUQBHXnqAj/r7n//PsndqFAAA0HMjzZSk5XwdMBJpWi5HnGneFqCYPFisViYj4oMR8etS8USjPNV8ZeLwAAAAAAAAAAAAAAAAAAAAAAAAAAAcUJYlkXUxvF0HAAAA+H8Wkf4xye//NVa6OrL7+MAHkn+Umo8R8fiH977/ZLZeX51qbP/r9vb6D/LtN/p99AIAAADopL1Ob6/jAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKCXXr18OtdO/Yz7589FxGin+IU42Xw8GcWIOPW3JAo7XpdExFAP4m89i4jzneInjWbFaN6K3fHTiBjuVfxzMfLfxD/dg/hwnD1vjD+f7fT5T+Ny87Hz56+Qp/fVffxLt8e/oS7j35lOb5i+venCi59NdI3/LOJCofP4146fdIl/Jc/v93/42lc3N7s9l/04Yqzj90/yRqyJpPBwYm1j8/ri8uxCZaGyMj09dWvm9szNmcmJB4vVSv63Y4zvfPTn/9qr/6e6xB/dp/9X9+l32z9fPHn54Va2uOupYvwoy8avdN7/5/P4u/d/+7vv4/nubpTH2vmtVn6niz/91cVLe/R/vkv/99v/4wfs/7Uvf+t3B6wKAPTB2sbm0my1WlmVkTm0zHAcpHJjftmDoLOxV532JLYPff9mHup/Yhe8c2aAgxIAAHAo/jPpH3RLAAAAAAAAAAAAAAAAAAAA4Pja72fAogc/J7Y75tZgugoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsKd/BwAA//+Ossmb") r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r2, 0x2) setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x4e23, 0x10000, @remote, 0x7ff}}, 0x0, 0x0, 0x49, 0x0, "ec35492d39efb71c424b2a8a0f3029a26660f9f279fe406e93916f7c10035ae92b388c323f79635fd736790eef5656638864b80f6b1fcd68699949ed7d77c3a646ad3e6f16a71985261c293550903812"}, 0xd8) syz_open_procfs(0x0, 0x0) syz_open_procfs(0x0, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) quotactl_fd$Q_QUOTAOFF(r1, 0xffffffff80000300, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, 0x0, 0x0) listen(r3, 0x0) setsockopt$inet6_IPV6_DSTOPTS(r3, 0x29, 0x3b, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2, 0xffff}}}}}}}, 0x0) ioctl$KVM_CAP_X86_USER_SPACE_MSR(r1, 0x4068aea3, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0) mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0) 3m36.366935411s ago: executing program 1 (id=35): socket$inet(0x2, 0x2, 0x0) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x0, 0x0) openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r4 = socket(0xa, 0x1, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x884}, 0x4004004) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000001f40)=@raw={'raw\x00', 0x8, 0x3, 0x1258, 0x10f0, 0x11, 0x148, 0x10f0, 0x10, 0x11c0, 0x2a8, 0x2a8, 0x11c0, 0x2a8, 0x7fffffe, 0x0, {[{{@uncond, 0x10, 0x10d0, 0x10f0, 0x1c, {0x6}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x1, 0x0, 0x0, './cgroup/syz0\x00'}}, @common=@unspec=@mark={{0x30}, {0x863, 0x7fff}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, 0x9, 0x8, [0x3b, 0x29, 0x1f, 0x2, 0x29, 0x25, 0x38, 0x25, 0xa, 0x33, 0x28, 0x21, 0x25, 0x11, 0x16, 0x1b], 0x2, 0x3ff, 0x9}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x12b8) r6 = syz_open_dev$sndctrl(&(0x7f0000001ac0), 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r6, 0xc4c85513, &(0x7f0000000000)={0x7, 0x4, 0x1, 0x400000, 'syz1\x00', 0x109a7}) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x102) mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0) mount$cgroup(0x0, 0x0, 0x0, 0x802c, 0x0) syz_io_uring_setup(0x4b7, 0x0, &(0x7f0000010080), 0x0) 3m33.445261776s ago: executing program 1 (id=37): futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc)=0x1, 0xc, 0x1, &(0x7f0000000040), &(0x7f0000048000), 0x1) syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0) exit(0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa) 3m31.968347555s ago: executing program 1 (id=39): r0 = fsopen(&(0x7f0000000080)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x8) r2 = openat$cgroup(r1, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f0000000400)='cgroup.kill\x00', 0x275a, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12) 3m30.915523487s ago: executing program 1 (id=41): syz_usb_connect(0x3, 0x48, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x79c, &(0x7f00000007c0)="$eJzs3c9rXNUeAPDvnSSdJu17yYMH7/WtAg80UDoxNbYKLuJKBAsFXduGyTTUTDIlMylNyKJFBDeCigtBN137oy4Et/5YuNH/woW0VE2LFRcSufOjmSYz6SRNZir5fODOnHPPvXPOd879cWbmcieAA2s0fchEHIuId5KI4fr8JCIGqqn+iKnacvfWVvPplMT6+iu/JNVl7q6t5qNpndSReua/EfHNmxHHM1vrLS+vzE0Xi4XFen68Mn9pvLy8cuLi/PRsYbawcGpicvLk6WdOn9q7WH/7YeXorXdffPKzqT/e+M+Nt79N0sCu1sqa49grozFaf08G0po2DO91Tb2X9LoB7Eq6a/bV9vI4FsPRV021MdjNlgEA+2UdADiAEmMAADhgGt8D3F1bzTem3n4j0V23X4iIw7X4G79v1kr6YyqyaWFfmhu6mzzwy0gSESN7UP9oRHz05WufpFPU+8FvaUA3XL0WEedHRrce/5MHr1nYhae2K1zPVp9GN80+aOcf6KWv0vHPs63Gf5n6/n+4+rh5/JNtse/uxsP3/8zNzet89+oeVFyXjv+eb7q27V5T/HUjffXcP6pjvoHkwsViIT22/TMixmIgm+Ynqou2HrmN3fnzTrv6m8d/v773+sdp/enzxhKZm/3ZB9eZma5MP2rcDbevRfyvv1X8yf3+T9qMf892WMdLz731YbuyNP403sa0Nf7Wvuiw7odZvx7xRMv+3+jLZNvrE8erm8N4Y6No4fMfPxhqV39z/6dTWn/js0A3pP0/tH38I0nz9Zrlndfx/fXhr9uVPTz+1tv/oaR2EDhUn3dlulJZnIg4lLy8df7JjXUb+cbyafxj/2+9/9eqbb39D6TDpg7j77/186e7j39/pfHP7Kj/d564cW+ur139beJv6vG0/yerqbH6nE6Of5028FHeOwAAAAAAAAAAAAAAAAAAAAAAAADoVCYijkaSyd1PZzK5XO0/vP8dQ5liqVw5fqG0tDCTllXvf5pp3OpyuOl+qBP1++E38ic35Z+OiH9FxPvZwWo+ly8VZ3odPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWnz//+pn7K9bh0AsG8O97oBAEDXOf8DwMGzs/P/YFN6as/bAgB0h8//AHDwdHz+P7+/7QAAusfnfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPbZ2TNn0mn997XVfJqfuby8NFe6fGKmUJ7LzS/lc/nS4qXcbKk0Wyzk8qX5ti90tfZULJUuTcbC0pXxSqFcGS8vr5ybLy0tVM5dnJ+eLZwrDHQtMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoXHl5ZW66WCwsSmybGNzTF8z+7d/5/ngsmiGxb4nmo8Rg7w5QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+5vwIAAP//BeYuJQ==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x5452, &(0x7f0000006980)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) renameat2(r0, 0x0, 0xffffffffffffffff, 0x0, 0x5) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x50) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) 3m24.69637581s ago: executing program 1 (id=52): sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) fsopen(0x0, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8800}, 0x40000) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0b00000000010000000100000900000001"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000002c0), 0x8, r0}, 0x38) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x44, 0x1, 0x1, 0x201, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @private}}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x899}]}]}, 0x44}}, 0x0) syz_usb_connect(0x0, 0x3e, &(0x7f0000001100)=ANY=[@ANYBLOB="1201000020dafb2099041010f50a0102030109022c00010000000009040000016f2bae000824020100000000092402020000000000090585da20"], 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x2, 0xc8081) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x20000800) sendmsg$NL80211_CMD_START_AP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x7c, r4, 0x5, 0x0, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3f, 0xe, {{{}, {}, @device_b, @broadcast, @random="4d8e505a6882"}, 0x0, @random=0x4, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @void, @void, @void, @void, @void, @void, @void, @val={0x3c, 0x4, {0x1, 0x7, 0x3c, 0x2}}, @void, @void, @val={0x71, 0x7, {0x1, 0x1, 0x0, 0x1, 0x1, 0xf0, 0x8}}, @void}}], @crypto_settings=[@NL80211_ATTR_AKM_SUITES={0x10, 0x4c, [0xfac13, 0xfac14, 0xfac0c]}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x7c}}, 0x0) close(0x3) syz_clone3(0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)='u', 0x1}], 0x1}, 0x4040001) recvmsg$unix(r6, &(0x7f00000038c0)={&(0x7f0000000300)=@abs, 0x6e, &(0x7f0000000140)=[{0x0}, {0x0}, {0x0, 0x2d}, {0x0}, {0x0}, {0x0}, {0x0, 0xfffffc36}, {0x0}, {0x0}], 0x9}, 0x41) 3m9.411015733s ago: executing program 33 (id=52): sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) fsopen(0x0, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8800}, 0x40000) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0b00000000010000000100000900000001"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000002c0), 0x8, r0}, 0x38) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x44, 0x1, 0x1, 0x201, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @private}}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x899}]}]}, 0x44}}, 0x0) syz_usb_connect(0x0, 0x3e, &(0x7f0000001100)=ANY=[@ANYBLOB="1201000020dafb2099041010f50a0102030109022c00010000000009040000016f2bae000824020100000000092402020000000000090585da20"], 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x2, 0xc8081) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x20000800) sendmsg$NL80211_CMD_START_AP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x7c, r4, 0x5, 0x0, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3f, 0xe, {{{}, {}, @device_b, @broadcast, @random="4d8e505a6882"}, 0x0, @random=0x4, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @void, @void, @void, @void, @void, @void, @void, @val={0x3c, 0x4, {0x1, 0x7, 0x3c, 0x2}}, @void, @void, @val={0x71, 0x7, {0x1, 0x1, 0x0, 0x1, 0x1, 0xf0, 0x8}}, @void}}], @crypto_settings=[@NL80211_ATTR_AKM_SUITES={0x10, 0x4c, [0xfac13, 0xfac14, 0xfac0c]}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x7c}}, 0x0) close(0x3) syz_clone3(0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)='u', 0x1}], 0x1}, 0x4040001) recvmsg$unix(r6, &(0x7f00000038c0)={&(0x7f0000000300)=@abs, 0x6e, &(0x7f0000000140)=[{0x0}, {0x0}, {0x0, 0x2d}, {0x0}, {0x0}, {0x0}, {0x0, 0xfffffc36}, {0x0}, {0x0}], 0x9}, 0x41) 2m0.062140034s ago: executing program 4 (id=140): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2, &(0x7f0000000400)={[{@jqfmt_vfsold}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@orlov}, {@noload}, {@delalloc}, {@mblk_io_submit}, {@commit}, {@discard}, {@nobarrier}, {@init_itable_val={'init_itable', 0x3d, 0xfff}}]}, 0xfa, 0x477, &(0x7f0000001380)="$eJzs3M9vFFUcAPDvTH/w21bEHyBIFY3EHy0tP+TgRaMJB01M9IDxVNtCKgs1tCZCiFYPeDQk3o3/hfGkF6NeNPGqd0NCDBdQL2tmZwaWZbfd0m0X2M8nme57M6/73ndm3u6bebsbQM8ayf4kEVsj4o+IGMqztxYYyR+uX70w9c/VC1NJVKtv/53Uyl27emGqLFr+35Y8U60W+Q1N6r34XsRkpTJztsiPLZz+cGz+3PkXZ09Pnpw5OXNm4ujRQwf3DB6ZONyROLO4ru36ZG73zmPvXnpz6vil939O0sjjjoY4OmUk37tNPdPpyrpsW1066a/fsvfXm+lmZwLd1BcR2eEaqPX/oeiLTTe2DcXrn3e1ccCaqlar1SVelRerwH0siW63AOiO8o0+u/4tl3UaetwVrrySXwBlcV8vlnxLf6R5Yu9Aw/Xt1g7WPxIRxxf//TpbYo3uQwAA1Ps+G/+80Gz8l8YjeWIw+/NAMYcyHBEPRsT2iHgoInZExMMRtbKPRsRjK6y/cYbk9vFPevmOg2tDNv57uZjbunX8l5ZFhvuK3LZa/APJidnKzIFin+yPgQ0nZpOZ8SXq+OG1379sta1+/JctWf3lWLBox+X+hht005MLk6uJud6VzyJ29TeLP4lyGieJiJ0RsesO65h9rr/ltuXjX0Lrp21b9ZuIZ/PjvxgN8ZeSlvOT4y8dmTg8tjEqMwfGyrPidr/8dvGtVvWvKv4OyI7/5qbn/434h5ONEfPnzp+qzdfOr+jps64TF//8ouU1TRF/1r3aOf+PbSvO/8HkndqKwWLDx5MLC2fHIwaTN25fP3Hz2cp8WT6Lf/++5v1/e9zcE49HxO6I2BMRT2QXhUXbn4yIpyJi3xI74adXn/5gmfibHP/1mSvN4p9e7vhH/fFfeaLv1I/fLR//xohodfwP1VL7izXtvP6128DV7DsAAAC4V+SfgU/S0RvpNB0dzT/DvyM2p5W5+YXnT8x9dGY6n/cejoG0vNM1VHc/dLy4N1zmJxryB4v7xl/1barlR6fmKtPdDh563JYW/T/zV1+3WwesuQ7MowH3KP0fepf+D70p0f+hp+n/0Lua9f9PW5Ye/XZNGwOsK+//0Lva6P+L+UPrUQFwb/L+D71L/4ee1PK78emqvvK/7on/it8zvFvac/8nIr0rmnH/J/rb/jGLFSSqQ3n/z9ZsaFqm269MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfF/AAAA//8Qi+Nc") socket$nl_netfilter(0x10, 0x3, 0xc) bind$inet6(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000008380)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002dc0)=[{0x1010, 0x1, 0x7, "e465b75c07571f3225da63a0821c4cf1f8f7df01b451a00383dacf399b0447a32420ea63f5a8ac3b6b8de8e96612751c8d17478d50ff0a85ef616619298d23c9e1314f7e4c1a7699dca66ced2cef7eb88deae48c12baf0bc667e49623278d53f86604fbe75631837b888a4295bb1433cf8ef76263e5cbd1bdb47cbf33120b4602dcf4984fe23079db533787207ee626567e372661e00dab2a23d87d3f378f03ebad58dc030f13eb7b7db0306e8c512f8fd40a7e377c1069d093d5f6d9e04f1f4618fd9a3fbafcce49578d7c9ac4082219d28095efa669ea9c429aa2488d343d885649d0c91cbd7854362f590ba644743992153d580af260479d05fe72b646e863ea977f1be388abf0ad9dd65408a97ebf00616f459247cfce4af8a39b844a53edc74cf57f9d94783dd505aee991206d53253e2970c8d290b0624bf37502ad6ba43442f811a887d914da15968357bc2bfcfd5b9f022fa7ea11bca3311ee44bf2335575861521971d24fe42c20224c7180aee4e61fc223b350d2f57648ee18f6e5187b03d35aeac26036b7bee13e01b98f0de142e86d61c5d461403c8d9ed804fda4f9e1b27a40b53df7a29bb4ee8a85ae01594dc045d18d397eb67a3b9e807e19fdad25f3de50daef17c8e4beda558e71c3283e837f8e3e0006e018496126d40fe7a95e460402d1fa43afc51f9fa4bf664e81c8d5964db7146e2e49ec9e5bb3ff01018c608f4d7da38c715ccd96edd34d39df5c9d77f09d79560272be7ecaa694833ddb99b04fb16043024b7fec7332c53886602c912050770358a46f3fbb1c43e8b5401693e657bc24a0f99ea5090542ae657c19b5eeeb384ca192e7654976a6248632c048412ca37b7e6bb52d3a35b71a14590db3f21df4ad1e1ec8246af095a19848dcc76f5e1eddbadedd5a633583fc5f0953d3656fb2c19dd1e76e62cb9ac05c608e02e4fba27acd2e687d1c9192e78885f36d6bfd1cbc4104ce2cc3ca0c0f5118c3235e0846c122e0d6ede1bc760874d3644f9c6cb536e3bc16df8fb5bb400cac3ca7872bf3337f521f38c38c3cf35a0f7d47deb47437ca83b9988fe2793bdb41f9c6d5046eef713531b1b153b13fa9e4042296eb86e0ebdefbd188e234dc1282584c44d432f22ecb1ffe00eb44bd8c9bd6ff4ef87589ed27d4522f4bb729d593f2f868a694d9f9e95ed487ffb5643c8ac1c5b9ebd08c84882503139043ec25573b5240aef6122906d371fc3467ad3a7b8be5c43e115306b824fad379122cea6c53e6fb76fa45070db7da2b4022e9832f5469f17a64439cf22e08311e78c82be123dc50f6bd531b05076230219a707a4d83888185166dadde1dad3c3fc7e940ead70dde3e4d00e961271a9d4478f0f671dae6d6aedb3b386bceeee4c6d5f10c482e4e12fca26df4c4fb17981ec39d82f51a9d6d5b8c34700cf1f83dc13035d40d8abefc1bab16d37f71431e3de4d2889b87cb540e82256aadd3b12fca515e649cc354fd85034fc5aab95060f9a55d1a9502e68b44db130a782c45d310d2ee1cd39fd8d1483b254f0dc67811959a39f2ab293fb07d14c323e588ba888601b7f19d1a0e425d7841e9511f13d660c92348c3ce2cefba04f884e8849d1891b7a588d42bda962481139f85a4982c99b1998c16fd7337727952e9774c73f76e28d72999c23bc0ad9e053d3b97380d73ccde44459612c889425ee6026a50d9d74621a23a95c5b5250095d8630c57e3f45adb424e9dca2ad3eb6b1fb286920a33e51038d2394944f58c951915c5322368c335fb601b93bec5be3f3fdc335de332df20fe10f8fe980fd65a63d9890d89cfa9b9bac87af6bc19d8ed1aa2ab350e2a4d35ea4cbfe5d39bcfa505409ab56ea6d3c532c8ec5fc0b3bbe60cdb8949061b39b209573d89127f775a662ab1f0d10f042cfe991b7d8d458006a908a5555b8bd1757aeb72ff441e6d86f85496390d39c6aa9cf5bfb1fac93e6320e423a7f50b3ddba5a010130122ac33c4a3e785895d4f44405fd379d20cae6e3a73d8d4e4e4c2872d7f0e6619cb4c723c484bd472add36462eb5e7c27913a228d623eabc8515ff2358097d7c1be9b6c64b97467844184819c2e1f5903c678064dfd5edfd1f6204448963599402518f378d68cb1d22d1c68408d3c2ac3a9392888481ef7519c30ef161e3d6b8a7b18d945473f647f7ea3596d81997983af7c84388086c64d50b8e9a492d65934091ac14e42bc4979861b43a7c5329693afd60710d42f7f7c4398e00d6117ff5c6320b0ab08f32168c9b9bca724f5aae59fb3e8675722eeb10245d93989581799395b54851b4cc4933f5e5a1101b6c70dc744d733cc05c6045f982a475f4abc36fd19030eda3583a09a685871a8879c57dc35b7abf0e9ba965c4c6b18e038a5c20e32fd7c00ecea6a7e1db53357bebee32e8e6f58c402d45a7364c5017cfaa0da9fd32374ac75150c9274a8b604ac8791c5b61f54e8578df93ce60d55c708b67d85d9188cf2958a78838fad5b46096c0bba78026ac54a8420fa05460203c9fdd862af76641f812b6b1e7b7535ad3105f5ccd9ffdbb097193bc59f469302464f9f844455e844d869baa72cfb38425c012c20743973d4d4c77c5e975415e00f768b2044f01dd60752e73f78934129f4d5c41aa3608dde66d65447e9b7cca0228eb9bbf916c1f064acbd5abc00a1b47f1431712676f631505aeee07449a6d0e68a62dc6c4a18ce81746cd825caf333be0b6ff2e425de98233b9ed94d72afaf319a1bce369be15ce0bbca9a894a05335ec5ea4314db06215647753cf397a1a65603dd51b486c3effe100d201e01bac12df46a1803f30897546a20496e1a49c717ada93ef97ac33c6ee1ea4881276d2841dbc22cf4148b64c7796e3b0bbc2c69ac2337582db44ab699bd31f45f6731607ff18e12853cd8a2cb497dcb10b0f6cc84f2c390393eb850171c5bc0463c74b35c4a16188a92524624a95fdaeb75916ddb9d264513ed100086a7f598c7d7e2520ad320c548cd393bcd58ef182f8fb27e947f50ddf4e8a7cc42e555f8a157396619a53d3640319747b6b1fc76446092780db31d4b3375b9b37ac9e10a241b0fd9677a3938e47c1e474dfdb804b8332c0b331b6f90a38f2ed2ba8b055895f496a5591739cfb79df2044b92bd0f73c3d45d4bf7fe46979af653e6ea86d4960599586d63ca2129e753c9b5026fa54b6660057d64f2831b11cd3d1af40589a2e0c2d0636f89dff5a56bacf6043d37b39907a5cd04eaf52a7015784e31f78bf13e14eb289052c6c885784d8af43196b961e32c015a906135f9e94db7d7dbf273c7b5a25315b87ab08d2610dd115941ce9b047d69d9cfef301685e7d09c2def8746bb9bd9e7579e477eb35a84a6a2fadfc9daac4fe235cf3badedba6738766a8e643ce384894b2adcd0993fe67eabf53e35597fb5b929828b28766fb1705929717ca2ef793ad39284a6498e7bf728785e3afc1e4ff39a7e290253259a353d3097f95c21e0f73512f1306e94a80fd3ef0f6295b83312d333e6788e57b008ec7a0f157753727c6924bd8ecb47add4cbfb1d3dd680e3cf40366c41b6d43d22da95703f9a1f10ed57d6a9faaaf079b9ce52fb528ff46a7f3dc07bd7024c67c09fc781b9cd656ab847ffd030926bc0c46deb2392e46aee05e2064d8c74775e97144f97732211206b7293543e903eb7d7214a0dbc8fcd50fd54b1f573ca95f1c859da693bc445592c06c404bc7b4c613fd838acb4b068bf1140845392344c17b59a0162112a5a9dddf5ba0c144fb803e503871b8431c0d6481a84689520b15b413ff131b3e8b5c9cbd1b415de6f9a18104b459e03e97e8c9f7fe78094a7cf357090ef50408c06f170b8e34b623e207e8a4d6dbf4978f0a031d429fb98fdb17afe07744648c9af5e704913657dbf4509ac7e30daa28d850790c79c9a764246118edeef172c163dfa1d0825b38a8903d2f52793c89c4acd3a7f7efa66d7cc647c7f11644792f7e80ba44ef55e6edb4dde25d0138a5516185d69ffdf99c7837856469804f0bdeb52cdb8270beea0562a79cd3d5fb5f7789f7513ef8ea5227baa32bc60c32acf8df33cdadc4957601fc0992fff0d7470e0924a432130351934ca7e58cbc977c0a0d8f911d7080acbdfbf40484c5362453d2bb42d3f2ab4f661068fdfd7774fd12785d68ec2ca128fa5fdc2b5830d8c3531528f99bb01cb9ac540374500d38c599fc365e33ec76533ef2b76d76b6fb92becdbe9273ff490391ca659f4f4dcd1fc2dfc7aec5bb0f994d8e43025f346a9a0c87e6888f3d43cdbec71b662d6f0ad7d9106c0db224c43e305bd3d39073d29134b6630959b312706b024381026bf8c24bd2bc470926f2bd56c75734f6e21c7dc4b2afbded7346dedc58b55ca9fe02802a98995c68ebc6d650f314d2142b642c73dce210def934da475934d5463ad9f4f16898dcce998884f13f463000f5c16b9c4f8727a9a582059ad868139f681c742d64b4b9143f260c785f48eec44ef5c5b2a8ededb1825947f433d575598e3c784575d9727c09468443419deb029e433de9e77822a40b83edc2497c61c8fec49517b8a7e955ebfbd46e7267f0f7eac883cc25ed4a568915a9a7f06e110d8cd80e3858ab9dee24b08e0f1208b5c7c106102bd03449470c4451a4534256f1624fa9155924a393c08b2ab76058101a774f496fb1da640c2a2e1eab33a2ecd29577db51a3cd6e879e79466262eae867de60904155e5c98998e082986e7737ac3b56a908ba99b44f23cb12d32ce38d4fb7982b588b0195d622833afab20c02c105ae3580438eb2a32a21ed7a8488974e72b4ae91c51080bc7507055b38f74756556ee0da1d09cc06ff9c6fba68bab524c80d7dd5a33b44a70dcbae440db3b27f035ac47aef84706e706c5eaaabd0b94b54edb4024cd7187b566b6e4ef66d63f7353b4c1d1db515f7497195d9dbec6c52a045c2ae3c5cea0c593d9f211657f4bd9f56d2815bb6facad725d3959c04f2d633b13bd0f3ab7f909964169e7800062d3cbe188879492075f8353eb1808e9a87da35a2be4e52c053b08a378ebad4b82d533ce93596000e40828d5d0152911993ce2826a91046415dd0a20b00c8023a3634fe336018f4ab8499322e00db60c67c16c55320ef3328e192e189e9ee8310ec5a8f713bc488b3baaa50c386de959c869396e2ebe35ce875c5aa9cffbe158b034744f0714e1c19b7af325ddcb26dee2962c3239389cae73f5dce68b87fc564b3274838067f0fa4307de42c9168dfc7ede32fce915d006379a34ab3b7ef7116f42549df1c9b29a5b1f3eb5cad95367e59b8a0d79b94355ecb795f1c6e41ff7bc46f14633752e571192265b5ee7a052c33a355197b7f49788d242f1a077b115e7112bc06a1ba761788d72db7583c630294707a980ff0abfd2bf9d607882de247995c7f5d6b6627b8ac5f94f8a9f6bbdc92e5d7090f12e06687662c255d7f739ea66bdc508f44ae24660e5ea12d197dc9fb4c451a0394524bb7c8eae68143326238bbbfeabc5592d6f96ccd98ea320ead982b93ff23062894ede8b8fbf739bb68320e7ef886b951e476ff0c0d0fdaa68d6973d79646571795b29831dacc43fa1a29800bcbde3d3e1a1b0a70a195abfd151c4b42a0b31804e5c6b3a8eede9d6ba0cd8c18b012101fa39dab90b5483086cf99a8c3dba43d2bd61ab909369594dc8cc3b8a97ae495504c5e67d9098519072443d1ecfa1672a79c7ee4d0b9b3923c743f9e67cff90fefa7e8f972d9b5d83"}, {0x10, 0x107}, {0xb0, 0x84, 0x6, "4f7df1f1d89b8403411e9feb60f01fb696be9b86864c61dbb4dad39c1c1627259d26797bd443ac43ebdda24fd292d1fab06a954cd934cc4d843ed07ac671fddca4c6e6e6e291f15f68773a45c43ceea2bf0d514c995331479177b45ca5e98434f365a351808ccfaafb5290a0cd50214dcb257a737af4b029c2ef4c632b63d0a6630eed33cbb11562facfc945a8018bcd96fabbc7e653bcbbf8027773"}, {0x170, 0x6, 0x5, "dcb9a06de994529b046d3855d16d5f9038305ef96ec4cf4bf8c9faa2cc091894a7dba4b9c09e3692616d80a63016212936a1a576f5d092cf963695b23bd3ac926ff2881fd3dd3497d1e74e55940e301d433ea12e8a7581bfb13e21c85b9edf1e2e05eb40c4256707f396956779fdd30042e3f0cc0f333d7ae3e9adf6cc7413cd2c0e36c8e6e3977ca524d15db917d298c3fb42b814164ce4f49e0c219f48fca59577716bbcbc9c450c7c2562c6c4e42ff9b7d11d7de13ec7599abef3390a349d236f9bb02bab46cb6f160be03ca272642dc00290771badbf186ba6519db5775e89f3321e0d99f924de84f9c7a857e8c8eb65504f39aef849dd0b9a849237e6978dc6bf0a36cf5adf5437f846545386b19eb351dde74efac3155f96bb727d319e31dac85fb52ba7a32d997aa1ace563d766f9a059e3cbcfb6e0bed9ba341efff7e3437a6601f6f294c9d0104ebe8f56b5ff688d145d8e2107553393"}], 0x1240}}], 0x1, 0x4040041) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000001500)=[@textreal={0x8, 0x0}], 0x1, 0x0, &(0x7f0000001540)=[@cr4={0x1, 0x102120}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1m57.295576995s ago: executing program 4 (id=143): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x11) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000005c0)) pwritev2(r0, 0x0, 0x0, 0x2fff, 0x0, 0x4) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) 1m55.688704056s ago: executing program 4 (id=152): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[], 0xfc}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000240)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x100}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80000}}, {@quota}]}, 0x1, 0x4ff, &(0x7f0000000ac0)="$eJzs3cFvG1kZAPDPTpw4aXaTXfYACHbL7kJBVZ3E3Y1We4DlhBBaCbFHkNqQuFEUO45ipzShh/TMFYlKnODIH8C5J+5cENy4lANSgQjUIHEwmvEkdVO7iZrEzsa/nzSa9+ZN/L3XdN6rvyZ+AQytqxGxGxFjEXE7Iqaz67nsiE/aR3Lf0737S/t795dy0Wp99s9c2p5ci46vSVzJXrMYET/6XsRPcy/GbWzvrC1Wq5XNrD7brG3MNrZ3bqzWFlcqK5X1cnlhfmHuo5sfls9srO/UxrLSVx//cfdbP0+6NZVd6RzHWWoPvXAYJzEaET84j2ADMJKNZ2zQHeGV5CPizYh4N33+p2Mk/W4CAJdZqzUdrenOOgBw2eXTHFguX8pyAVORz5dK7RzeWzGZr9Ybzet36lvry+1c2UwU8ndWq5W5LFc4E4VcUp9Py8/q5SP1mxHxRkT8cnwirZeW6tXlQf7DBwCG2JUj6/9/xtvrPwBwyRUH3QEAoO+s/wAwfKz/ADB8rP8AMHza6//EoLsBAPSR9/8AMHys/wAwVH746afJ0drPPv96+e721lr97o3lSmOtVNtaKi3VNzdKK/X6SvqZPbXjXq9ar2/MfxBb92a+vdFozja2d27V6lvrzVvp53rfqhTSu3b7MDIAoJc33nn0l1yyIn88kR7RsZdDYaA9A85bftAdAAZmZNAdAAbGbl8wvE7xHl96AD7vuuzN202x2y8ItVqt1jl0CeiPa1+S/4dh1ZH/91PAMGTk/2F4yf/D8Gq1cifd8z9OeiMAcLHJ8QM9fgzgzez8u+w/B36yfPSOh+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwWETNRyN1ZrVbmIuL1iPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3+1HNNb185LI5FxM9+/dmv7i02m5t/ihjL/Wv84HrzYXa93P/eAwDHO1in03PHG/mne/eXDo5+9ufJdyOi2I6/vzcW+4fxR2M0PRejEBGT/85l9bZcR+7iNHYfRMQXu40/F1NpDqS98+nR+Ens1/oaP/9c/Hza1j4nfxZfOIO+wLB5lMw/n3R7/vJxNT13f/6L6Qx1etn8l7zU0n46Bz6LfzD/jfSY/66eNMYHf/h+uzSRffGz3Z6fPIj48mjEQez9jvnnIH6uR/z3Txj/r195+91eba3fRFyL7vE7Y802axuzje2dG6u1xZXKSmW9XF6YX5j76OaH5dk0Rz3bezX4x8fXX+/Vlox/skf84jHj//oJx//b/93+8ddeEv+b73WLn4+3XhI/WRO/ccL4i5O/L/ZqS+Iv9xj/cd//6yeM//hvOy9sGw4ADE5je2dtsVqtbCooXPxC8lf2AnSja+E7/Yo1Ft2bfvFe+5k+0tRqvVKsXjPGWWTdgIvg8KGPiP8OujMAAAAAAAAAAAAAAEBX/fiNpUGPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMvr/wEAAP//M+fPJQ==") prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0xf6272000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) quotactl$Q_GETQUOTA(0xffffffff80000700, &(0x7f0000000140)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000001040)) 1m50.445972733s ago: executing program 4 (id=154): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f00000000c0)=0xfa0, 0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000740), 0x80001, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r3 = syz_kvm_setup_syzos_vm$x86(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$x86(r3, &(0x7f0000000000)={0x0, 0x0}) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000040)) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f0000000040)) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000240)) 1m49.854008025s ago: executing program 4 (id=155): syz_usb_connect(0x3, 0x48, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x79c, &(0x7f00000007c0)="$eJzs3c9rXNUeAPDvnSSdJu17yYMH7/WtAg80UDoxNbYKLuJKBAsFXduGyTTUTDIlMylNyKJFBDeCigtBN137oy4Et/5YuNH/woW0VE2LFRcSufOjmSYz6SRNZir5fODOnHPPvXPOd879cWbmcieAA2s0fchEHIuId5KI4fr8JCIGqqn+iKnacvfWVvPplMT6+iu/JNVl7q6t5qNpndSReua/EfHNmxHHM1vrLS+vzE0Xi4XFen68Mn9pvLy8cuLi/PRsYbawcGpicvLk6WdOn9q7WH/7YeXorXdffPKzqT/e+M+Nt79N0sCu1sqa49grozFaf08G0po2DO91Tb2X9LoB7Eq6a/bV9vI4FsPRV021MdjNlgEA+2UdADiAEmMAADhgGt8D3F1bzTem3n4j0V23X4iIw7X4G79v1kr6YyqyaWFfmhu6mzzwy0gSESN7UP9oRHz05WufpFPU+8FvaUA3XL0WEedHRrce/5MHr1nYhae2K1zPVp9GN80+aOcf6KWv0vHPs63Gf5n6/n+4+rh5/JNtse/uxsP3/8zNzet89+oeVFyXjv+eb7q27V5T/HUjffXcP6pjvoHkwsViIT22/TMixmIgm+Ynqou2HrmN3fnzTrv6m8d/v773+sdp/enzxhKZm/3ZB9eZma5MP2rcDbevRfyvv1X8yf3+T9qMf892WMdLz731YbuyNP403sa0Nf7Wvuiw7odZvx7xRMv+3+jLZNvrE8erm8N4Y6No4fMfPxhqV39z/6dTWn/js0A3pP0/tH38I0nz9Zrlndfx/fXhr9uVPTz+1tv/oaR2EDhUn3dlulJZnIg4lLy8df7JjXUb+cbyafxj/2+9/9eqbb39D6TDpg7j77/186e7j39/pfHP7Kj/d564cW+ur139beJv6vG0/yerqbH6nE6Of5028FHeOwAAAAAAAAAAAAAAAAAAAAAAAADoVCYijkaSyd1PZzK5XO0/vP8dQ5liqVw5fqG0tDCTllXvf5pp3OpyuOl+qBP1++E38ic35Z+OiH9FxPvZwWo+ly8VZ3odPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWnz//+pn7K9bh0AsG8O97oBAEDXOf8DwMGzs/P/YFN6as/bAgB0h8//AHDwdHz+P7+/7QAAusfnfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPbZ2TNn0mn997XVfJqfuby8NFe6fGKmUJ7LzS/lc/nS4qXcbKk0Wyzk8qX5ti90tfZULJUuTcbC0pXxSqFcGS8vr5ybLy0tVM5dnJ+eLZwrDHQtMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoXHl5ZW66WCwsSmybGNzTF8z+7d/5/ngsmiGxb4nmo8Rg7w5QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+5vwIAAP//BeYuJQ==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x5452, &(0x7f0000006980)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) renameat2(r0, 0x0, 0xffffffffffffffff, 0x0, 0x5) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) ioctl$BINDER_THREAD_EXIT(0xffffffffffffffff, 0x40046208, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) 1m46.180372585s ago: executing program 4 (id=157): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() ptrace$ARCH_SET_CPUID(0x1e, r0, 0x1, 0x1012) sched_setscheduler(r1, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x84}, [@ldst={0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48) ptrace$PTRACE_GETSIGMASK(0x420a, r0, 0x8, &(0x7f0000000200)) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r4 = syz_io_uring_setup(0x31c7, &(0x7f0000000140)={0x0, 0x0, 0x2}, &(0x7f00000001c0), &(0x7f00000005c0)) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x345f, &(0x7f0000000340)={0x0, 0x8933, 0x27, 0x2, 0x0, 0x0, r4}, &(0x7f00000002c0), &(0x7f0000000300)) 1m29.191417988s ago: executing program 34 (id=157): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() ptrace$ARCH_SET_CPUID(0x1e, r0, 0x1, 0x1012) sched_setscheduler(r1, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x84}, [@ldst={0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48) ptrace$PTRACE_GETSIGMASK(0x420a, r0, 0x8, &(0x7f0000000200)) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r4 = syz_io_uring_setup(0x31c7, &(0x7f0000000140)={0x0, 0x0, 0x2}, &(0x7f00000001c0), &(0x7f00000005c0)) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x345f, &(0x7f0000000340)={0x0, 0x8933, 0x27, 0x2, 0x0, 0x0, r4}, &(0x7f00000002c0), &(0x7f0000000300)) 44.726121387s ago: executing program 2 (id=231): r0 = syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x20, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x100000, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) getpid() r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000100)={@multicast1, @dev={0xac, 0x14, 0x14, 0xf}, @multicast1}, 0xc) ioctl$TIOCMBIS(0xffffffffffffffff, 0x5416, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x2}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) timer_create(0x0, &(0x7f0000000180)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=0x0) timer_settime(r3, 0x0, &(0x7f0000000340)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) clock_nanosleep(0x9, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15) r4 = dup(r1) write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[], 0xb0) 44.309475544s ago: executing program 2 (id=232): socket$nl_route(0x10, 0x3, 0x0) openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x0, 0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f00000000c0)=[{0x30, 0x2, 0x0, 0xfffff034}, {0x6}]}, 0x10) sendmmsg(r0, &(0x7f0000000180), 0x4000190, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8) 43.654397471s ago: executing program 2 (id=233): r0 = socket(0x400000000010, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000feffffff0000000000040000851000000200000085000000230000009500000000000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x727c45cd4283345, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_tables_names\x00') bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r2, 0x25, 0x0, @void}, 0x10) syz_emit_ethernet(0x22, &(0x7f00000001c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x84, 0x0, @empty, @broadcast}}}}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x38, 0x24, 0x800, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xc, 0xfff3}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x53, 0x2, [@TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x4}]}}, @TCA_EGRESS_BLOCK]}, 0x38}}, 0x4c840) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000077c0)=@newtfilter={0x24, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xfff3, 0xfff3}, {0x1, 0xfff3}, {0x2, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20041090}, 0x0) 43.274275744s ago: executing program 2 (id=236): mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) mount$bind(&(0x7f0000000100)='\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x40000, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) unshare(0x20040600) flistxattr(0xffffffffffffffff, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file1\x00', 0x1c0) landlock_create_ruleset(&(0x7f00000002c0)={0x1}, 0x18, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) r0 = fsopen(&(0x7f0000000080)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x8) r2 = openat$cgroup(r1, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f0000000400)='cgroup.kill\x00', 0x275a, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12) 40.623297396s ago: executing program 2 (id=240): syz_usb_connect(0x3, 0x48, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x79c, &(0x7f00000007c0)="$eJzs3c9rXNUeAPDvnSSdJu17yYMH7/WtAg80UDoxNbYKLuJKBAsFXduGyTTUTDIlMylNyKJFBDeCigtBN137oy4Et/5YuNH/woW0VE2LFRcSufOjmSYz6SRNZir5fODOnHPPvXPOd879cWbmcieAA2s0fchEHIuId5KI4fr8JCIGqqn+iKnacvfWVvPplMT6+iu/JNVl7q6t5qNpndSReua/EfHNmxHHM1vrLS+vzE0Xi4XFen68Mn9pvLy8cuLi/PRsYbawcGpicvLk6WdOn9q7WH/7YeXorXdffPKzqT/e+M+Nt79N0sCu1sqa49grozFaf08G0po2DO91Tb2X9LoB7Eq6a/bV9vI4FsPRV021MdjNlgEA+2UdADiAEmMAADhgGt8D3F1bzTem3n4j0V23X4iIw7X4G79v1kr6YyqyaWFfmhu6mzzwy0gSESN7UP9oRHz05WufpFPU+8FvaUA3XL0WEedHRrce/5MHr1nYhae2K1zPVp9GN80+aOcf6KWv0vHPs63Gf5n6/n+4+rh5/JNtse/uxsP3/8zNzet89+oeVFyXjv+eb7q27V5T/HUjffXcP6pjvoHkwsViIT22/TMixmIgm+Ynqou2HrmN3fnzTrv6m8d/v773+sdp/enzxhKZm/3ZB9eZma5MP2rcDbevRfyvv1X8yf3+T9qMf892WMdLz731YbuyNP403sa0Nf7Wvuiw7odZvx7xRMv+3+jLZNvrE8erm8N4Y6No4fMfPxhqV39z/6dTWn/js0A3pP0/tH38I0nz9Zrlndfx/fXhr9uVPTz+1tv/oaR2EDhUn3dlulJZnIg4lLy8df7JjXUb+cbyafxj/2+9/9eqbb39D6TDpg7j77/186e7j39/pfHP7Kj/d564cW+ur139beJv6vG0/yerqbH6nE6Of5028FHeOwAAAAAAAAAAAAAAAAAAAAAAAADoVCYijkaSyd1PZzK5XO0/vP8dQ5liqVw5fqG0tDCTllXvf5pp3OpyuOl+qBP1++E38ic35Z+OiH9FxPvZwWo+ly8VZ3odPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWnz//+pn7K9bh0AsG8O97oBAEDXOf8DwMGzs/P/YFN6as/bAgB0h8//AHDwdHz+P7+/7QAAusfnfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPbZ2TNn0mn997XVfJqfuby8NFe6fGKmUJ7LzS/lc/nS4qXcbKk0Wyzk8qX5ti90tfZULJUuTcbC0pXxSqFcGS8vr5ybLy0tVM5dnJ+eLZwrDHQtMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoXHl5ZW66WCwsSmybGNzTF8z+7d/5/ngsmiGxb4nmo8Rg7w5QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+5vwIAAP//BeYuJQ==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x5452, &(0x7f0000006980)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) renameat2(r0, 0x0, 0xffffffffffffffff, 0x0, 0x5) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x50) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) ioctl$BINDER_THREAD_EXIT(0xffffffffffffffff, 0x40046208, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) 37.227123412s ago: executing program 2 (id=244): bpf$ENABLE_STATS(0x20, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x16, 0xd, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000ff7f00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000ff0000008500000082000000850000000500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 19.965629458s ago: executing program 35 (id=244): bpf$ENABLE_STATS(0x20, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x16, 0xd, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000ff7f00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000ff0000008500000082000000850000000500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 18.533596583s ago: executing program 3 (id=260): mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) mount$bind(&(0x7f0000000100)='\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x40000, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) unshare(0x20040600) flistxattr(0xffffffffffffffff, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file1\x00', 0x1c0) landlock_create_ruleset(&(0x7f00000002c0)={0x1}, 0x18, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) r0 = fsopen(&(0x7f0000000080)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x8) r2 = openat$cgroup(r1, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f0000000400)='cgroup.kill\x00', 0x275a, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12) 18.21332027s ago: executing program 3 (id=261): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r1}, 0xc) 17.952687763s ago: executing program 3 (id=262): r0 = fanotify_init(0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x2) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) fanotify_mark(r0, 0x41, 0x8000038, r1, 0x0) 17.641648761s ago: executing program 3 (id=263): syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000340)=ANY=[], 0x1, 0x489, &(0x7f0000000580)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO") mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x49) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]}) syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f00000001c0)='./file1\x00', 0x10, &(0x7f0000000040)=ANY=[], 0x1, 0x6c1, &(0x7f00000003c0)="$eJzs3U9sHFcdB/DvbJx1NqDEbdM0IKRajVRBIxI7q5IgITUghHKIUFQuvVqJ01hx0spxkVshsgEKEidOqAcORcgcekIIIZUTopyRkLhw8j0SNw45AItmdna9tjeO3cRZt/18pPF7s2/ee7/5Zf7srh1NgM+si6/lYCdFLp66tFKur622F9dW2zf79SSTSRrJRK9I0UqKj5IL6S35QvliPVzxoHlevvdhMfHeB+3e2kS9VNs3tuu3xcgtO8mhwcqBJNO96n92POyW8aqlGufK+ng7MDnitWIQd5mwk/3Ewbh1t+isNzYe2n3n5y2wb93p3Te3mEoOp3d3re5s9dXh4VeG8Tg6VN/22tTZ+1gAAABgr438LD/s6P3cz0qOPJlwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NOh6D0zsFU/N7/RK1/NdIr+8/+bQ8/Ub4453Ef07rWqePXouAMBAAAAAAAAgEfy/P3cz0qO9Ne7RfU7/xeqlWPVz8/lrdzOfJZyOiuZy3KWs5TZJFNDAzVX5paXl2a39vxlyp7dbvdO3fPsoGf/rwfKnmc3xtXZHOiovzTYshEAAAAAAAAAfGb9KBfXf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7QZEc6BXVcqxfn0pjIsmhJM1ierB5c6zBPgZ/HncAAAAAsPdadXmk+F+v0i2qz/zHq8/9h/JWbmU5C1nOYuZztfouoPepv/H3TntxbbV9s1y2DvzNf+0qjmrE9L57GD3zTLXFs4MeF/OdfC+nMp3LWcpCvp+5LGc+0/l2VZtLkan624uptdVW+rFujffChrXLm2N7fqhexneiiqSVa1moYjudK81+6I16uxNDs/2xmWya8W6ZneKV2g5zdLUuyz36RV3uD1PVnh8cZGSmzn2ZjaeG874197s8TjbPNJvG4DuoY2ur7SLp1KubZ/pYOT9cl2Wuf7q3Od/lV2kbM9H5ebnWP/qOb5/z5Cv/+Mvl641bN65fu31q/xxGH9PmY6I9lInndpSJxTITnUfIxKFHif/xadbZ6F1Fd3e1fKHqeyQL+W7eyNXM51xmMpvzmcnXczbtnB3K67Pb57U61xq7O9dOfrmulPeknw3dm56YyQc1lHl9aiivw1e6qapt+JX1LD29gywVzYzO0j9HhjLxxbpSzvHjoTvO+G3IxGSqa3M/ume2z8Sv/9tNcnvx1o2l63Nv7nC+F+uyPG3f3Xht/s1j2aHdq3e3PF6eLv+x0rttDB8dZdsz/bYNR85s1XZs0LbxPtdspjqfe20PO1PLkY7fHTVSr+25kbO0q7YTQ20b3uXkjSwO3oUAsI8dfulws3Wv9bfW+62ftK63Lh361uT5yS81c/CvE3868LvGbxvfKF7K+/lhjow7UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS4/fY7N+YWF+eX9mEljcc84N2RTf1U9F5p7o99/6RWJrc7on6fZJvuzXHE3EqyL1KXiScw12RGNF0avNJKGoN4ktzYJw+4A/bCmeWbb565/fY7X124Off6/Ovzt86eP/fKufbXZu+cubawOD/T+znuKIG9sP42YNyRAAAAAAAAAAAAADv1JP57w4hpi84Y9hUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ZLr4Wg52UmR25vRMub622l4sl359fcuJJI0kxQ+S4qPkQnpLpoaGK4bHLrrr9ZfvffirF9/7oL0+1kR/+8amfn/4d7e7y73o1Eumkxyoy6RZN7ce0G1yR+NdKcvPrzfsXjHYwzJhJ/uJg3H7fwAAAP//VngE7g==") sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, 0x0, 0x40) fdatasync(r0) 16.731390479s ago: executing program 3 (id=264): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001100)='fdinfo/4\x00') fsopen(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x3000) r3 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000) pread64(r1, &(0x7f0000002140)=""/17, 0x11, 0x0) 16.071180307s ago: executing program 3 (id=265): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000880)={[{@nouid32}, {@nodioread_nolock}, {@noquota}, {@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x9}}, {@nodioread_nolock}]}, 0x1, 0x5a3, &(0x7f00000002c0)="$eJzs3T1sG3UbAPDnznHTj7xv+krvK72gDhUgFamqk/QDClO7IipV6oDEApHjRlWcuIodaKJIpHuF6IAAdSkbDIwgBgbEwsjKwseMVNEIpKYDGDk+p2nqFCfEMcS/n3TJ/3939vP8fX7OvtOdHEDfOtr4k0Y8EREXk4jhdcsGIlt4tLneyvJi8f7yYjGJev3Sz0kkEXFvebHYWj/J/h+KiKWI+H9EfJWPOJ6uPeW+VqM6vzA1Xi6XZrP+SG366kh1fuHElenxydJkaebU8y+cOXv6zNjJsfXp3q+v7+W3NtYb3998+8Y3L92++fEnR5aK744ncS6GsmXrx7GTmq9JPs5tmH+6G8F6KOl1AmxLLqvzRin9L4Yjl1V9O/X1O4fBXUkP6KL6YER9zbom0AcSRQ99qvU9oHH825p28/vHnfPNA5BG3JXlxeJb0Yo/0Dw3EftXj00O/pI8dGTSON48vJuJsictXY+I0YGBR9//Sfb+277RnUiQrvryfHNDPbr907X9T7TZ/wy1zp3+Ra3930q2/1tpEz+3yf7vYocxfnv1xw82jX99MJ5sGz9Zi5+0iZ9GxOsdxr/1yudnN1tW/zDiWLSP35I8/vzwyOUr5dJo82/bGF8cO/Li5uOPOLhJ/OY52/2riawf/74sp7TD8X/29adPLT0m/rNPP377t3v9D0TEOx3G/8+9j17ebNmd68ndxreArW7/JPJxu8P4z507+l3WdNYQAAAAAAAAAAB2ULp6LVuSFtbaaVooNO/h/W8cTMuVau345crczETzmrfDkU9bV1oNN/tJoz+WXY/b6p/c0D+VywLmDqz2C8VKeaLHYwcAAAAAAAAAAAAAAAAAAIC/i0Mb7v//Nbd6///Gn6sG9qrNf/Ib2OvUP/Svh+s/6VkewO7z+Q99q67+oX+pf+hf6h/6l/qH/tW2/g/sfh7A7vP5D/1L/QMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChMdXvLy8WG/2Jgfm5qcobJyZK1anC9FyxUKzMXi1MViqT5VKhWJn+s+dLKpWrozEzd22kVqrWRqrzC69NV+ZmWr8pWsp3fUQAAAAAAAAAAAAAAAAAAADwzzO0OiVpISLf7KdpoRDxr4g4nERy+Uq5NBoR/46Ib3P5wUZ/rNdJAwAAAAAAAAAAAAAAAAAAwB5TnV+YGi+XS7PdawxkoTp71A+1ruYzsJWVI2JpZ9NoPOOWH5XPXsDubqY+aeQ6fB/2faOHOyUAAAAAAAAAAAAAAAAAAOhTD2767fQRv3c3IQAAAAAAAAAAAAAAAAAAAOhL6U9JRDSmY8PPDG1cui9Zya3+j4g3b11679p4rTY71ph/d21+7f1s/sle5A90qlWnaUQ06hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4oDq/MDVeLpdmt9kY7GCdXo8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDv+CAAA//9bQM66") r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x183042, 0x15) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x80) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r4 = getpid() sched_setscheduler(r4, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) sched_setscheduler(0x0, 0x2, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x3000) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f00000003c0)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="280000001400090a0000000000000000021f4800", @ANYRES32=r5, @ANYBLOB="08000200e4d4c21e080008004c06"], 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) sendmsg$nl_route_sched(r2, 0x0, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xe7c) r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104) fallocate(r6, 0x8, 0x4000, 0x4000) 15.23906921s ago: executing program 36 (id=265): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000880)={[{@nouid32}, {@nodioread_nolock}, {@noquota}, {@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x9}}, {@nodioread_nolock}]}, 0x1, 0x5a3, &(0x7f00000002c0)="$eJzs3T1sG3UbAPDnznHTj7xv+krvK72gDhUgFamqk/QDClO7IipV6oDEApHjRlWcuIodaKJIpHuF6IAAdSkbDIwgBgbEwsjKwseMVNEIpKYDGDk+p2nqFCfEMcS/n3TJ/3939vP8fX7OvtOdHEDfOtr4k0Y8EREXk4jhdcsGIlt4tLneyvJi8f7yYjGJev3Sz0kkEXFvebHYWj/J/h+KiKWI+H9EfJWPOJ6uPeW+VqM6vzA1Xi6XZrP+SG366kh1fuHElenxydJkaebU8y+cOXv6zNjJsfXp3q+v7+W3NtYb3998+8Y3L92++fEnR5aK744ncS6GsmXrx7GTmq9JPs5tmH+6G8F6KOl1AmxLLqvzRin9L4Yjl1V9O/X1O4fBXUkP6KL6YER9zbom0AcSRQ99qvU9oHH825p28/vHnfPNA5BG3JXlxeJb0Yo/0Dw3EftXj00O/pI8dGTSON48vJuJsictXY+I0YGBR9//Sfb+277RnUiQrvryfHNDPbr907X9T7TZ/wy1zp3+Ra3930q2/1tpEz+3yf7vYocxfnv1xw82jX99MJ5sGz9Zi5+0iZ9GxOsdxr/1yudnN1tW/zDiWLSP35I8/vzwyOUr5dJo82/bGF8cO/Li5uOPOLhJ/OY52/2riawf/74sp7TD8X/29adPLT0m/rNPP377t3v9D0TEOx3G/8+9j17ebNmd68ndxreArW7/JPJxu8P4z507+l3WdNYQAAAAAAAAAAB2ULp6LVuSFtbaaVooNO/h/W8cTMuVau345crczETzmrfDkU9bV1oNN/tJoz+WXY/b6p/c0D+VywLmDqz2C8VKeaLHYwcAAAAAAAAAAAAAAAAAAIC/i0Mb7v//Nbd6///Gn6sG9qrNf/Ib2OvUP/Svh+s/6VkewO7z+Q99q67+oX+pf+hf6h/6l/qH/tW2/g/sfh7A7vP5D/1L/QMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChMdXvLy8WG/2Jgfm5qcobJyZK1anC9FyxUKzMXi1MViqT5VKhWJn+s+dLKpWrozEzd22kVqrWRqrzC69NV+ZmWr8pWsp3fUQAAAAAAAAAAAAAAAAAAADwzzO0OiVpISLf7KdpoRDxr4g4nERy+Uq5NBoR/46Ib3P5wUZ/rNdJAwAAAAAAAAAAAAAAAAAAwB5TnV+YGi+XS7PdawxkoTp71A+1ruYzsJWVI2JpZ9NoPOOWH5XPXsDubqY+aeQ6fB/2faOHOyUAAAAAAAAAAAAAAAAAAOhTD2767fQRv3c3IQAAAAAAAAAAAAAAAAAAAOhL6U9JRDSmY8PPDG1cui9Zya3+j4g3b11679p4rTY71ph/d21+7f1s/sle5A90qlWnaUQ06hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4oDq/MDVeLpdmt9kY7GCdXo8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDv+CAAA//9bQM66") r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x183042, 0x15) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x80) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r4 = getpid() sched_setscheduler(r4, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) sched_setscheduler(0x0, 0x2, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x3000) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f00000003c0)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="280000001400090a0000000000000000021f4800", @ANYRES32=r5, @ANYBLOB="08000200e4d4c21e080008004c06"], 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) sendmsg$nl_route_sched(r2, 0x0, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xe7c) r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104) fallocate(r6, 0x8, 0x4000, 0x4000) 7.456395299s ago: executing program 5 (id=272): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001100)='fdinfo/4\x00') fsopen(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x3000) r3 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000) pread64(r1, &(0x7f0000002140)=""/17, 0x11, 0x0) 5.467575193s ago: executing program 5 (id=273): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20000004}, 0x4001010) r1 = dup(r0) bind$unix(r1, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e) 4.34884372s ago: executing program 6 (id=274): prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000) r2 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000040)=0x3) syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x14b000) syz_open_dev$sndpcmp(&(0x7f0000000440), 0x0, 0x0) 3.332708829s ago: executing program 6 (id=275): mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) mount$bind(&(0x7f0000000100)='\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x40000, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) unshare(0x20040600) mount$tmpfs(0x0, &(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240), 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file1\x00', 0x1c0) landlock_create_ruleset(&(0x7f00000002c0)={0x1}, 0x18, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) r0 = fsopen(&(0x7f0000000080)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x8) r2 = openat$cgroup(r1, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f0000000400)='cgroup.kill\x00', 0x275a, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12) 3.162629474s ago: executing program 6 (id=276): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f00000000c0)={'syztnl0\x00', 0x0, 0x4, 0x9, 0x8, 0x4, 0x1, @mcast2, @dev={0xfe, 0x80, '\x00', 0x20}, 0x7, 0x7f10, 0x401, 0x9}}) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)={0x2c, r1, 0x1, 0x70bd2d, 0x259fdbfd, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x408c0}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@orlov}, {@data_err_ignore}, {@grpquota}, {@abort}, {@resgid}, {@bh}, {@nouid32}], [{@seclabel}, {@hash}, {@audit}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}]}, 0x1, 0x56d, &(0x7f0000000880)="$eJzs3c9rXEUcAPDv22z6uzaFUlREAj1Yqd00iT8qeKhH0WJB73VJXkPJpluym9LEgu3BXrxIEUSsiHe9eyz+A/4VBS0UKUEPXiJv8zZNk9383Dap7/OBV2Z23mbed+fNdGZnlw2gsAazf0oRL0XE10nEkYhI8rJy5IWDi+fNP7oxlh1JLCx88lfSOi/Lt/9W+3kH88yLEfHblxGnSqvrbczOTVZrtXQ6zw81p64ONWbnTl+eqk6kE+mVkdHRs2+Njrz7ztubimfvGmWvX/jnu4/vfXD2qxPz3/7y4OidJM7FobxseRzbcHN5ZjAG89ekP86tOHG4B5XtJslOXwBb0pf38/7IxoAj0Zf3euD/74uIWAAKKtH/oaDa84D22r5H6+DnxsP3FxdAq+MvL743Evtaa6MD88kTK6NsvTvQg/qzOn798+6d7IjevQ8BsK6btyLiTLm8evxL8vFv685s4JyVdRj/4Nm5l81/3ug0/yktzX+iw/znYIe+uxXr9//Sgx5U01U2/3uv4/x3adNqoC/PHW7N+fqTS5draTa2vRARJ6N/b5Zfaz/n7Pz9hW5ly+d/2ZHV354L5tfxoLxiU2u82qxuJ+blHt6KeLnj/DdZav+kQ/tnr8eFDdZxPL37arey9eN/uhZ+initY/s/3tFK1t6fHGrdD0Ptu2K1v28f/71b/Tsdf9b+B9aOfyBZvl/b2HwdP+77N+1W9kT88UT8Pyye0fn+35N82krvyR+7Xm02p4cj9iQfrX585PFz2/n2+Vn8J0+sPf51uv/3R8RnG4z/9rGfX1kr/vY6fKfaf3xT7b/5xP0PP/++W/3r3P/lxfZ/s5U5mT+4kfFvoxe4zZcPAAAAAAAAdpVSRByKpFRZSpdKlcri5zuOxYFSrd5onrpUn7kyHq3vyg5Ef6m9031k2echhvPPw7bzIyvyoxFxNCK+6dvfylfG6rXxnQ4eAAAAAAAAAAAAAAAAAAAAdomDXb7/n/mjb6evDnjq/OQ3FNe6/b8Xv/QE7Er+/4fi0v+huPR/KC79H4pL/4fi0v+huPR/KC79HwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrqwvnz2bEw/+jGWJYfvzY7M1m/dno8bUxWpmbGKmP16auViXp9opZWxupT6/29Wr1+dXgkZq4PNdNGc6gxO3dxqj5zpXnx8lR1Ir2Y9j+TqAAAAAAAAAAAAAAAAAAAAOD50pidm6zWaun0NhJJbOvpRU8cjl1xGVtNlHfHZUj0OLHTIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPZfAAAA///wGTUB") syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000740)={[{@test_dummy_encryption}, {@i_version}, {@noblock_validity}, {@commit={'commit', 0x3d, 0x5}}, {@inlinecrypt}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@abort}, {@auto_da_alloc}, {@lazytime}, {@noauto_da_alloc}, {@block_validity}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) keyctl$session_to_parent(0x12) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x800, 0x0) creat(&(0x7f0000000040)='./bus\x00', 0x8) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) 2.614118692s ago: executing program 5 (id=277): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080), 0xc) 1.965412938s ago: executing program 5 (id=278): r0 = accept$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @initdev}, &(0x7f00000000c0)=0x10) setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0) capget(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x1, 0x5fda, 0x0, 0x19, 0x1140, 0x8}) gettid() timer_settime(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) socketpair(0x1, 0xc, 0x0, &(0x7f0000000000)) ioctl$int_in(r1, 0x5452, &(0x7f0000000080)=0x8) recvmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, 0x0}, 0xffff}], 0x1, 0x2000, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000002000000000000000100000d0000000000000000030000000000000000000001ff000000400000000000000000000003000000000200000002"], 0x0, 0x56}, 0x20) 1.885642255s ago: executing program 6 (id=279): r0 = io_uring_setup(0x220c, &(0x7f0000002a40)={0x0, 0xd168, 0x40, 0x10000003, 0x6f}) io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f0000000000), 0x0) 1.702091631s ago: executing program 6 (id=280): r0 = shmget$private(0x0, 0x4000, 0x4, &(0x7f0000ffc000/0x4000)=nil) fsopen(0x0, 0x0) r1 = getpgrp(0x0) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) openat2$dir(0xffffffffffffff9c, &(0x7f0000001680)='.\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r5 = fsopen(&(0x7f0000000180)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) r6 = fsmount(r5, 0x0, 0x0) fchdir(r6) r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r7, 0xfffffffffffffffd, 0x58) shmat(r0, &(0x7f0000ff9000/0x1000)=nil, 0x5000) 199.644752ms ago: executing program 6 (id=281): prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000) r2 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000040)=0x3) syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x14b000) syz_open_dev$sndpcmp(&(0x7f0000000440), 0x0, 0x0) 189.895593ms ago: executing program 5 (id=282): mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) mount$bind(&(0x7f0000000100)='\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x40000, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) unshare(0x20040600) mount$tmpfs(0x0, &(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240), 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file1\x00', 0x1c0) landlock_create_ruleset(&(0x7f00000002c0)={0x1}, 0x18, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) r0 = fsopen(&(0x7f0000000080)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x8) r2 = openat$cgroup(r1, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f0000000400)='cgroup.kill\x00', 0x275a, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12) 0s ago: executing program 5 (id=283): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'}) r1 = socket(0x10, 0x3, 0x0) r2 = syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000100)='./file0\x00', 0x2a00005, &(0x7f00000002c0)=ANY=[], 0x0, 0x2b7, &(0x7f0000000580)="$eJzs3c9Ka1cUB+Bf1JjoJEI7Kh0cKJSORH2DUCyUBgqWQO3IUJUWI0IEoR1UZ32XPk4foy9QC4Vcridq4s31D3o93vh9EM6Cvdc5aychOwl7JzufHx7sHh3vb3/yT5rNIgvJWf5LkrnMZ+QqSGpZzLizAAAfm62tXrvqGviwBoN2r56k8U5Lt15JQQAAAAAAAAAAADza1PX/58nK2Pr/2ug4Z/0/AMwE6/9n32DQ7i2P3r9N6v5VSUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASc6Hw9bwllvV9QEAT+8x8/+/w9LzVQsAPIXJ+b92lvj8DwCz7nxirq/F9/8AMPt+2P7pu3ans7lVFM3k8M+T7km3PJbt7f38mn72spZW/k+GV8r4m287m2vFhZXsHJ6O8k9PGqMLXOavp5WV6fnrZX4xkd+tZ3n8+htp5dPp+RtT8xfz1Rdj+atp5e+fc5R+dvM29zr/j/Wi+Pr7zo38xkU/AAAAAAAAAAAAAAAAAAAAeA6rxZXJ/fvd+bJ99X3tSeqjk9zv9wFu7K9fyGcLlQ4dAAAAAAAAAAAAAAAAAAAAXozj334/6PX7ewPB7cGXjXt0Xnrae/XyQap67A8Lmrmrz9JLKfVVBMNW+Sx6YHpFL0gAAAAAAAAAAAAAAAAAAPCKXW/6TRarLgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKnL9//8PDn78pTzFnZ2rHiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwOrwJAAD//ypU4JE=") r3 = getpgrp(0x0) syz_kvm_add_vcpu$x86(0x0, 0x0) fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4) setsockopt$packet_int(r4, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4) sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x2, 0x0) r5 = getpid() symlink(0x0, 0x0) sched_setscheduler(r5, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r6 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r6, 0x1, 0x0) prctl$PR_SET_ENDIAN(0x14, 0x0) r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8) gettid() ioctl$FITRIM(r2, 0xc0185879, &(0x7f0000000040)={0x6, 0x100000000, 0xfffffffffffffffc}) write(r1, &(0x7f0000000380)="240000001a005f0400f9f4070009040180202000000001c1cbd4a479eac4876f00000000", 0x24) syz_clone(0x2008400, 0x0, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): 0] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.436884][ T5770] bridge_slave_0: entered allmulticast mode [ 94.444378][ T5770] bridge_slave_0: entered promiscuous mode [ 94.455794][ T5770] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.464614][ T5770] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.472136][ T5770] bridge_slave_1: entered allmulticast mode [ 94.479719][ T5770] bridge_slave_1: entered promiscuous mode [ 94.607617][ T5771] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.615414][ T5771] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.623454][ T5771] bridge_slave_0: entered allmulticast mode [ 94.631364][ T5771] bridge_slave_0: entered promiscuous mode [ 94.642577][ T5770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.657058][ T5770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.667134][ T5769] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.677095][ T5769] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.684708][ T5769] bridge_slave_0: entered allmulticast mode [ 94.692783][ T5769] bridge_slave_0: entered promiscuous mode [ 94.709278][ T5769] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.718728][ T5769] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.728256][ T5769] bridge_slave_1: entered allmulticast mode [ 94.735742][ T5769] bridge_slave_1: entered promiscuous mode [ 94.743806][ T5771] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.752386][ T5771] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.760103][ T5771] bridge_slave_1: entered allmulticast mode [ 94.768146][ T5771] bridge_slave_1: entered promiscuous mode [ 94.864052][ T5770] team0: Port device team_slave_0 added [ 94.884698][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.892312][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.900005][ T5772] bridge_slave_0: entered allmulticast mode [ 94.907973][ T5772] bridge_slave_0: entered promiscuous mode [ 94.936947][ T5771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.947957][ T5770] team0: Port device team_slave_1 added [ 94.956244][ T5771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.972327][ T5769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.983200][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.995348][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.004175][ T5772] bridge_slave_1: entered allmulticast mode [ 95.014829][ T5772] bridge_slave_1: entered promiscuous mode [ 95.059399][ T5769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.096091][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.103699][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.130923][ T5770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.177721][ T5771] team0: Port device team_slave_0 added [ 95.185715][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.193031][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.221184][ T5770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.256535][ T5769] team0: Port device team_slave_0 added [ 95.266886][ T5772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.282511][ T5771] team0: Port device team_slave_1 added [ 95.324974][ T5769] team0: Port device team_slave_1 added [ 95.337295][ T5772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.361373][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.368671][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.395703][ T5771] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.446850][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.457281][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.491080][ T5771] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.522989][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.531912][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.558426][ T5769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.589875][ T5770] hsr_slave_0: entered promiscuous mode [ 95.597208][ T5770] hsr_slave_1: entered promiscuous mode [ 95.608565][ T5772] team0: Port device team_slave_0 added [ 95.618653][ T5772] team0: Port device team_slave_1 added [ 95.631298][ T5779] Bluetooth: hci1: command tx timeout [ 95.631825][ T51] Bluetooth: hci0: command tx timeout [ 95.637173][ T5779] Bluetooth: hci2: command tx timeout [ 95.668027][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.675764][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.702904][ T5769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.711499][ T5779] Bluetooth: hci3: command tx timeout [ 95.735054][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.743373][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.771529][ T5772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.791348][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.798684][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.826131][ T5772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.865087][ T5771] hsr_slave_0: entered promiscuous mode [ 95.874649][ T5771] hsr_slave_1: entered promiscuous mode [ 95.881569][ T5771] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 95.890064][ T5771] Cannot create hsr debugfs directory [ 96.013567][ T5769] hsr_slave_0: entered promiscuous mode [ 96.023100][ T5769] hsr_slave_1: entered promiscuous mode [ 96.031689][ T5769] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.039931][ T5769] Cannot create hsr debugfs directory [ 96.064118][ T5772] hsr_slave_0: entered promiscuous mode [ 96.072381][ T5772] hsr_slave_1: entered promiscuous mode [ 96.080365][ T5772] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.089001][ T5772] Cannot create hsr debugfs directory [ 96.616659][ T5770] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 96.634473][ T5770] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 96.655223][ T5770] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 96.669970][ T5770] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 96.755970][ T5771] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 96.776500][ T5771] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 96.799886][ T5771] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 96.816327][ T5771] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 96.934480][ T5772] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 96.963134][ T5772] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 96.993945][ T5772] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 97.012530][ T5772] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.106796][ T5769] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 97.122602][ T5769] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 97.152461][ T5769] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 97.166621][ T5769] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 97.284232][ T5770] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.302573][ T5771] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.383204][ T5770] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.425411][ T5771] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.438117][ T1097] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.445876][ T1097] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.458939][ T1097] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.468373][ T1097] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.529601][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.537338][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.587922][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.598555][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.606708][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.639642][ T788] cfg80211: failed to load regulatory.db [ 97.663241][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.711074][ T5785] Bluetooth: hci0: command tx timeout [ 97.712154][ T5772] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.717422][ T5785] Bluetooth: hci1: command tx timeout [ 97.742053][ T5779] Bluetooth: hci2: command tx timeout [ 97.764563][ T38] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.772151][ T38] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.791484][ T5779] Bluetooth: hci3: command tx timeout [ 97.832721][ T1097] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.840908][ T1097] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.864654][ T5769] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.926061][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.935048][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.002180][ T5771] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 98.022252][ T5771] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 98.063330][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.071258][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.354866][ T5770] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.449758][ T5770] veth0_vlan: entered promiscuous mode [ 98.518026][ T5770] veth1_vlan: entered promiscuous mode [ 98.613996][ T5770] veth0_macvtap: entered promiscuous mode [ 98.644987][ T5770] veth1_macvtap: entered promiscuous mode [ 98.718432][ T5771] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.755426][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.797354][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.835175][ T5770] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.860669][ T5770] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.869481][ T5770] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.879725][ T5770] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.036857][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.108903][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.130120][ T5771] veth0_vlan: entered promiscuous mode [ 99.137400][ T1097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.149112][ T1097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.225178][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.236731][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.269585][ T5771] veth1_vlan: entered promiscuous mode [ 99.398449][ T5769] veth0_vlan: entered promiscuous mode [ 99.412351][ T5772] veth0_vlan: entered promiscuous mode [ 99.454526][ T5769] veth1_vlan: entered promiscuous mode [ 99.494173][ T5771] veth0_macvtap: entered promiscuous mode [ 99.505126][ T5772] veth1_vlan: entered promiscuous mode [ 99.537944][ T5771] veth1_macvtap: entered promiscuous mode [ 99.610197][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.622857][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.636594][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.669526][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.682332][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.699938][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.715831][ T5769] veth0_macvtap: entered promiscuous mode [ 99.734977][ T5772] veth0_macvtap: entered promiscuous mode [ 99.763653][ T5771] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.776497][ T5771] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.789984][ T5771] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.799583][ T5779] Bluetooth: hci1: command tx timeout [ 99.801232][ T5779] Bluetooth: hci2: command tx timeout [ 99.811748][ T51] Bluetooth: hci0: command tx timeout [ 99.818718][ T5771] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.836807][ T5769] veth1_macvtap: entered promiscuous mode [ 99.848121][ T5839] syz.2.5[5839]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 99.865451][ T5839] loop2: detected capacity change from 0 to 8 [ 99.880726][ T5779] Bluetooth: hci3: command tx timeout [ 99.896540][ T5772] veth1_macvtap: entered promiscuous mode [ 99.956820][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.971920][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.984565][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.997575][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.014470][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.085684][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.105945][ T5839] SQUASHFS error: Failed to read block 0x71: -5 [ 100.106139][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.124606][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.136408][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.148669][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.172571][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.186082][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.189064][ T28] audit: type=1800 audit(1771769858.907:2): pid=5839 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.5" name="file1" dev="loop2" ino=1 res=0 errno=0 [ 100.210751][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.234186][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.251121][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.262231][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.275662][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.288137][ T5769] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.301674][ T5769] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.312060][ T5769] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.321981][ T5769] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.388436][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.418342][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.434660][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.447078][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.459546][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.471196][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.969367][ T5779] Bluetooth: hci2: command tx timeout [ 101.976466][ T5779] Bluetooth: hci0: command tx timeout [ 101.999655][ T5779] Bluetooth: hci1: command tx timeout [ 102.006492][ T5779] Bluetooth: hci3: command tx timeout [ 102.021008][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.067115][ T5772] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.095009][ T5772] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.113545][ T5772] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.123594][ T5772] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.272652][ T2912] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.293332][ T2912] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.404693][ T1139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.416777][ T1139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.537393][ T38] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.553030][ T38] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.649288][ T139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.677516][ T139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.726733][ T1139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.763437][ T1139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.798025][ T5846] loop1: detected capacity change from 0 to 512 [ 102.858526][ T1097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.889860][ T1097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.899568][ T5846] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 102.961037][ T5846] EXT4-fs (loop1): failed to initialize system zone (-117) [ 102.968746][ T5846] EXT4-fs (loop1): mount failed [ 103.196205][ T5851] futex_wake_op: syz.2.7 tries to shift op by -1; fix this program [ 103.311725][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 103.471962][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 103.494199][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 103.494230][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 104.621218][ T0] NOHZ tick-stop error: local softirq work is pending, handler #1c2!!! [ 104.632704][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 105.030373][ T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!! [ 105.350188][ T5859] loop0: detected capacity change from 0 to 128 [ 105.389916][ T5859] FAT-fs (loop0): Unrecognized mount option "fmask=0000000000000000ã¥3Oošjnonumtail=0" or missing value [ 105.420950][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 106.443658][ T5785] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 106.648557][ T5861] loop0: detected capacity change from 0 to 1024 [ 106.663420][ T5861] hfsplus: invalid uid specified [ 106.670911][ T5861] hfsplus: unable to parse mount options [ 106.740408][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 106.751516][ T0] NOHZ tick-stop error: local softirq work is pending, handler #28a!!! [ 107.502426][ T5863] loop1: detected capacity change from 0 to 2048 [ 107.691886][ T5863] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.410318][ C0] sched: RT throttling activated [ 111.342877][ T5869] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 111.358586][ T5869] EXT4-fs (loop1): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 3 with error 28 [ 111.371115][ T5869] EXT4-fs (loop1): This should not happen!! Data will be lost [ 111.371115][ T5869] [ 111.381647][ T5869] EXT4-fs (loop1): Total free blocks count 0 [ 111.387742][ T5869] EXT4-fs (loop1): Free/Dirty block details [ 111.394367][ T5869] EXT4-fs (loop1): free_blocks=2415919504 [ 111.400336][ T5869] EXT4-fs (loop1): dirty_blocks=48000 [ 111.405745][ T5869] EXT4-fs (loop1): Block reservation details [ 111.437200][ T5869] EXT4-fs (loop1): i_reserved_data_blocks=2488 [ 112.442015][ T5874] loop0: detected capacity change from 0 to 1024 [ 112.461441][ T5874] ======================================================= [ 112.461441][ T5874] WARNING: The mand mount option has been deprecated and [ 112.461441][ T5874] and is ignored by this kernel. Remove the mand [ 112.461441][ T5874] option from the mount to silence this warning. [ 112.461441][ T5874] ======================================================= [ 112.585815][ T5874] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 112.658160][ T5874] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 112.879840][ T5874] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #15: block 3: comm syz.0.9: lblock 3 mapped to illegal pblock 3 (length 3) [ 112.968311][ T5874] EXT4-fs (loop0): Remounting filesystem read-only [ 115.250765][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 115.601089][ T5886] xt_TPROXY: Can be used only with -p tcp or -p udp [ 115.654902][ T5886] loop3: detected capacity change from 0 to 512 [ 115.676647][ T5886] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 115.721688][ T5886] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 115.760625][ T5888] capability: warning: `syz.0.15' uses 32-bit capabilities (legacy support in use) [ 115.819357][ T5886] EXT4-fs (loop3): 1 truncate cleaned up [ 115.910453][ T5886] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 116.007197][ T5886] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.555609][ T48] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.744535][ T48] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.890056][ T48] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.029511][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.073913][ T48] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.350825][ T5902] loop1: detected capacity change from 0 to 128 [ 120.539059][ T5902] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 120.648846][ T5902] ext4 filesystem being mounted at /2/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 121.267932][ T5771] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 121.352293][ T5918] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 121.389832][ T5918] loop3: detected capacity change from 0 to 128 [ 122.087357][ T5922] loop1: detected capacity change from 0 to 16 [ 122.106936][ T5922] erofs: (device loop1): mounted with root inode @ nid 36. [ 122.565746][ T5925] erofs: (device loop1): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 122.578801][ T5925] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 122.590481][ T5925] erofs: (device loop1): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 122.600999][ T5925] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 122.622902][ T5926] erofs: (device loop1): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 122.636191][ T5926] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 122.651532][ T5926] erofs: (device loop1): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 122.663089][ T5926] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 122.676594][ T5926] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 0 of nid 36 [ 122.689624][ T5926] erofs: (device loop1): erofs_readdir: fail to readdir of logical block 0 of nid 36 [ 122.708110][ T5925] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 72 of nid 36 [ 123.527766][ T5779] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 123.551400][ T5779] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 123.579384][ T5779] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 123.600661][ T5779] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 123.614020][ T5779] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 123.626478][ T5779] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 125.955897][ T5779] Bluetooth: hci3: command tx timeout [ 127.408326][ T5944] loop1: detected capacity change from 0 to 16 [ 128.162697][ T5779] Bluetooth: hci3: command tx timeout [ 128.191440][ T5944] erofs: (device loop1): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 142735) [ 130.131394][ T5871] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 130.190494][ T5779] Bluetooth: hci3: command tx timeout [ 132.271070][ T5779] Bluetooth: hci3: command tx timeout [ 132.437541][ T5929] chnl_net:caif_netlink_parms(): no params data found [ 134.280868][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 134.288024][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.725171][ T5985] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 134.799881][ T48] hsr_slave_0: left promiscuous mode [ 134.843184][ T48] hsr_slave_1: left promiscuous mode [ 134.868525][ T48] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 134.877397][ T48] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 134.916638][ T48] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 134.925969][ T48] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 135.052985][ T48] bridge_slave_1: left allmulticast mode [ 135.105502][ T48] bridge_slave_1: left promiscuous mode [ 135.141468][ T48] bridge0: port 2(bridge_slave_1) entered disabled state [ 135.215519][ T48] bridge_slave_0: left allmulticast mode [ 135.235877][ T48] bridge_slave_0: left promiscuous mode [ 135.251560][ T48] bridge0: port 1(bridge_slave_0) entered disabled state [ 135.409939][ T48] veth1_macvtap: left promiscuous mode [ 135.438263][ T48] veth0_macvtap: left promiscuous mode [ 135.457452][ T5987] loop2: detected capacity change from 0 to 128 [ 135.464812][ T48] veth1_vlan: left promiscuous mode [ 135.487384][ T48] veth0_vlan: left promiscuous mode [ 135.537122][ T5989] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 135.714651][ T5990] loop1: detected capacity change from 0 to 512 [ 135.920949][ T5990] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 135.956486][ T5990] EXT4-fs (loop1): orphan cleanup on readonly fs [ 136.046043][ T5990] Quota error (device loop1): dq_insert_tree: Quota tree root isn't allocated! [ 136.090612][ T5990] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota [ 136.130770][ T5990] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.28: Failed to acquire dquot type 1 [ 136.178613][ T5990] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.28: bg 0: block 40: padding at end of block bitmap is not set [ 136.260098][ T5990] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6653: Corrupt filesystem [ 136.471166][ T5990] EXT4-fs (loop1): 1 truncate cleaned up [ 136.478304][ T5990] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 136.756902][ T5987] FAT-fs (loop2): error, invalid access to FAT (entry 0x0fff0000) [ 136.810368][ T5987] FAT-fs (loop2): Filesystem has been set read-only [ 139.193346][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.707180][ T6005] loop2: detected capacity change from 0 to 1024 [ 140.743091][ T6005] hfsplus: session requires an argument [ 140.749123][ T6005] hfsplus: unable to parse mount options [ 141.078014][ T5872] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 141.378463][ T6002] loop2: detected capacity change from 0 to 8 [ 141.386481][ T6002] squashfs: Unknown parameter '' [ 142.409436][ T48] team0 (unregistering): Port device team_slave_1 removed [ 142.736456][ T48] team0 (unregistering): Port device team_slave_0 removed [ 142.892672][ T48] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 143.126735][ T48] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 143.263751][ T6027] loop2: detected capacity change from 0 to 16 [ 143.287280][ T6027] erofs: (device loop2): mounted with root inode @ nid 36. [ 143.668477][ T6029] erofs: (device loop2): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 143.678550][ T6029] erofs: (device loop2): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 143.688945][ T6029] erofs: (device loop2): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 143.699230][ T6029] erofs: (device loop2): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 143.709452][ T6029] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 72 of nid 36 [ 143.726982][ T6030] erofs: (device loop2): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 143.737304][ T6030] erofs: (device loop2): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 143.747462][ T6030] erofs: (device loop2): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 143.757387][ T6030] erofs: (device loop2): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 143.767439][ T6030] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 0 of nid 36 [ 143.776550][ T6030] erofs: (device loop2): erofs_readdir: fail to readdir of logical block 0 of nid 36 [ 146.358103][ T6038] loop1: detected capacity change from 0 to 2048 [ 146.710486][ T6038] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 150.117394][ T6048] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 150.132878][ T6048] EXT4-fs (loop1): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 3 with error 28 [ 150.145195][ T6048] EXT4-fs (loop1): This should not happen!! Data will be lost [ 150.145195][ T6048] [ 150.155460][ T6048] EXT4-fs (loop1): Total free blocks count 0 [ 150.161563][ T6048] EXT4-fs (loop1): Free/Dirty block details [ 150.167968][ T6048] EXT4-fs (loop1): free_blocks=2415919504 [ 150.173835][ T6048] EXT4-fs (loop1): dirty_blocks=38800 [ 150.179329][ T6048] EXT4-fs (loop1): Block reservation details [ 150.185430][ T6048] EXT4-fs (loop1): i_reserved_data_blocks=2425 [ 150.332223][ T48] bond0 (unregistering): Released all slaves [ 150.961764][ T5929] bridge0: port 1(bridge_slave_0) entered blocking state [ 151.037501][ T5929] bridge0: port 1(bridge_slave_0) entered disabled state [ 151.090670][ T5929] bridge_slave_0: entered allmulticast mode [ 151.098200][ T5929] bridge_slave_0: entered promiscuous mode [ 151.170762][ T5929] bridge0: port 2(bridge_slave_1) entered blocking state [ 152.580692][ T5929] bridge0: port 2(bridge_slave_1) entered disabled state [ 152.610862][ T5929] bridge_slave_1: entered allmulticast mode [ 152.637092][ T5929] bridge_slave_1: entered promiscuous mode [ 152.869691][ T5929] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 152.903575][ T5929] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 153.058952][ T6068] loop2: detected capacity change from 0 to 16 [ 153.102761][ T5929] team0: Port device team_slave_0 added [ 153.134356][ T6068] erofs: (device loop2): mounted with root inode @ nid 36. [ 153.164223][ T5929] team0: Port device team_slave_1 added [ 153.439737][ T5929] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 153.446957][ T5929] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 153.476561][ T5929] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 153.549734][ T6071] erofs: (device loop2): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 153.560407][ T6071] erofs: (device loop2): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 153.573255][ T6071] erofs: (device loop2): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 153.583442][ T6071] erofs: (device loop2): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 153.593690][ T6071] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 72 of nid 36 [ 154.188274][ T5929] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 154.211047][ T5929] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 154.294934][ T5929] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 154.525160][ T5929] hsr_slave_0: entered promiscuous mode [ 154.561604][ T5929] hsr_slave_1: entered promiscuous mode [ 154.593574][ T5929] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 154.612766][ T5929] Cannot create hsr debugfs directory [ 155.359141][ T5929] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 155.425231][ T5929] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 155.436568][ T6089] loop3: detected capacity change from 0 to 128 [ 155.511174][ T5929] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 155.597086][ T5929] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 155.994331][ T6093] rtc_cmos 00:00: Alarms can be up to one day in the future [ 157.718911][ T6097] loop3: detected capacity change from 0 to 1024 [ 157.882014][ T6097] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 157.937765][ T6097] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 157.992347][ T5929] 8021q: adding VLAN 0 to HW filter on device bond0 [ 158.030495][ T6101] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 158.135228][ T5929] 8021q: adding VLAN 0 to HW filter on device team0 [ 158.230663][ T139] bridge0: port 1(bridge_slave_0) entered blocking state [ 158.238122][ T139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 158.319716][ T6008] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.327074][ T6008] bridge0: port 2(bridge_slave_1) entered forwarding state [ 158.935479][ T6097] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #15: block 3: comm syz.3.51: lblock 3 mapped to illegal pblock 3 (length 1) [ 159.016374][ T6097] EXT4-fs error (device loop3): ext4_ext_remove_space:2929: inode #15: comm syz.3.51: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 159.235693][ T5929] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 159.675525][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 159.921642][ T6130] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 160.497972][ T5929] veth0_vlan: entered promiscuous mode [ 160.534486][ T5929] veth1_vlan: entered promiscuous mode [ 160.703188][ T5929] veth0_macvtap: entered promiscuous mode [ 160.757936][ T5929] veth1_macvtap: entered promiscuous mode [ 160.843820][ T5929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 162.692009][ T5929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.751462][ T5929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 162.845953][ T5929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.923177][ T5929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 165.010530][ T5929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.032912][ T5929] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 165.173492][ T5929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 165.220274][ T5929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.260305][ T5929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 165.463627][ T6168] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 165.490466][ T5929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.510384][ T5929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 165.522067][ T5929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.790690][ T5929] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 165.939383][ T5929] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 165.955088][ T5929] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 165.997415][ T5929] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.054592][ T5929] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.355019][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 166.524692][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 166.557126][ T6176] netlink: 'syz.3.64': attribute type 5 has an invalid length. [ 167.232378][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 167.320479][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 168.401967][ T6184] netlink: 40 bytes leftover after parsing attributes in process `syz.3.67'. [ 168.563092][ T6186] loop4: detected capacity change from 0 to 16 [ 168.603024][ T6186] erofs: (device loop4): mounted with root inode @ nid 36. [ 168.822840][ T5785] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 168.839584][ T5785] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 168.850469][ T5785] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 168.874139][ T5785] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 168.887146][ T5785] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 168.898312][ T5785] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 169.638562][ T6206] loop2: detected capacity change from 0 to 1024 [ 169.707633][ T6206] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 169.721527][ T6206] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 170.082293][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.880429][ T5785] Bluetooth: hci4: command tx timeout [ 172.127172][ T6190] chnl_net:caif_netlink_parms(): no params data found [ 172.287089][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.566064][ T6219] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #15: block 3: comm syz.2.61: lblock 3 mapped to illegal pblock 3 (length 3) [ 172.581919][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.651663][ T6220] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.61: bg 0: block 112: padding at end of block bitmap is not set [ 172.685307][ T6219] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 172.782739][ T6219] EXT4-fs (loop2): This should not happen!! Data will be lost [ 172.782739][ T6219] [ 172.848326][ T6220] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 4 with error 117 [ 172.927964][ T6220] EXT4-fs (loop2): This should not happen!! Data will be lost [ 172.927964][ T6220] [ 172.990896][ T6224] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 173.168939][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.633913][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.793284][ T6190] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.821103][ T6190] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.828880][ T6190] bridge_slave_0: entered allmulticast mode [ 175.720545][ T5785] Bluetooth: hci4: command tx timeout [ 175.756361][ T38] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #15: block 8: comm kworker/u4:2: lblock 8 mapped to illegal pblock 8 (length 8) [ 175.792203][ T6190] bridge_slave_0: entered promiscuous mode [ 175.856008][ T38] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 175.881799][ T6190] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.902284][ T38] EXT4-fs (loop2): This should not happen!! Data will be lost [ 175.902284][ T38] [ 175.943246][ T6190] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.952574][ T38] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 20 with max blocks 48 with error 117 [ 175.982529][ T6190] bridge_slave_1: entered allmulticast mode [ 176.003585][ T6190] bridge_slave_1: entered promiscuous mode [ 176.016984][ T38] EXT4-fs (loop2): This should not happen!! Data will be lost [ 176.016984][ T38] [ 176.063405][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 176.156564][ T6190] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 176.187601][ T6190] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 176.433726][ T6190] team0: Port device team_slave_0 added [ 176.519701][ T6190] team0: Port device team_slave_1 added [ 176.533594][ T6240] loop4: detected capacity change from 0 to 256 [ 176.981357][ T6242] binder: 6238:6242 ioctl c0306201 0 returned -14 [ 178.454707][ T5785] Bluetooth: hci4: command tx timeout [ 178.794178][ T6190] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 178.840626][ T6190] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.911111][ T6190] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 179.030784][ T6190] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 179.038566][ T6190] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 179.128225][ T6190] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 179.543748][ T6190] hsr_slave_0: entered promiscuous mode [ 179.601324][ T6190] hsr_slave_1: entered promiscuous mode [ 179.627271][ T6190] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 179.640479][ T6190] Cannot create hsr debugfs directory [ 180.181905][ T6264] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 180.504798][ T6263] netlink: 40 bytes leftover after parsing attributes in process `syz.2.78'. [ 180.544733][ T5785] Bluetooth: hci4: command tx timeout [ 180.867425][ T6267] loop3: detected capacity change from 0 to 1024 [ 180.924192][ T6267] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 181.170408][ T6267] loop3: detected capacity change from 1024 to 64 [ 181.302883][ T28] audit: type=1800 audit(1771769940.047:3): pid=6276 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.80" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 181.496141][ T5769] EXT4-fs warning (device loop3): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 181.531402][ T5769] EXT4-fs warning (device loop3): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 181.564584][ T5769] EXT4-fs warning (device loop3): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 181.604317][ T5769] EXT4-fs warning (device loop3): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 181.641435][ T5769] EXT4-fs warning (device loop3): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 181.707357][ T5769] EXT4-fs warning (device loop3): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 183.547199][ T5785] Bluetooth: hci4: command tx timeout [ 183.593348][ T5769] EXT4-fs warning (device loop3): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 183.671247][ T5769] EXT4-fs warning (device loop3): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 183.709804][ T5769] EXT4-fs warning (device loop3): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 183.741844][ T5769] EXT4-fs warning (device loop3): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 184.069024][ T12] hsr_slave_0: left promiscuous mode [ 184.125443][ T12] hsr_slave_1: left promiscuous mode [ 184.171391][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 184.179045][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 184.218448][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 184.239120][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 184.260739][ T12] bridge_slave_1: left allmulticast mode [ 184.266674][ T12] bridge_slave_1: left promiscuous mode [ 184.282018][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 184.368460][ T12] bridge_slave_0: left allmulticast mode [ 184.375638][ T12] bridge_slave_0: left promiscuous mode [ 184.389317][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 184.478467][ T12] veth1_macvtap: left promiscuous mode [ 184.486369][ T12] veth0_macvtap: left promiscuous mode [ 184.532406][ T12] veth1_vlan: left promiscuous mode [ 184.538746][ T12] veth0_vlan: left promiscuous mode [ 185.963388][ T6270] kmmpd-loop3: attempt to access beyond end of device [ 185.963388][ T6270] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64 [ 186.085119][ T6270] Buffer I/O error on dev loop3, logical block 64, lost sync page write [ 186.121736][ T6270] EXT4-fs error (device loop3): kmmpd:186: comm kmmpd-loop3: Error writing to MMP block [ 186.147969][ T6305] loop2: detected capacity change from 0 to 2048 [ 186.275619][ T6305] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 189.177347][ T6310] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 189.193786][ T6310] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 3 with error 28 [ 189.206641][ T6310] EXT4-fs (loop2): This should not happen!! Data will be lost [ 189.206641][ T6310] [ 189.216560][ T6310] EXT4-fs (loop2): Total free blocks count 0 [ 189.222727][ T6310] EXT4-fs (loop2): Free/Dirty block details [ 189.228670][ T6310] EXT4-fs (loop2): free_blocks=2415919504 [ 189.234762][ T6310] EXT4-fs (loop2): dirty_blocks=38784 [ 189.240470][ T6310] EXT4-fs (loop2): Block reservation details [ 189.246969][ T6310] EXT4-fs (loop2): i_reserved_data_blocks=2424 [ 189.354751][ T59] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 4 with max blocks 2048 with error 28 [ 189.373686][ T12] team0 (unregistering): Port device team_slave_1 removed [ 189.489020][ T12] team0 (unregistering): Port device team_slave_0 removed [ 189.630572][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 189.714653][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 190.564147][ T12] bond0 (unregistering): Released all slaves [ 190.991648][ T6270] kmmpd-loop3: attempt to access beyond end of device [ 190.991648][ T6270] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64 [ 191.047511][ T6270] Buffer I/O error on dev loop3, logical block 64, lost sync page write [ 191.065903][ T5769] EXT4-fs error (device loop3): ext4_check_bdev_write_error:225: comm syz-executor: Error while async write back metadata [ 191.080566][ T6190] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 191.116316][ T6190] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 191.125809][ T5769] EXT4-fs error (device loop3): ext4_check_bdev_write_error:225: comm syz-executor: Error while async write back metadata [ 191.203677][ T6190] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 191.228546][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.293177][ T6190] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 191.325110][ T6270] kmmpd-loop3: attempt to access beyond end of device [ 191.325110][ T6270] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64 [ 191.371375][ T6270] Buffer I/O error on dev loop3, logical block 64, lost sync page write [ 191.936591][ T6190] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.070507][ T6190] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.661884][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.669528][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 193.744513][ T6321] netlink: 'syz.4.88': attribute type 5 has an invalid length. [ 193.875454][ T6008] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.998296][ T2912] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.005618][ T2912] bridge0: port 2(bridge_slave_1) entered forwarding state [ 194.096761][ T6008] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.288795][ T5779] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 194.315362][ T6008] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.328462][ T5779] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 194.340367][ T5779] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 194.359934][ T5779] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 194.370612][ T5779] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 194.379628][ T5779] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 194.581636][ T5770] EXT4-fs: 15 callbacks suppressed [ 194.581653][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.609246][ T6008] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.737128][ T6335] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 194.916699][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.923637][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.006082][ T6338] loop2: detected capacity change from 0 to 512 [ 195.069713][ T6338] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 195.120436][ T6338] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it [ 195.131095][ T6338] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.91: Corrupt directory, running e2fsck is recommended [ 195.162615][ T6338] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 195.171365][ T6338] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #15: comm syz.2.91: corrupted in-inode xattr: e_name out of bounds [ 195.202701][ T6338] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.91: couldn't read orphan inode 15 (err -117) [ 195.223421][ T6338] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 197.226665][ T5779] Bluetooth: hci1: command tx timeout [ 197.361814][ T6338] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 197.416007][ T6338] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it [ 197.440447][ T6338] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.91: Corrupt directory, running e2fsck is recommended [ 197.475108][ T6338] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 197.510664][ T6338] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it [ 197.554814][ T6338] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.91: Corrupt directory, running e2fsck is recommended [ 197.647735][ T6354] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 197.676279][ T6354] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it [ 197.713333][ T6354] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.91: Corrupt directory, running e2fsck is recommended [ 197.756254][ T6338] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 197.795047][ T6338] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 3: comm syz.2.91: path /34/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0 [ 197.831956][ T6190] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 197.884770][ T6338] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 22: comm syz.2.91: path /34/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=65535, size=1024 fake=0 [ 197.960795][ T6338] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 8: comm syz.2.91: path /34/file0: bad entry in directory: inode out of bounds - offset=0, inode=16810477, rec_len=1024, size=1024 fake=0 [ 197.978866][ T6331] chnl_net:caif_netlink_parms(): no params data found [ 198.148210][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.815520][ T6331] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.838935][ T6331] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.856882][ T6378] loop2: detected capacity change from 0 to 512 [ 198.863707][ T6331] bridge_slave_0: entered allmulticast mode [ 198.879316][ T6331] bridge_slave_0: entered promiscuous mode [ 198.887622][ T6378] EXT4-fs: Ignoring removed orlov option [ 198.928195][ T6378] EXT4-fs: Ignoring removed mblk_io_submit option [ 198.937626][ T6331] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.957619][ T6331] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.977627][ T6378] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #15: comm syz.2.94: corrupted in-inode xattr: e_value size too large [ 198.992116][ T6331] bridge_slave_1: entered allmulticast mode [ 198.999902][ T6331] bridge_slave_1: entered promiscuous mode [ 199.040529][ T6378] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.94: couldn't read orphan inode 15 (err -117) [ 199.072643][ T6378] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 199.158596][ T6331] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 199.222751][ T6331] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 199.310902][ T5779] Bluetooth: hci1: command tx timeout [ 199.362835][ T6331] team0: Port device team_slave_0 added [ 199.477755][ T6331] team0: Port device team_slave_1 added [ 199.616305][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.633357][ T6190] veth0_vlan: entered promiscuous mode [ 199.657227][ T6331] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 199.670438][ T6331] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 199.704566][ T6331] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 199.799278][ T6331] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 199.821579][ T6331] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 199.930749][ T6331] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 199.975360][ T6396] loop2: detected capacity change from 0 to 4096 [ 199.988167][ T6398] loop4: detected capacity change from 0 to 256 [ 199.996127][ T6008] hsr_slave_0: left promiscuous mode [ 200.006446][ T6008] hsr_slave_1: left promiscuous mode [ 200.021157][ T6008] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 200.040311][ T6008] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 200.052546][ T6396] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 200.084144][ T6008] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 200.094178][ T6398] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 200.103311][ T6008] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 200.157435][ T6398] FAT-fs (loop4): Filesystem has been set read-only [ 200.165040][ T6008] bridge_slave_1: left allmulticast mode [ 200.174195][ T6398] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 200.205665][ T6008] bridge_slave_1: left promiscuous mode [ 200.214675][ T6398] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 200.232850][ T6008] bridge0: port 2(bridge_slave_1) entered disabled state [ 200.279631][ T6008] bridge_slave_0: left allmulticast mode [ 200.297572][ T6396] syz.2.95 (6396) used greatest stack depth: 20784 bytes left [ 200.302503][ T28] audit: type=1800 audit(1771769958.997:4): pid=6398 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.96" name="file1" dev="loop4" ino=1048600 res=0 errno=0 [ 200.327229][ T6008] bridge_slave_0: left promiscuous mode [ 200.360938][ T6008] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.428444][ T6398] syz.4.96 (6398) used greatest stack depth: 20464 bytes left [ 200.448459][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.590738][ T6008] veth1_macvtap: left promiscuous mode [ 200.597722][ T6008] veth0_macvtap: left promiscuous mode [ 200.622455][ T6008] veth1_vlan: left promiscuous mode [ 200.629409][ T6008] veth0_vlan: left promiscuous mode [ 200.695527][ T6407] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 202.836057][ T5779] Bluetooth: hci1: command tx timeout [ 203.523708][ T6422] loop4: detected capacity change from 0 to 512 [ 203.535200][ T6422] EXT4-fs: Ignoring removed orlov option [ 203.544330][ T6422] EXT4-fs: Ignoring removed mblk_io_submit option [ 203.584286][ T6422] EXT4-fs error (device loop4): ext4_iget_extra_inode:4732: inode #15: comm syz.4.101: corrupted in-inode xattr: e_value size too large [ 203.619902][ T6008] team0 (unregistering): Port device team_slave_1 removed [ 203.654379][ T6422] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.101: couldn't read orphan inode 15 (err -117) [ 203.687229][ T6422] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 203.712158][ T6008] team0 (unregistering): Port device team_slave_0 removed [ 203.786540][ T6008] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 203.867246][ T6008] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 204.032507][ T5929] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.366601][ T6008] bond0 (unregistering): Released all slaves [ 204.507014][ T6414] pimreg: entered allmulticast mode [ 204.566099][ T6190] veth1_vlan: entered promiscuous mode [ 204.706482][ T6331] hsr_slave_0: entered promiscuous mode [ 204.719732][ T6331] hsr_slave_1: entered promiscuous mode [ 204.732990][ T6331] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 204.744655][ T6331] Cannot create hsr debugfs directory [ 204.910700][ T5779] Bluetooth: hci1: command tx timeout [ 204.965147][ T6190] veth0_macvtap: entered promiscuous mode [ 204.993617][ T6190] veth1_macvtap: entered promiscuous mode [ 205.022048][ T6190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 205.033823][ T6190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.048619][ T6190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 205.075948][ T6190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.103484][ T6190] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 205.143074][ T6190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 205.177507][ T6190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.194249][ T6190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 205.205383][ T6190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.218240][ T6190] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 205.258510][ T6438] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 205.301444][ T6190] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.339832][ T6190] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.361429][ T6190] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.375934][ T6190] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.643642][ T6008] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 205.668518][ T6008] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 205.989343][ T6449] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 206.127364][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.276875][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.665238][ T6331] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 206.704119][ T6331] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 206.724780][ T6453] loop2: detected capacity change from 0 to 1024 [ 206.736620][ T6331] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 206.760600][ T6453] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000c01c, mo2=0002] [ 206.769539][ T6453] System zones: 0-1, 3-36 [ 206.783304][ T6453] EXT4-fs error (device loop2): ext4_orphan_get:1424: comm syz.2.107: bad orphan inode 134217728 [ 206.803379][ T6453] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 207.015967][ T6331] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 207.169072][ T5779] Bluetooth: hci3: command 0x0406 tx timeout [ 207.804694][ T6458] ptm ptm0: ldisc open failed (-12), clearing slot 0 [ 207.856834][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 208.129070][ T6331] 8021q: adding VLAN 0 to HW filter on device bond0 [ 208.225517][ T6468] loop2: detected capacity change from 0 to 512 [ 208.248458][ T6331] 8021q: adding VLAN 0 to HW filter on device team0 [ 208.258355][ T6468] EXT4-fs: Ignoring removed orlov option [ 208.298834][ T6468] EXT4-fs: Ignoring removed mblk_io_submit option [ 208.316023][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.323400][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 208.382964][ T6468] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #15: comm syz.2.109: corrupted in-inode xattr: e_value size too large [ 208.435084][ T6468] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.109: couldn't read orphan inode 15 (err -117) [ 208.449014][ T6468] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 208.542096][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.549370][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 208.813810][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 208.920130][ T6480] loop5: detected capacity change from 0 to 256 [ 208.985330][ T6054] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 209.069872][ T6480] loop5: detected capacity change from 0 to 256 [ 209.664204][ T6487] warning: `syz.2.114' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 209.747591][ T6484] loop2: detected capacity change from 0 to 2048 [ 209.804106][ T6491] loop5: detected capacity change from 0 to 16 [ 209.900608][ T6491] erofs: (device loop5): mounted with root inode @ nid 36. [ 210.039725][ T6491] syz.5.115: attempt to access beyond end of device [ 210.039725][ T6491] loop5: rw=0, sector=4294967295, nr_sectors = 1 limit=16 [ 210.106387][ T6491] erofs: (device loop5): erofs_readdir: fail to readdir of logical block 0 of nid 36 [ 210.219552][ T6331] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 210.480539][ T6500] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 212.414000][ T6331] veth0_vlan: entered promiscuous mode [ 212.477295][ T6331] veth1_vlan: entered promiscuous mode [ 214.604175][ T6331] veth0_macvtap: entered promiscuous mode [ 214.714623][ T6331] veth1_macvtap: entered promiscuous mode [ 214.822162][ T6331] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 214.864838][ T6331] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.911622][ T6331] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 214.965724][ T6331] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.995588][ T6331] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 215.030401][ T6331] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.088006][ T6331] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 215.134810][ T6517] loop4: detected capacity change from 0 to 512 [ 215.148374][ T6331] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 215.200439][ T6331] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.235857][ T6331] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 215.239092][ T6517] EXT4-fs: Ignoring removed orlov option [ 215.296740][ T6331] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.341321][ T6331] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 215.393394][ T6331] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.399846][ T6517] EXT4-fs: Ignoring removed mblk_io_submit option [ 215.471058][ T6331] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 215.497695][ T6331] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.507707][ T6331] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.518510][ T6331] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.529664][ T6331] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.607315][ T6517] EXT4-fs error (device loop4): ext4_iget_extra_inode:4732: inode #15: comm syz.4.121: corrupted in-inode xattr: e_value size too large [ 215.807089][ T6517] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.121: couldn't read orphan inode 15 (err -117) [ 215.882111][ T6517] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 216.082656][ T993] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 216.129663][ T993] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 216.248171][ T38] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 216.320486][ T38] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 217.008767][ T5929] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.778888][ T5779] Bluetooth: hci0: command 0x0406 tx timeout [ 218.960877][ T5813] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 219.210443][ T5813] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 219.268240][ T5813] usb 6-1: config 0 has no interfaces? [ 219.279168][ T5813] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 219.306568][ T5813] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.382612][ T5813] usb 6-1: config 0 descriptor?? [ 220.198700][ T6558] loop3: detected capacity change from 0 to 256 [ 221.008871][ T6561] binder: 6557:6561 ioctl c0306201 0 returned -14 [ 222.241637][ T5811] usb 6-1: USB disconnect, device number 2 [ 224.355290][ T6578] loop5: detected capacity change from 0 to 512 [ 224.376454][ T6578] EXT4-fs: Ignoring removed orlov option [ 224.415492][ T6578] EXT4-fs: Ignoring removed mblk_io_submit option [ 224.484501][ T6578] EXT4-fs error (device loop5): ext4_iget_extra_inode:4732: inode #15: comm syz.5.130: corrupted in-inode xattr: e_value size too large [ 224.501971][ T6578] EXT4-fs error (device loop5): ext4_orphan_get:1403: comm syz.5.130: couldn't read orphan inode 15 (err -117) [ 224.533532][ T6578] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 225.172417][ T6190] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.241055][ T6592] capability: warning: `syz.2.131' uses deprecated v2 capabilities in a way that may be insecure [ 230.824549][ T6615] fuse: Unknown parameter '0xffffffffffffffff00000000000000000000' [ 235.553189][ T6640] loop4: detected capacity change from 0 to 512 [ 235.571554][ T6640] EXT4-fs: Ignoring removed orlov option [ 235.595690][ T6640] EXT4-fs: Ignoring removed mblk_io_submit option [ 235.679315][ T6640] EXT4-fs error (device loop4): ext4_iget_extra_inode:4732: inode #15: comm syz.4.140: corrupted in-inode xattr: e_value size too large [ 235.800379][ T6640] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.140: couldn't read orphan inode 15 (err -117) [ 235.835581][ T6640] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 238.242170][ T5929] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.468888][ T6664] loop4: detected capacity change from 0 to 128 [ 238.567269][ T6664] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 238.592650][ T6664] ext4 filesystem being mounted at /27/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 238.844214][ T5929] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 241.674513][ T6690] loop4: detected capacity change from 0 to 512 [ 241.921955][ T6690] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 242.019025][ T6690] ext4 filesystem being mounted at /28/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 242.189683][ T6700] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 245.095543][ T5929] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 245.947503][ T6728] loop4: detected capacity change from 0 to 2048 [ 246.044774][ T6728] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 248.372048][ T6735] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 249.286537][ T6740] EXT4-fs (loop4): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 3 with error 28 [ 249.299642][ T6740] EXT4-fs (loop4): This should not happen!! Data will be lost [ 249.299642][ T6740] [ 249.309683][ T6740] EXT4-fs (loop4): Total free blocks count 0 [ 249.316976][ T6740] EXT4-fs (loop4): Free/Dirty block details [ 249.323048][ T6740] EXT4-fs (loop4): free_blocks=2415919504 [ 249.328889][ T6740] EXT4-fs (loop4): dirty_blocks=46976 [ 249.334514][ T6740] EXT4-fs (loop4): Block reservation details [ 249.340629][ T6740] EXT4-fs (loop4): i_reserved_data_blocks=2424 [ 249.510541][ T27] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 249.562138][ T38] EXT4-fs (loop4): Delayed block allocation failed for inode 19 at logical offset 4 with max blocks 2048 with error 28 [ 250.483082][ T5779] Bluetooth: hci3: command 0x0406 tx timeout [ 250.490716][ T6748] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 250.562125][ T6747] loop3: detected capacity change from 0 to 512 [ 250.925841][ T6747] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 251.061315][ T38] EXT4-fs: 15 callbacks suppressed [ 251.061340][ T38] EXT4-fs (loop4): Delayed block allocation failed for inode 19 at logical offset 2054 with max blocks 2048 with error 28 [ 251.085611][ T6747] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 251.130434][ T38] EXT4-fs (loop4): This should not happen!! Data will be lost [ 251.130434][ T38] [ 251.381677][ T38] EXT4-fs (loop4): Total free blocks count 0 [ 251.645347][ T6754] EXT4-fs error (device loop3): ext4_get_first_dir_block:3584: inode #12: comm syz.3.159: Attempting to read directory block (0) that is past i_size (3) [ 251.729927][ T6754] EXT4-fs (loop3): Remounting filesystem read-only [ 251.850341][ T38] EXT4-fs (loop4): Free/Dirty block details [ 251.857050][ T38] EXT4-fs (loop4): free_blocks=2415919504 [ 251.867861][ T38] EXT4-fs (loop4): dirty_blocks=42880 [ 251.885605][ T38] EXT4-fs (loop4): Block reservation details [ 251.921278][ T38] EXT4-fs (loop4): i_reserved_data_blocks=2296 [ 251.948818][ T6331] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.960545][ T139] Quota error (device loop3): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync! [ 252.021122][ T139] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 252.070582][ T139] Quota error (device loop3): write_blk: dquota write failed [ 252.079499][ T139] Quota error (device loop3): free_dqentry: Can't write quota data block 5 [ 252.187504][ T38] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28 [ 252.237863][ T6763] loop5: detected capacity change from 0 to 512 [ 252.248777][ T38] EXT4-fs (loop4): This should not happen!! Data will be lost [ 252.248777][ T38] [ 252.292633][ T6763] EXT4-fs: Ignoring removed orlov option [ 252.298645][ T6763] EXT4-fs: Ignoring removed mblk_io_submit option [ 254.160506][ T6763] EXT4-fs error (device loop5): ext4_iget_extra_inode:4732: inode #15: comm syz.5.151: corrupted in-inode xattr: e_value size too large [ 255.440515][ T6763] EXT4-fs error (device loop5): ext4_orphan_get:1403: comm syz.5.151: couldn't read orphan inode 15 (err -117) [ 255.472284][ T6763] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 255.833673][ T6190] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.078359][ T6783] loop5: detected capacity change from 0 to 512 [ 256.115007][ T6783] EXT4-fs: Ignoring removed oldalloc option [ 256.277623][ T6783] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 256.310398][ T6783] ext4 filesystem being mounted at /16/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 256.381795][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.388217][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.630612][ T6772] EXT4-fs error (device loop5): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 217: padding at end of block bitmap is not set [ 256.945704][ T6772] EXT4-fs (loop5): Remounting filesystem read-only [ 257.407458][ T6190] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.404321][ T6804] input: syz0 as /devices/virtual/input/input5 [ 261.220777][ T6823] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 264.370621][ T6841] fuse: Unknown parameter '0xffffffffffffffff00000000000000000000' [ 266.262288][ T27] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 266.480379][ T27] usb 6-1: Using ep0 maxpacket: 32 [ 266.498661][ T27] usb 6-1: config 2 has an invalid interface number: 88 but max is 0 [ 266.520435][ T27] usb 6-1: config 2 has no interface number 0 [ 266.527634][ T27] usb 6-1: config 2 interface 88 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 256 [ 266.591236][ T27] usb 6-1: config 2 interface 88 has no altsetting 0 [ 266.622640][ T27] usb 6-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e [ 266.640236][ T27] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 266.680790][ T27] usb 6-1: Product: syz [ 266.685083][ T27] usb 6-1: Manufacturer: syz [ 266.689860][ T27] usb 6-1: SerialNumber: syz [ 266.738034][ T6839] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 266.991055][ T6839] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 267.682067][ T5779] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 267.694970][ T5779] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 267.703961][ T5779] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 267.713616][ T5779] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 267.722515][ T5779] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 267.730269][ T5779] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 268.071852][ T5929] EXT4-fs: 6 callbacks suppressed [ 268.071870][ T5929] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.690769][ T5779] Bluetooth: hci2: command tx timeout [ 270.704481][ T27] asix 6-1:2.88 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 270.724792][ T27] asix 6-1:2.88 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 270.748800][ T27] asix: probe of 6-1:2.88 failed with error -71 [ 271.307206][ T27] usb 6-1: USB disconnect, device number 3 [ 271.540552][ T6871] loop2: detected capacity change from 0 to 512 [ 271.571552][ T6871] EXT4-fs: Ignoring removed oldalloc option [ 271.756684][ T6858] chnl_net:caif_netlink_parms(): no params data found [ 271.817096][ T6871] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 271.841666][ T6871] ext4 filesystem being mounted at /61/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 272.820379][ T5785] Bluetooth: hci2: command tx timeout [ 272.971463][ T28] audit: type=1800 audit(1771770031.717:5): pid=6884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.175" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 273.111644][ T6858] bridge0: port 1(bridge_slave_0) entered blocking state [ 273.162077][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.174214][ T6858] bridge0: port 1(bridge_slave_0) entered disabled state [ 273.191979][ T6858] bridge_slave_0: entered allmulticast mode [ 273.222096][ T6858] bridge_slave_0: entered promiscuous mode [ 273.712714][ T6858] bridge0: port 2(bridge_slave_1) entered blocking state [ 273.734109][ T6858] bridge0: port 2(bridge_slave_1) entered disabled state [ 273.764652][ T6858] bridge_slave_1: entered allmulticast mode [ 273.791778][ T6858] bridge_slave_1: entered promiscuous mode [ 274.166961][ T6897] loop5: detected capacity change from 0 to 128 [ 274.221303][ T1097] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.258656][ T6897] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 274.279289][ T6899] loop3: detected capacity change from 0 to 512 [ 274.327236][ T6899] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 274.365878][ T6897] ext4 filesystem being mounted at /20/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 274.432277][ T6899] EXT4-fs (loop3): 1 truncate cleaned up [ 274.448387][ T6899] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 274.524466][ T6858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 274.662437][ T1097] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.786645][ T6190] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 274.806229][ T6904] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 274.901761][ T5785] Bluetooth: hci2: command tx timeout [ 275.383949][ T6858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 275.584667][ T1097] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 275.640053][ T6905] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #15: block 33: comm syz.3.174: lblock 0 mapped to illegal pblock 33 (length 1) [ 277.638782][ T5785] Bluetooth: hci2: command tx timeout [ 277.704130][ T6905] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #15: block 33: comm syz.3.174: lblock 0 mapped to illegal pblock 33 (length 1) [ 277.793365][ T1097] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.837033][ T6905] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 277.876714][ T6905] EXT4-fs error (device loop3): ext4_dirty_inode:6124: inode #15: comm syz.3.174: mark_inode_dirty error [ 277.893511][ T6858] team0: Port device team_slave_0 added [ 277.994209][ T6858] team0: Port device team_slave_1 added [ 278.037292][ T6905] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #15: block 33: comm syz.3.174: lblock 0 mapped to illegal pblock 33 (length 1) [ 278.075215][ T6905] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #15: block 33: comm syz.3.174: lblock 0 mapped to illegal pblock 33 (length 1) [ 278.277020][ T6858] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 278.309487][ T6858] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 278.637849][ T6858] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 278.780212][ T6858] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 279.020320][ T6858] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 280.150665][ T6858] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 280.199426][ T28] audit: type=1326 audit(1771770038.937:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6929 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f010079c629 code=0x7ffc0000 [ 280.222163][ T6331] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.295103][ T28] audit: type=1326 audit(1771770038.937:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6929 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f010079c629 code=0x7ffc0000 [ 280.389708][ T28] audit: type=1326 audit(1771770038.977:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6929 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f010079c629 code=0x7ffc0000 [ 280.471699][ T28] audit: type=1326 audit(1771770038.977:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6929 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f010079c629 code=0x7ffc0000 [ 280.498334][ T6858] hsr_slave_0: entered promiscuous mode [ 280.550346][ T28] audit: type=1326 audit(1771770038.977:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6929 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f010079c629 code=0x7ffc0000 [ 280.596494][ T6858] hsr_slave_1: entered promiscuous mode [ 280.631525][ T6858] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 280.639279][ T6858] Cannot create hsr debugfs directory [ 280.664065][ T28] audit: type=1326 audit(1771770038.977:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6929 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f010079c629 code=0x7ffc0000 [ 280.668270][ T6934] loop2: detected capacity change from 0 to 1024 [ 280.854952][ T28] audit: type=1326 audit(1771770038.977:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6929 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f010079c629 code=0x7ffc0000 [ 281.011119][ T6934] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 281.053099][ T28] audit: type=1326 audit(1771770038.977:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6929 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f010079c629 code=0x7ffc0000 [ 281.081276][ T6934] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 281.156709][ T28] audit: type=1326 audit(1771770038.977:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6929 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=220 compat=0 ip=0x7f010079c629 code=0x7ffc0000 [ 281.486005][ T6946] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #15: block 3: comm syz.2.188: lblock 3 mapped to illegal pblock 3 (length 3) [ 281.495287][ T28] audit: type=1326 audit(1771770038.977:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6929 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f010079c629 code=0x7ffc0000 [ 281.512082][ T6946] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 281.538014][ T6948] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.188: bg 0: block 112: padding at end of block bitmap is not set [ 281.546941][ T6946] EXT4-fs (loop2): This should not happen!! Data will be lost [ 281.546941][ T6946] [ 281.596782][ T6948] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 4 with error 117 [ 281.609683][ T6948] EXT4-fs (loop2): This should not happen!! Data will be lost [ 281.609683][ T6948] [ 282.024593][ T6957] loop5: detected capacity change from 0 to 512 [ 282.252715][ T1005] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #15: block 8: comm kworker/u4:7: lblock 8 mapped to illegal pblock 8 (length 8) [ 282.329507][ T6957] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 282.466310][ T6957] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 282.470696][ T1005] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 282.788705][ T1005] EXT4-fs (loop2): This should not happen!! Data will be lost [ 282.788705][ T1005] [ 282.882793][ T6967] EXT4-fs error (device loop5): ext4_get_first_dir_block:3584: inode #12: comm syz.5.184: Attempting to read directory block (0) that is past i_size (3) [ 282.914844][ T6967] EXT4-fs (loop5): Remounting filesystem read-only [ 283.040034][ T1005] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 20 with max blocks 48 with error 117 [ 283.052981][ T1005] EXT4-fs (loop2): This should not happen!! Data will be lost [ 283.052981][ T1005] [ 283.067863][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 283.114744][ T6190] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.155724][ T993] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 283.285744][ T6972] loop3: detected capacity change from 0 to 256 [ 283.293648][ T6971] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 285.704242][ T6983] loop2: detected capacity change from 0 to 128 [ 285.792924][ T6983] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 285.806218][ T6972] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 285.897545][ T6983] ext4 filesystem being mounted at /70/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 286.185627][ T5770] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 286.671055][ T6858] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 286.765268][ T6858] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 288.774374][ T6858] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 288.853973][ T6858] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 289.182362][ T7009] loop3: detected capacity change from 0 to 1024 [ 289.581796][ T7009] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 289.599672][ T7009] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 290.047825][ T7009] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #15: block 3: comm syz.3.197: lblock 3 mapped to illegal pblock 3 (length 3) [ 290.091899][ T7009] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 290.098052][ T7018] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.197: bg 0: block 112: padding at end of block bitmap is not set [ 290.104915][ T7009] EXT4-fs (loop3): This should not happen!! Data will be lost [ 290.104915][ T7009] [ 290.224723][ T7018] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 4 with error 117 [ 290.256532][ T7023] loop5: detected capacity change from 0 to 1024 [ 290.272050][ T7018] EXT4-fs (loop3): This should not happen!! Data will be lost [ 290.272050][ T7018] [ 290.479325][ T7023] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 290.508583][ T7023] ext4 filesystem being mounted at /26/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 290.595760][ T7023] EXT4-fs error (device loop5): ext4_lookup:1858: inode #15: comm syz.5.198: inode has both inline data and extents flags [ 290.692583][ T6858] 8021q: adding VLAN 0 to HW filter on device bond0 [ 290.862005][ T6190] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.956984][ T6858] 8021q: adding VLAN 0 to HW filter on device team0 [ 291.349156][ T12] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #15: block 8: comm kworker/u4:1: lblock 8 mapped to illegal pblock 8 (length 8) [ 291.371676][ T993] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.379110][ T993] bridge0: port 1(bridge_slave_0) entered forwarding state [ 291.422426][ T12] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 291.555185][ T12] EXT4-fs (loop3): This should not happen!! Data will be lost [ 291.555185][ T12] [ 291.591091][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.598973][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 291.674092][ T48] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 20 with max blocks 48 with error 117 [ 291.723050][ T48] EXT4-fs (loop3): This should not happen!! Data will be lost [ 291.723050][ T48] [ 291.781417][ T1097] hsr_slave_0: left promiscuous mode [ 291.857520][ T6331] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 291.891238][ T1097] hsr_slave_1: left promiscuous mode [ 291.993854][ T1097] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 292.028154][ T1097] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 292.123461][ T1097] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 292.160334][ T1097] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 292.189669][ T7040] loop5: detected capacity change from 0 to 1024 [ 292.238618][ T1097] bridge_slave_1: left allmulticast mode [ 292.272498][ T7040] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 292.314692][ T1097] bridge_slave_1: left promiscuous mode [ 292.410512][ T1097] bridge0: port 2(bridge_slave_1) entered disabled state [ 292.557380][ T1097] bridge_slave_0: left allmulticast mode [ 292.583262][ T6190] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.595765][ T1097] bridge_slave_0: left promiscuous mode [ 292.620520][ T1097] bridge0: port 1(bridge_slave_0) entered disabled state [ 293.481125][ T1097] veth1_macvtap: left promiscuous mode [ 293.489916][ T1097] veth0_macvtap: left promiscuous mode [ 293.515222][ T1097] veth1_vlan: left promiscuous mode [ 293.530524][ T1097] veth0_vlan: left promiscuous mode [ 294.216197][ T7065] loop2: detected capacity change from 0 to 512 [ 294.300559][ T5779] Bluetooth: hci4: command 0x0406 tx timeout [ 294.342269][ T7065] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 294.426533][ T7067] loop3: detected capacity change from 0 to 1024 [ 294.440644][ T7065] ext4 filesystem being mounted at /74/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 294.574496][ T7065] EXT4-fs error (device loop2): ext4_lookup:1858: inode #12: comm syz.2.209: iget: bad i_size value: 2533274857506816 [ 294.606401][ T7067] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 294.719996][ T7067] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 294.799195][ T7072] loop5: detected capacity change from 0 to 8192 [ 295.282499][ T7076] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #15: block 3: comm syz.3.210: lblock 3 mapped to illegal pblock 3 (length 3) [ 295.402533][ T7078] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.210: bg 0: block 112: padding at end of block bitmap is not set [ 295.747481][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 295.747502][ T28] audit: type=1800 audit(1771770054.187:19): pid=7079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.211" name="file2" dev="loop5" ino=1048609 res=0 errno=0 [ 295.924330][ T7079] syz.5.211: attempt to access beyond end of device [ 295.924330][ T7079] loop5: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 295.950613][ T7076] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 295.969625][ T7076] EXT4-fs (loop3): This should not happen!! Data will be lost [ 295.969625][ T7076] [ 295.991679][ T7078] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 4 with error 117 [ 296.010433][ T7078] EXT4-fs (loop3): This should not happen!! Data will be lost [ 296.010433][ T7078] [ 296.509989][ T7083] EXT4-fs error (device loop2): ext4_lookup:1858: inode #12: comm syz.2.209: iget: bad i_size value: 2533274857506816 [ 296.740355][ T7085] netlink: 164 bytes leftover after parsing attributes in process `syz.2.209'. [ 296.981312][ T6008] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #15: block 8: comm kworker/u4:11: lblock 8 mapped to illegal pblock 8 (length 8) [ 297.042024][ T6008] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 297.075037][ T6008] EXT4-fs (loop3): This should not happen!! Data will be lost [ 297.075037][ T6008] [ 297.121275][ T6008] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 20 with max blocks 48 with error 117 [ 297.180678][ T6008] EXT4-fs (loop3): This should not happen!! Data will be lost [ 297.180678][ T6008] [ 299.638269][ T7091] overlayfs: workdir and upperdir must be separate subtrees [ 299.924368][ T7094] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 299.978205][ T1097] team0 (unregistering): Port device team_slave_1 removed [ 300.056951][ T1097] team0 (unregistering): Port device team_slave_0 removed [ 300.107186][ T1097] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 300.176410][ T1097] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 300.722793][ T1097] bond0 (unregistering): Released all slaves [ 301.047005][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 301.058590][ T6331] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 303.348144][ T7125] loop3: detected capacity change from 0 to 128 [ 303.442578][ T5759] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 303.503925][ T6057] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 303.636341][ T6858] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 303.650535][ T5759] usb 6-1: Using ep0 maxpacket: 16 [ 303.668419][ T5759] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 303.708032][ T5759] usb 6-1: config 1 has no interface number 1 [ 303.720562][ T5759] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 303.765796][ T5759] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 304.753029][ T7140] loop3: detected capacity change from 0 to 1024 [ 304.923420][ T7140] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 305.487139][ T5759] usb 6-1: string descriptor 0 read error: -71 [ 305.493862][ T5759] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 305.509175][ T5759] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 305.520652][ T7140] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 305.580425][ T5759] usb 6-1: can't set config #1, error -71 [ 305.639203][ T5759] usb 6-1: USB disconnect, device number 4 [ 305.814256][ T7140] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #15: block 3: comm syz.3.224: lblock 3 mapped to illegal pblock 3 (length 3) [ 305.829455][ T7140] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 305.843021][ T7140] EXT4-fs (loop3): This should not happen!! Data will be lost [ 305.843021][ T7140] [ 305.863820][ T7149] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.224: bg 0: block 112: padding at end of block bitmap is not set [ 305.916199][ T7149] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 4 with error 117 [ 305.932031][ T7149] EXT4-fs (loop3): This should not happen!! Data will be lost [ 305.932031][ T7149] [ 306.107070][ T12] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #15: block 8: comm kworker/u4:1: lblock 8 mapped to illegal pblock 8 (length 8) [ 306.185048][ T12] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 306.223787][ T12] EXT4-fs (loop3): This should not happen!! Data will be lost [ 306.223787][ T12] [ 306.258701][ T12] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 20 with max blocks 48 with error 117 [ 306.330102][ T12] EXT4-fs (loop3): This should not happen!! Data will be lost [ 306.330102][ T12] [ 306.412526][ T6331] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 307.036366][ T6858] veth0_vlan: entered promiscuous mode [ 307.165755][ T6858] veth1_vlan: entered promiscuous mode [ 307.492353][ T6858] veth0_macvtap: entered promiscuous mode [ 307.556414][ T6858] veth1_macvtap: entered promiscuous mode [ 307.668783][ T7175] loop2: detected capacity change from 0 to 1024 [ 307.799406][ T6858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 307.877149][ T6858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 307.913003][ T6858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 307.936340][ T6858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 307.947545][ T6858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 307.963069][ T6858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 308.048305][ T6858] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 308.215343][ T6858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.015625][ T6858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.015655][ T6858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.015674][ T6858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.015692][ T6858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.015706][ T6858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.017401][ T6858] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 310.044240][ T6858] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.044336][ T6858] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.044367][ T6858] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.044396][ T6858] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.711818][ T1097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 310.719994][ T1097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 311.143507][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 311.173596][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 311.835234][ T7209] loop6: detected capacity change from 0 to 512 [ 311.887665][ T7209] EXT4-fs: Ignoring removed orlov option [ 311.924378][ T7209] EXT4-fs: Ignoring removed mblk_io_submit option [ 312.053696][ T7218] Illegal XDP return value 817241600 on prog (id 14) dev syz_tun, expect packet loss! [ 312.066524][ T7209] EXT4-fs error (device loop6): ext4_iget_extra_inode:4732: inode #15: comm syz.6.173: corrupted in-inode xattr: e_value size too large [ 312.167630][ T7209] EXT4-fs error (device loop6): ext4_orphan_get:1403: comm syz.6.173: couldn't read orphan inode 15 (err -117) [ 312.213416][ T7209] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 315.138065][ T6858] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 315.183573][ T7240] loop2: detected capacity change from 0 to 2048 [ 315.291760][ T7244] loop5: detected capacity change from 0 to 128 [ 315.307523][ T7240] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 318.178739][ T7251] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 318.194635][ T7251] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 3 with error 28 [ 318.208235][ T7251] EXT4-fs (loop2): This should not happen!! Data will be lost [ 318.208235][ T7251] [ 318.219583][ T7251] EXT4-fs (loop2): Total free blocks count 0 [ 318.227638][ T7251] EXT4-fs (loop2): Free/Dirty block details [ 318.235330][ T7251] EXT4-fs (loop2): free_blocks=2415919504 [ 318.242105][ T7251] EXT4-fs (loop2): dirty_blocks=46976 [ 318.248050][ T7251] EXT4-fs (loop2): Block reservation details [ 318.255937][ T7251] EXT4-fs (loop2): i_reserved_data_blocks=2424 [ 318.267787][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.282556][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.390056][ T7249] loop6: detected capacity change from 0 to 1024 [ 318.419524][ T12] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 4 with max blocks 2048 with error 28 [ 318.558447][ T7249] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 318.968342][ T7256] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4047: comm syz.6.241: Allocating blocks 497-513 which overlap fs metadata [ 319.257105][ T7256] EXT4-fs (loop6): pa ffff8880768a4000: logic 128, phys. 385, len 8 [ 319.266215][ T7256] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5388: group 0, free 0, pa_free 1 [ 320.693520][ T5785] Bluetooth: hci1: command 0x0406 tx timeout [ 320.702616][ T6858] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.772538][ T993] EXT4-fs: 23 callbacks suppressed [ 320.772556][ T993] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28 [ 320.795025][ T993] EXT4-fs (loop2): This should not happen!! Data will be lost [ 320.795025][ T993] [ 320.820418][ T993] EXT4-fs (loop2): Total free blocks count 0 [ 320.827569][ T993] EXT4-fs (loop2): Free/Dirty block details [ 320.834252][ T993] EXT4-fs (loop2): free_blocks=2415919504 [ 320.850284][ T993] EXT4-fs (loop2): dirty_blocks=40848 [ 320.855792][ T993] EXT4-fs (loop2): Block reservation details [ 320.881392][ T993] EXT4-fs (loop2): i_reserved_data_blocks=384 [ 322.874890][ T28] audit: type=1326 audit(1771770081.617:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.6.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3399c629 code=0x7ffc0000 [ 323.073769][ T28] audit: type=1326 audit(1771770081.667:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.6.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f8a3399c629 code=0x7ffc0000 [ 323.184425][ T28] audit: type=1326 audit(1771770081.667:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.6.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3399c629 code=0x7ffc0000 [ 323.212252][ T28] audit: type=1326 audit(1771770081.667:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.6.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3399c629 code=0x7ffc0000 [ 323.239749][ T28] audit: type=1326 audit(1771770081.677:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.6.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f8a3399c629 code=0x7ffc0000 [ 323.367269][ T7273] loop6: detected capacity change from 0 to 512 [ 323.386951][ T7273] EXT4-fs: Ignoring removed oldalloc option [ 324.201641][ T7273] EXT4-fs (loop6): 1 truncate cleaned up [ 324.209067][ T7273] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 324.299584][ T28] audit: type=1326 audit(1771770081.677:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.6.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3399c629 code=0x7ffc0000 [ 324.328131][ T28] audit: type=1326 audit(1771770081.677:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.6.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3399c629 code=0x7ffc0000 [ 324.404619][ T28] audit: type=1326 audit(1771770081.677:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.6.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8a3399c629 code=0x7ffc0000 [ 324.501126][ T28] audit: type=1326 audit(1771770081.677:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.6.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3399c629 code=0x7ffc0000 [ 324.525690][ T28] audit: type=1326 audit(1771770081.677:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.6.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3399c629 code=0x7ffc0000 [ 324.557296][ T6858] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.865371][ T7280] loop6: detected capacity change from 0 to 512 [ 324.885837][ T7280] EXT4-fs: Ignoring removed orlov option [ 324.915850][ T7280] EXT4-fs: Ignoring removed mblk_io_submit option [ 324.996127][ T7280] EXT4-fs error (device loop6): ext4_iget_extra_inode:4732: inode #15: comm syz.6.249: corrupted in-inode xattr: e_value size too large [ 325.051911][ T7280] EXT4-fs error (device loop6): ext4_orphan_get:1403: comm syz.6.249: couldn't read orphan inode 15 (err -117) [ 325.113123][ T7280] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 325.734427][ T6858] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.702077][ T7301] loop6: detected capacity change from 0 to 2048 [ 327.742563][ T7304] netlink: 'syz.5.253': attribute type 11 has an invalid length. [ 327.786347][ T7301] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 328.312596][ T7307] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 331.639297][ T7316] EXT4-fs (loop6): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 3 with error 28 [ 331.654148][ T7316] EXT4-fs (loop6): This should not happen!! Data will be lost [ 331.654148][ T7316] [ 331.664585][ T7316] EXT4-fs (loop6): Total free blocks count 0 [ 331.671738][ T7316] EXT4-fs (loop6): Free/Dirty block details [ 331.678036][ T7316] EXT4-fs (loop6): free_blocks=2415919504 [ 331.684651][ T7316] EXT4-fs (loop6): dirty_blocks=46976 [ 331.691538][ T7316] EXT4-fs (loop6): Block reservation details [ 331.697920][ T7316] EXT4-fs (loop6): i_reserved_data_blocks=2424 [ 331.905276][ T6008] EXT4-fs (loop6): Delayed block allocation failed for inode 19 at logical offset 4 with max blocks 2048 with error 28 [ 332.324762][ T7325] loop5: detected capacity change from 0 to 2048 [ 332.435678][ T7325] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 335.391354][ T7332] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 335.411002][ T7332] EXT4-fs (loop5): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 3 with error 28 [ 335.431246][ T7332] EXT4-fs (loop5): This should not happen!! Data will be lost [ 335.431246][ T7332] [ 335.445693][ T7332] EXT4-fs (loop5): Total free blocks count 0 [ 335.454416][ T7332] EXT4-fs (loop5): Free/Dirty block details [ 335.463931][ T7332] EXT4-fs (loop5): free_blocks=2415919504 [ 335.470974][ T7332] EXT4-fs (loop5): dirty_blocks=46976 [ 335.476919][ T7332] EXT4-fs (loop5): Block reservation details [ 335.483905][ T7332] EXT4-fs (loop5): i_reserved_data_blocks=2424 [ 335.643911][ T6008] EXT4-fs: 23 callbacks suppressed [ 335.643931][ T6008] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28 [ 335.747477][ T59] EXT4-fs (loop5): Delayed block allocation failed for inode 19 at logical offset 4 with max blocks 2048 with error 28 [ 336.260275][ T6008] EXT4-fs (loop6): This should not happen!! Data will be lost [ 336.260275][ T6008] [ 336.300198][ T6008] EXT4-fs (loop6): Total free blocks count 0 [ 336.307012][ T6008] EXT4-fs (loop6): Free/Dirty block details [ 336.360380][ T6008] EXT4-fs (loop6): free_blocks=2415919504 [ 336.382777][ T6008] EXT4-fs (loop6): dirty_blocks=40848 [ 336.412967][ T6008] EXT4-fs (loop6): Block reservation details [ 336.435012][ T6008] EXT4-fs (loop6): i_reserved_data_blocks=384 [ 337.521533][ T5785] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 337.541450][ T5785] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 337.551747][ T5785] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 337.632798][ T5785] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 337.650557][ T5785] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 337.658306][ T5785] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 337.984035][ T7358] loop3: detected capacity change from 0 to 128 [ 338.066919][ T7358] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 338.181242][ T7358] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 338.388135][ T28] kauditd_printk_skb: 12 callbacks suppressed [ 338.388156][ T28] audit: type=1800 audit(1771770097.127:42): pid=7358 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.263" name="bus" dev="loop3" ino=125 res=0 errno=0 [ 338.557917][ T7358] loop3: detected capacity change from 128 to 64 [ 338.881679][ T7349] chnl_net:caif_netlink_parms(): no params data found [ 339.007777][ T6331] syz-executor: attempt to access beyond end of device [ 339.007777][ T6331] loop3: rw=2049, sector=83, nr_sectors = 1 limit=64 [ 339.050223][ T6331] Buffer I/O error on dev loop3, logical block 83, lost sync page write [ 339.560781][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 339.718548][ T5785] Bluetooth: hci3: command tx timeout [ 339.783597][ T6008] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 339.835353][ T7349] bridge0: port 1(bridge_slave_0) entered blocking state [ 339.848404][ T7349] bridge0: port 1(bridge_slave_0) entered disabled state [ 339.864634][ T7349] bridge_slave_0: entered allmulticast mode [ 339.891919][ T7349] bridge_slave_0: entered promiscuous mode [ 339.952387][ T7349] bridge0: port 2(bridge_slave_1) entered blocking state [ 339.990357][ T7349] bridge0: port 2(bridge_slave_1) entered disabled state [ 339.997977][ T7349] bridge_slave_1: entered allmulticast mode [ 340.033448][ T7349] bridge_slave_1: entered promiscuous mode [ 340.294210][ T6008] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 340.583101][ T6008] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 340.673783][ T7349] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 340.732795][ T7349] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 340.921171][ T6008] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 341.306364][ T7349] team0: Port device team_slave_0 added [ 341.350362][ T7349] team0: Port device team_slave_1 added [ 341.377517][ T5779] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 341.409323][ T5779] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 341.422935][ T5779] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 341.443546][ T5779] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 341.471045][ T5779] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 341.485839][ T7349] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 341.500483][ T5779] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 341.520965][ T7349] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 341.590472][ T7349] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 341.701263][ T7349] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 341.709266][ T7349] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 341.790689][ T5779] Bluetooth: hci3: command tx timeout [ 341.820410][ T7349] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 342.153876][ T7349] hsr_slave_0: entered promiscuous mode [ 342.171930][ T7349] hsr_slave_1: entered promiscuous mode [ 342.194518][ T7349] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 342.210409][ T7349] Cannot create hsr debugfs directory [ 342.422292][ T6858] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 342.693580][ T7399] loop6: detected capacity change from 0 to 512 [ 342.765595][ T7399] EXT4-fs error (device loop6): ext4_get_branch:178: inode #13: block 2: comm syz.6.256: invalid block [ 342.823853][ T7399] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #13: comm syz.6.256: invalid indirect mapped block 10 (level 1) [ 342.840074][ T7399] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #13: comm syz.6.256: invalid indirect mapped block 8 (level 1) [ 342.926963][ T7399] EXT4-fs (loop6): 1 truncate cleaned up [ 342.980488][ T7399] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 343.090310][ T7399] EXT4-fs (loop6): shut down requested (2) [ 343.167315][ T6190] EXT4-fs: 31 callbacks suppressed [ 343.167506][ T6190] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 343.690503][ T5779] Bluetooth: hci0: command tx timeout [ 343.880488][ T5779] Bluetooth: hci3: command tx timeout [ 344.011848][ T6858] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.201657][ T7419] No such timeout policy "syz1" [ 346.718120][ T5785] Bluetooth: hci3: command tx timeout [ 346.724218][ T5779] Bluetooth: hci0: command tx timeout [ 347.060439][ T7389] chnl_net:caif_netlink_parms(): no params data found [ 347.158971][ T7426] loop5: detected capacity change from 0 to 256 [ 347.193638][ T7426] exfat: Unknown parameter '0x000000003a736e6fÿÿU;$yúäÉGbTò{p¤¼þ°£‡¨¨ÅSß/įÃï¶՞z®*úŠ¥' [ 347.830568][ T7349] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 347.858400][ T7349] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 347.886754][ T7349] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 347.956066][ T7349] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 348.067636][ T7389] bridge0: port 1(bridge_slave_0) entered blocking state [ 348.076699][ T7389] bridge0: port 1(bridge_slave_0) entered disabled state [ 348.084376][ T7389] bridge_slave_0: entered allmulticast mode [ 348.100690][ T7389] bridge_slave_0: entered promiscuous mode [ 348.158219][ T6008] hsr_slave_0: left promiscuous mode [ 348.177634][ T6008] hsr_slave_1: left promiscuous mode [ 348.184976][ T6008] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 348.208723][ T6008] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 350.021418][ T5779] Bluetooth: hci0: command tx timeout [ 350.082761][ T6008] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 350.104175][ T6008] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 350.117366][ T6008] bridge_slave_1: left allmulticast mode [ 350.137181][ T6008] bridge_slave_1: left promiscuous mode [ 350.150669][ T6008] bridge0: port 2(bridge_slave_1) entered disabled state [ 350.198788][ T6008] bridge_slave_0: left allmulticast mode [ 350.209544][ T6008] bridge_slave_0: left promiscuous mode [ 350.222660][ T6008] bridge0: port 1(bridge_slave_0) entered disabled state [ 350.261906][ T7442] loop6: detected capacity change from 0 to 1024 [ 350.290159][ T6008] veth1_macvtap: left promiscuous mode [ 350.299273][ T7442] EXT4-fs: Ignoring removed orlov option [ 350.305506][ T6008] veth0_macvtap: left promiscuous mode [ 350.312405][ T6008] veth1_vlan: left promiscuous mode [ 350.317832][ T6008] veth0_vlan: left promiscuous mode [ 350.367481][ T7442] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 351.131960][ T6858] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.181111][ T5779] Bluetooth: hci0: command tx timeout [ 352.456881][ T7452] loop6: detected capacity change from 0 to 1024 [ 352.472114][ T7452] EXT4-fs: Ignoring removed orlov option [ 352.485332][ T7452] EXT4-fs: Ignoring removed bh option [ 352.493646][ T7452] ext4: Unknown parameter 'seclabel' [ 355.622339][ T7472] loop5: detected capacity change from 0 to 512 [ 357.884107][ T6008] team0 (unregistering): Port device team_slave_1 removed [ 462.960148][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 462.967240][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P1005/1:b..l [ 462.975928][ C1] rcu: (detected by 1, t=10502 jiffies, g=29589, q=396471 ncpus=2) [ 462.984097][ C1] task:kworker/u4:7 state:R running task stack:22632 pid:1005 ppid:2 flags:0x00004000 [ 462.996409][ C1] Workqueue: bat_events batadv_nc_worker [ 463.002167][ C1] Call Trace: [ 463.005518][ C1] [ 463.008515][ C1] __schedule+0x1553/0x45a0 [ 463.013264][ C1] ? asan.module_dtor+0x20/0x20 [ 463.018186][ C1] ? mark_lock+0x94/0x320 [ 463.022673][ C1] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 463.028732][ C1] ? preempt_schedule_irq+0xb4/0x150 [ 463.034098][ C1] preempt_schedule_irq+0xbf/0x150 [ 463.039378][ C1] ? preempt_schedule_notrace+0x110/0x110 [ 463.045794][ C1] ? rcu_irq_exit_check_preempt+0xdf/0x210 [ 463.051689][ C1] irqentry_exit+0x67/0x70 [ 463.056217][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 463.062981][ C1] RIP: 0010:lock_acquire+0x208/0x420 [ 463.068422][ C1] Code: f7 84 24 80 00 00 00 00 02 00 00 43 c6 44 3c 04 f8 0f 85 f0 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 3c 00 00 00 00 43 c7 44 3c 08 00 00 00 00 65 48 8b 04 25 [ 463.088361][ C1] RSP: 0018:ffffc900042ffa40 EFLAGS: 00000206 [ 463.094493][ C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 750d28f02fc9dc00 [ 463.102522][ C1] RDX: 0000000000000000 RSI: ffffffff8acada80 RDI: ffffffff8b1c82e0 [ 463.110560][ C1] RBP: ffffc900042ffb48 R08: dffffc0000000000 R09: 1ffffffff2237ea0 [ 463.118773][ C1] R10: dffffc0000000000 R11: fffffbfff2237ea1 R12: 1ffff9200085ff54 [ 463.126870][ C1] R13: ffffffff8d131fa0 R14: 0000000000000246 R15: dffffc0000000000 [ 463.134950][ C1] ? batadv_nc_worker+0xd2/0x610 [ 463.139979][ C1] ? read_lock_is_recursive+0x20/0x20 [ 463.145430][ C1] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 463.151491][ C1] ? batadv_nc_worker+0xd2/0x610 [ 463.156504][ C1] batadv_nc_worker+0xef/0x610 [ 463.161365][ C1] ? batadv_nc_worker+0xd2/0x610 [ 463.166510][ C1] ? process_scheduled_works+0x96f/0x15d0 [ 463.172319][ C1] process_scheduled_works+0xa5d/0x15d0 [ 463.177990][ C1] ? assign_work+0x430/0x430 [ 463.182672][ C1] ? assign_work+0x3d0/0x430 [ 463.187343][ C1] worker_thread+0xa55/0xfc0 [ 463.192013][ C1] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 463.198020][ C1] ? _raw_spin_unlock+0x40/0x40 [ 463.202956][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 463.208948][ C1] kthread+0x2fa/0x390 [ 463.213095][ C1] ? pr_cont_work+0x560/0x560 [ 463.217871][ C1] ? kthread_blkcg+0xd0/0xd0 [ 463.222532][ C1] ret_from_fork+0x48/0x80 [ 463.227093][ C1] ? kthread_blkcg+0xd0/0xd0 [ 463.230363][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 463.231779][ C1] ret_from_fork_asm+0x11/0x20 [ 463.238275][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 463.242891][ C1] [ 463.242916][ C1] rcu: rcu_preempt kthread starved for 10486 jiffies! g29589 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 463.242939][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 463.242948][ C1] rcu: RCU grace-period kthread stack dump: [ 463.242956][ C1] task:rcu_preempt state:R running task stack:26960 pid:17 ppid:2 flags:0x00004000 [ 463.290797][ C1] Call Trace: [ 463.294126][ C1] [ 463.297108][ C1] __schedule+0x1553/0x45a0 [ 463.301722][ C1] ? _raw_spin_unlock_irqrestore+0x111/0x120 [ 463.307806][ C1] ? asan.module_dtor+0x20/0x20 [ 463.312756][ C1] ? enqueue_timer+0x23d/0x550 [ 463.317596][ C1] ? __mod_timer+0x984/0xdb0 [ 463.322276][ C1] schedule+0xbd/0x170 [ 463.326507][ C1] schedule_timeout+0x188/0x2d0 [ 463.329609][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 463.331772][ C1] ? console_conditional_schedule+0x40/0x40 [ 463.331799][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 463.331823][ C1] ? update_process_times+0x1b0/0x1b0 [ 463.355749][ C1] ? prepare_to_swait_event+0x339/0x360 [ 463.361458][ C1] rcu_gp_fqs_loop+0x313/0x1590 [ 463.366971][ C1] ? rcu_gp_init+0x1162/0x1560 [ 463.371809][ C1] ? rcu_gp_kthread+0x3b0/0x3b0 [ 463.376759][ C1] ? dyntick_save_progress_counter+0x2b0/0x2b0 [ 463.380435][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 463.383236][ C1] ? rcu_gp_init+0x1560/0x1560 [ 463.383262][ C1] ? rcu_gp_cleanup+0xb41/0xc90 [ 463.399277][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 463.404565][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 463.410117][ C1] rcu_gp_kthread+0x9d/0x3b0 [ 463.414867][ C1] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 463.420135][ C1] ? __kthread_parkme+0x7a/0x1c0 [ 463.425353][ C1] ? __kthread_parkme+0x162/0x1c0 [ 463.430532][ C1] kthread+0x2fa/0x390 [ 463.434667][ C1] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 463.439928][ C1] ? kthread_blkcg+0xd0/0xd0 [ 463.444600][ C1] ret_from_fork+0x48/0x80 [ 463.449172][ C1] ? kthread_blkcg+0xd0/0xd0 [ 463.453915][ C1] ret_from_fork_asm+0x11/0x20 [ 463.458843][ C1] [ 463.461913][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 463.468375][ C1] Sending NMI from CPU 1 to CPUs 0: [ 463.473828][ C0] NMI backtrace for cpu 0 [ 463.473863][ C0] CPU: 0 PID: 5121 Comm: syslogd Not tainted syzkaller #0 [ 463.473878][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 463.473888][ C0] RIP: 0010:update_load_avg+0x70/0x13d0 [ 463.473923][ C0] Code: 89 6c 24 1c 0f 85 62 10 00 00 4c 8d b5 70 01 00 00 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 03 75 7f 00 4d 8b 3e <48> c7 c0 6c 13 8b 8e 48 c1 e8 03 42 0f b6 04 20 84 c0 0f 85 c1 10 [ 463.473938][ C0] RSP: 0018:ffffc900032c74c8 EFLAGS: 00000046 [ 463.473952][ C0] RAX: 1ffff1100b89c62e RBX: ffff88802ce69e80 RCX: dffffc0000000000 [ 463.473965][ C0] RDX: 0000000000000001 RSI: ffff88802ce69e80 RDI: ffff88805c4e3000 [ 463.473977][ C0] RBP: ffff88805c4e3000 R08: ffffffff8e8adeaf R09: 1ffffffff1d15bd5 [ 463.473989][ C0] R10: dffffc0000000000 R11: fffffbfff1d15bd6 R12: dffffc0000000000 [ 463.474001][ C0] R13: 0000000000000001 R14: ffff88805c4e3170 R15: ffff8880b8e3c000 [ 463.474013][ C0] FS: 00007fa6e0a7cc80(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 463.474027][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 463.474037][ C0] CR2: 000055cc6d1a6a38 CR3: 000000002f3bb000 CR4: 00000000003506f0 [ 463.474053][ C0] Call Trace: [ 463.474059][ C0] [ 463.474065][ C0] ? __dequeue_entity+0x50/0xa30 [ 463.474089][ C0] set_next_entity+0x107/0x490 [ 463.474107][ C0] set_next_task_fair+0x1de/0x330 [ 463.474127][ C0] __schedule+0x3cb8/0x45a0 [ 463.474159][ C0] ? stack_trace_snprint+0xf0/0xf0 [ 463.474184][ C0] ? asan.module_dtor+0x20/0x20 [ 463.474209][ C0] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 463.474230][ C0] ? lock_chain_count+0x20/0x20 [ 463.474252][ C0] schedule+0xbd/0x170 [ 463.474274][ C0] schedule_timeout+0xc1/0x2d0 [ 463.474290][ C0] ? console_conditional_schedule+0x40/0x40 [ 463.474311][ C0] ? prepare_to_wait_exclusive+0x82/0x220 [ 463.474335][ C0] __skb_wait_for_more_packets+0x3ac/0x590 [ 463.474364][ C0] ? skb_checksum_setup_ip+0xab0/0xab0 [ 463.474385][ C0] ? __skb_wait_for_more_packets+0x590/0x590 [ 463.474408][ C0] ? sock_load_diag_module+0x140/0x140 [ 463.474438][ C0] __unix_dgram_recvmsg+0x2a4/0xd80 [ 463.474467][ C0] ? unix_unhash+0x10/0x10 [ 463.474490][ C0] ? aa_af_perm+0x330/0x330 [ 463.474514][ C0] ? aa_file_perm+0x3e3/0xee0 [ 463.474535][ C0] ? verify_lock_unused+0x140/0x140 [ 463.474556][ C0] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 463.474578][ C0] ? security_socket_recvmsg+0x89/0xb0 [ 463.474597][ C0] ? unix_dgram_recvmsg+0xad/0xd0 [ 463.474623][ C0] sock_read_iter+0x2d9/0x3e0 [ 463.474642][ C0] ? kernel_sock_ip_overhead+0x5a0/0x5a0 [ 463.474665][ C0] ? common_file_perm+0x198/0x1f0 [ 463.474688][ C0] vfs_read+0x46a/0x970 [ 463.474715][ C0] ? kernel_read+0x1e0/0x1e0 [ 463.474735][ C0] ? rcu_is_watching+0x15/0xb0 [ 463.474764][ C0] ? __fdget_pos+0x1d8/0x330 [ 463.474789][ C0] ksys_read+0x150/0x260 [ 463.474813][ C0] ? vfs_write+0x990/0x990 [ 463.474843][ C0] ? lockdep_hardirqs_on+0x98/0x150 [ 463.474863][ C0] do_syscall_64+0x55/0xa0 [ 463.474885][ C0] ? clear_bhb_loop+0x40/0x90 [ 463.474903][ C0] ? clear_bhb_loop+0x40/0x90 [ 463.474922][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 463.474939][ C0] RIP: 0033:0x7fa6e0bcc407 [ 463.474958][ C0] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 463.474972][ C0] RSP: 002b:00007ffdd255ff80 EFLAGS: 00000202 ORIG_RAX: 0000000000000000 [ 463.474987][ C0] RAX: ffffffffffffffda RBX: 00007fa6e0a7cc80 RCX: 00007fa6e0bcc407 [ 463.474999][ C0] RDX: 00000000000000ff RSI: 0000565351204950 RDI: 0000000000000000 [ 463.475008][ C0] RBP: 0000565351204910 R08: 0000000000000000 R09: 0000000000000000 [ 463.475018][ C0] R10: 0000000000000000 R11: 0000000000000202 R12: 00005653512049a7 [ 463.475028][ C0] R13: 0000000000000000 R14: 0000565351204950 R15: 0000565326231d98 [ 463.475047][ C0] [ 464.430814][ T6008] team0 (unregistering): Port device team_slave_0 removed [ 464.504855][ T6008] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface SYZFAIL: failed to send rpc fd=3 want=768 sent=0 n=-1 (errno 32: Broken pipe) [ 465.360148][ T5784] Bluetooth: hci3: command 0x0406 tx timeout [ 465.366282][ T5784] Bluetooth: hci2: command 0x0406 tx timeout [ 465.584702][ T6008] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 467.606089][ T6008] bond0 (unregistering): Released all slaves [ 468.360242][ T5785] Bluetooth: hci0: command 0x0406 tx timeout [ 471.166864][ T7389] bridge0: port 2(bridge_slave_1) entered blocking state [ 471.190465][ T7389] bridge0: port 2(bridge_slave_1) entered disabled state [ 471.197821][ T7389] bridge_slave_1: entered allmulticast mode [ 471.575207][ T7389] bridge_slave_1: entered promiscuous mode [ 471.591091][ T7475] netlink: 8 bytes leftover after parsing attributes in process `syz.5.283'.