last executing test programs: 31.271325853s ago: executing program 1 (id=654): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000200)=[@increfs={0x40046316}], 0x0, 0x0, 0x0}) 31.248789869s ago: executing program 1 (id=656): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socket$key(0xf, 0x3, 0x2) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000540)=ANY=[@ANYBLOB="58010000100013070000000000000000fc020000000000000000000000000001ac1414bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141417000000000000000000000000000004d333000000e000000100000000000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000220000000000000000000000000000000200000000000000000000005c001400636d616328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x158}}, 0x0) 31.165610548s ago: executing program 1 (id=658): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x2, 0x0, {{@in6=@local, @in6=@local, 0x3, 0x0, 0x4e22, 0xc9b, 0xa, 0x10, 0x30, 0x0, 0x0, 0xee01}, {0x804000000, 0x7f, 0x10000000007, 0x3, 0x0, 0xfffffffffffffffd, 0x5, 0x1}, {0x100000ffffffff, 0x0, 0x0, 0x5}, 0x0, 0x0, 0x1, 0x1, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x84811}, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "560440", 0x14, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2, 0x0, 0x0, 0x4}}}}}}}, 0x0) 31.165171932s ago: executing program 1 (id=659): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f00000005c0)={[{@barrier_val={'barrier', 0x3d, 0x9226}}, {@init_itable}, {@inlinecrypt}]}, 0x3, 0x470, &(0x7f0000000dc0)="$eJzs3M1vG0UbAPBn13H65k0hoZSvlo9AQVQIkqYt0AMHQCBxKBISHOBoJaEqTQtqgkSrSKQcygkhJO6II/8CJ7ggxAmJK9xRpQr1QsvJaL27iZ3YTtPYcYt/P8ntM/vhmce7Y8/u2AlgaE1l/yQReyPi94iYyIutG0zl/12/tjJ349rKXBL1+tt/JY3t/r62MlduWu433lyIJA62qXfpwsUztcXFhfNFeWb57EczSxcuPnf6bO3UwqmFc0dPnDh+bPbFF44+35M8xyMtojfe++rNk1+05L8hjx6Z6rbyqXq9x9UN1l1N8cgA28H2VIrjVW30/4moNB29iXj9s7XCpwNqINA39Xq9Pt559Wod+A9LorWsy8OwKD/oy+vfdtfBL/dt9DF4V1/JL4CyvK8Xj3zNyNodg+qG69temoqId1f/+SZ7RH/uQwAAtPghG/88m412Vuayscf6+CON+5u2u7uYG5qMiHsiYl9E3BvnYn9E3BfR2PaBiHhwm/U3TZI0hpmbxz/plVtO7iZk47+Xirmt1vFfOfqLyUqjdCEvRDV5//TiwpHiNTkc1T1ZebZLHT++9tuXndY1j/+yR1Z/ORYs2nFlZE/rPvO15dqtZ9zq6qWIAyPt8k/WZgKSiHgoIg60e4J06zpOP/Pdw53WbZ1/Fz2YaKp/G/F0fvxXY0P+paT7/OTM/2Jx4chMeVZs9suvl9/qVP+O8u+B7Pj/v+35v5b/ZNI8X7u0/Tou//F5x2uaqWoRbOP8X60t10aTdxrxaLHsk9ry8vnZiNHkZN7o5uVH1/cty+X2Wf6HD7Xv//ti/ZU4GBHZSfxIRDwaEY8Vx+7xiHgiIg51yf/nV5/8YOOysTL/2+D4z2/r+K8Ho9G6JG2zTRZUzvz0fUulk+thkf+N7u9/xxvR4WLJzbz/bW5F+2Cnrx8AAADcCdKI2BtJOr0Wp+n0dP4d/v351Hfm43Pz+W8EJqOalne6Jpruh84Wl/V5+VJE5F8tKNcfi7Rx3/jrylijPD334eL8QDMHxjv0/8yflUG3Dug7P9iC4aX/w/Dq2v+ru9cOYPdt6v9d+/yevrYF2F1tPv/HBtEOYPe1G//7ez8wHDb0f9N+METc/4fhpf/D8NL/YSgtjcXWP5LvGpTPdIu7bxVMROy0hYMJonpbNKNvQaR9r2K0v6dW34LkDmzzpmBw70kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99G8AAAD//1KFzjw=") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) 31.136362612s ago: executing program 1 (id=661): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000240)={0x2b, 0x1418, 0x1, 0x0, 0x2, "", [{{0x8}, {0x8}}, {{0x8}, {0x8, 0x3, 0x3}}, {{0x8, 0x1, 0x1}, {0x8, 0x3, 0x6}}]}, 0x40}}, 0x40000) 30.517735553s ago: executing program 1 (id=669): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x10000, &(0x7f0000000600), 0x1, 0x56e, &(0x7f0000000640)="$eJzs3U9sHFcZAPBvdh0ndU1dm1pqysGBRLh/FNvtSk4NB8IBDhT1UiRUqRysZGMHr2Nju6I2F/fGiQoJBKiiasQBCSRiiQNwqChIHJAIEgIhLNRKIA78aQHhHggBjGZ3NtnYs2bBjhcyv5+02TdvnvO9t5vvafe9iSeAwjqR/pFE9EfE1YgYaBze2uBE4+kblY3ZK5WN2SS2t5/6U1Jvd7myMdts2vy5uyNiPSLuj4jvX4g4d2R33OXVtbnpWq26lB2Pr8wvji+vrp2+OD89U52pXqpUHp+anJw6MznxH4wm2fPsRxffGPrF7JMzL4/8/ekz81/5YxJn6+OOHeM4SHk96kkizt6OYF1QTscTEX0dth+uvvDKbe4SHfrc0OZ4+t7dFxGn6vk/EOX6uxnxvpee+ctAvPd6u5+9uvnS7w6zrwDAwdlOHd37NHBnKkX63T8pjUVEo1wqjY01vsPfF32l2sLyyiMXFp69dL6xRnBvHClduFirTmRrBffGkSQ9frRevnn82I7jSkQMRsSny3fVj8fOLdTOH+pMBzT1R7z+zU+c6717R/7/ttzIf+DOleb/z37w7e+m5bfK3e4NcJjS/P/aW/NPhPyHwpH/UFzyH4pL/kNxyX8oLvkPxSX/objkPxSX/Ifikv9QXK35L/2hmAZHXt1MImL9PXfVH6ne7FzOr+0B7iDb24n/5A8F5bM/FFdPtzsAdI3v+MDevzk74li7E4sH3xfgcJS63QGga0aP2/+DorL+D8Vl/R+Ky2d8wPo/FI/1fyiu/jb3/3pby727JiLinoj4UfnI0ea9voD/X/0Rr7949VvPRJR+n2Sf/0cHTvVPv/Ha91rb9SZ/rW8R9EbEJ1986gvPTa+sLD2a1v/5Rv3KF7P6x7o1GqATzTxt5jFQXMura3PTtVp1SUFBoXCF5jxwubIx23wc1tzzwsMRb76/cRFCGvdK9mic7cnWJo/V9yj7tpJbrlVIDmDv8jOnI9afj4j788afZPc7b+x89G2Vd8V/e/acPo5n6ydpm+EO45fv2V/8B1rij7TEf0eH8Tc/0mHD22Tw692N//Ivs9d/oqcn7/Xf77UxQ//m/BNf3WeAffrNr7sb/9RId+N/fiHi1XT+mcjLv1Kaljd2PnfOP/0t10n/tz41enP+u7Jr/ivdmP/Kbea/Ex3G+eHT1Y/l1Zd/HPHm8xEP5MZvxjtWj9W3VdoV/2TL/PPgHvH/8OGfzuXVn30tYvtyxGjkx2+NNb4yvzi+vLp2+uL89Ex1pnqpUnl8anJy6szkxHh9jXq8uVK925PXhz+QV3/yy43x97WJ3xx/u9d/e48xt1r70sf735lT/5PjjfgPnsx//4ey+I3Xv2dX/Hdlz+m/k39k1/Kmba5FxNGs/qGI+M4rgw/n9etD1xvxz7cZf+mW+LvH/0iH4//sr/75bF79cx/s8C8AAA5U+6WBbvcMAAA4aIex09jtMQL5+rZ6o3UbOFlv2VdYv7mvkNZfy/YXyusRf8v2GNL6h7JdsrScu9EA/M8ZXnv3z7vdBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICiW15dm5uu1apLy93uCXDY/hUAAP//T2kBHQ==") r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000d80)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x5, 0x200000000900, 0xffffffffffffffff, 0x0, 0xc}, {0xffffffff, 0x4, 0x9, 0x9}]}) 30.421947154s ago: executing program 32 (id=669): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x10000, &(0x7f0000000600), 0x1, 0x56e, &(0x7f0000000640)="$eJzs3U9sHFcZAPBvdh0ndU1dm1pqysGBRLh/FNvtSk4NB8IBDhT1UiRUqRysZGMHr2Nju6I2F/fGiQoJBKiiasQBCSRiiQNwqChIHJAIEgIhLNRKIA78aQHhHggBjGZ3NtnYs2bBjhcyv5+02TdvnvO9t5vvafe9iSeAwjqR/pFE9EfE1YgYaBze2uBE4+kblY3ZK5WN2SS2t5/6U1Jvd7myMdts2vy5uyNiPSLuj4jvX4g4d2R33OXVtbnpWq26lB2Pr8wvji+vrp2+OD89U52pXqpUHp+anJw6MznxH4wm2fPsRxffGPrF7JMzL4/8/ekz81/5YxJn6+OOHeM4SHk96kkizt6OYF1QTscTEX0dth+uvvDKbe4SHfrc0OZ4+t7dFxGn6vk/EOX6uxnxvpee+ctAvPd6u5+9uvnS7w6zrwDAwdlOHd37NHBnKkX63T8pjUVEo1wqjY01vsPfF32l2sLyyiMXFp69dL6xRnBvHClduFirTmRrBffGkSQ9frRevnn82I7jSkQMRsSny3fVj8fOLdTOH+pMBzT1R7z+zU+c6717R/7/ttzIf+DOleb/z37w7e+m5bfK3e4NcJjS/P/aW/NPhPyHwpH/UFzyH4pL/kNxyX8oLvkPxSX/objkPxSX/Ifikv9QXK35L/2hmAZHXt1MImL9PXfVH6ne7FzOr+0B7iDb24n/5A8F5bM/FFdPtzsAdI3v+MDevzk74li7E4sH3xfgcJS63QGga0aP2/+DorL+D8Vl/R+Ky2d8wPo/FI/1fyiu/jb3/3pby727JiLinoj4UfnI0ea9voD/X/0Rr7949VvPRJR+n2Sf/0cHTvVPv/Ha91rb9SZ/rW8R9EbEJ1986gvPTa+sLD2a1v/5Rv3KF7P6x7o1GqATzTxt5jFQXMura3PTtVp1SUFBoXCF5jxwubIx23wc1tzzwsMRb76/cRFCGvdK9mic7cnWJo/V9yj7tpJbrlVIDmDv8jOnI9afj4j788afZPc7b+x89G2Vd8V/e/acPo5n6ydpm+EO45fv2V/8B1rij7TEf0eH8Tc/0mHD22Tw692N//Ivs9d/oqcn7/Xf77UxQ//m/BNf3WeAffrNr7sb/9RId+N/fiHi1XT+mcjLv1Kaljd2PnfOP/0t10n/tz41enP+u7Jr/ivdmP/Kbea/Ex3G+eHT1Y/l1Zd/HPHm8xEP5MZvxjtWj9W3VdoV/2TL/PPgHvH/8OGfzuXVn30tYvtyxGjkx2+NNb4yvzi+vLp2+uL89Ex1pnqpUnl8anJy6szkxHh9jXq8uVK925PXhz+QV3/yy43x97WJ3xx/u9d/e48xt1r70sf735lT/5PjjfgPnsx//4ey+I3Xv2dX/Hdlz+m/k39k1/Kmba5FxNGs/qGI+M4rgw/n9etD1xvxz7cZf+mW+LvH/0iH4//sr/75bF79cx/s8C8AAA5U+6WBbvcMAAA4aIex09jtMQL5+rZ6o3UbOFlv2VdYv7mvkNZfy/YXyusRf8v2GNL6h7JdsrScu9EA/M8ZXnv3z7vdBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICiW15dm5uu1apLy93uCXDY/hUAAP//T2kBHQ==") r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000d80)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x5, 0x200000000900, 0xffffffffffffffff, 0x0, 0xc}, {0xffffffff, 0x4, 0x9, 0x9}]}) 2.799421408s ago: executing program 3 (id=1229): r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x270}) r1 = userfaultfd(0x80801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x145}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000300)=0x7) r3 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4) getsockopt$bt_BT_POWER(r3, 0x112, 0x9, &(0x7f0000000180), &(0x7f0000000200)=0x1) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000280)='./bus\x00', 0x1080001, 0x0, 0x1, 0x0, &(0x7f0000000080)) syz_mount_image$fuse(0x0, 0x0, 0x800000, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000100)=ANY=[], 0x1, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x9a043, 0x4) fcntl$setlease(r4, 0x400, 0x0) linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0x1000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xa7f0e000) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x200000}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) keyctl$describe(0x6, 0x0, 0x0, 0xffffffffffffff87) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000001240)={0x1, &(0x7f0000001200)=[{0x2d, 0x0, 0x0, 0x3}]}) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00') pwritev(r5, &(0x7f0000000500)=[{&(0x7f0000000000)='0', 0x1}, {&(0x7f0000000140)='2', 0x1}], 0x2, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x1}) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) 2.429036564s ago: executing program 4 (id=1242): sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000580)={0x4c, 0x0, 0x403, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0xc, 0xf}}}}, [@beacon=[@NL80211_ATTR_IE_ASSOC_RESP={0xd, 0x80, [@mesh_config={0x71, 0x7, {0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x9, 0x40}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x9, 0x80, [@channel_switch={0x25, 0x3, {0x1, 0x8}}]}, @NL80211_ATTR_IE_PROBE_RESP={0x4}, @NL80211_ATTR_IE_PROBE_RESP={0x4}]]}, 0x4c}, 0x1, 0x0, 0x0, 0x280c0}, 0x8800) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 2.397580679s ago: executing program 4 (id=1244): socket$inet6(0xa, 0x5, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000040)={[{@delalloc}, {@errors_remount}, {@quota}, {@noauto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x5}}, {@orlov}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=") chdir(&(0x7f0000000000)='./file0\x00') r0 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x80042, 0x0) ioctl$PTP_PEROUT_REQUEST(r0, 0x40383d03, &(0x7f00000001c0)={{0x7d3117e6, 0x1}, {0x3, 0x67fb}, 0x681}) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$kcm(0x2, 0xa, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b7000000f8180000bfa300000000000007030000f4ffffff620af0fff8ffffff71a4f0ff000000002d040200000000001d400200000000004604000001ed000062030000000000001d440000000000007a0a00fe00ffffffc3030000f1000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0465f2f994114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840b08000000f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e82623951743283070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00a5b4f7e9ad0500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd64}, 0x48) 1.845023709s ago: executing program 3 (id=1260): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) write$UHID_CREATE2(r0, 0x0, 0x119) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81) ioctl$XFS_IOC_FD_TO_HANDLE(r1, 0xc038586a, &(0x7f0000000280)={r1, 0x0, 0x400001, 0x0, 0x5, 0x0, 0x0}) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 1.817988579s ago: executing program 2 (id=1262): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000380)={0x34, r2, 0x1, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x1a}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x15}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x8000) 1.741851907s ago: executing program 2 (id=1263): timer_create(0x7, &(0x7f00000001c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x8, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, [@jmp={0x6, 0x0, 0xc, 0x0, 0x0, 0x1, 0x25}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @exit, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffa}]}, &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x807}, 0x94) 1.741440986s ago: executing program 2 (id=1264): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000000), 0x26, 0x756, &(0x7f00000002c0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4") chdir(&(0x7f0000000240)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x10) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000a80)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x10) ioctl$FS_IOC_ENABLE_VERITY(r1, 0x40806685, &(0x7f0000000a80)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.629968574s ago: executing program 3 (id=1267): syz_80211_inject_frame(0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000640)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x28}}, 0x0) 1.629601944s ago: executing program 2 (id=1269): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0xfdfffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r1, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x4000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1.522166042s ago: executing program 2 (id=1271): r0 = socket$inet6(0xa, 0x5, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000040)={[{@delalloc}, {@errors_remount}, {@quota}, {@noauto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x5}}, {@orlov}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=") chdir(&(0x7f0000000000)='./file0\x00') r1 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x80042, 0x0) ioctl$PTP_PEROUT_REQUEST(r1, 0x40383d03, &(0x7f00000001c0)={{0x7d3117e6, 0x1}, {0x3, 0x67fb}, 0x681}) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$kcm(0x2, 0xa, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_GET_TAGGED_ADDR_CTRL(0x38) capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40}) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b7000000f8180000bfa300000000000007030000f4ffffff620af0fff8ffffff71a4f0ff000000002d040200000000001d400200000000004604000001ed000062030000000000001d440000000000007a0a00fe00ffffffc3030000f1000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0465f2f994114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840b08000000f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e82623951743283070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00a5b4f7e9ad0500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd64}, 0x48) renameat2(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x4) r5 = syz_open_dev$dvb_frontend(&(0x7f00000002c0), 0x0, 0x2) ioctl$FE_SET_FRONTEND(r5, 0x40246f4c, &(0x7f0000000340)={0x30a32c0, 0x1, @ofdm={0x1, 0x13, 0x15, 0x4, 0x4, 0x2, 0x4}}) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x8, 0x10002, 0x0, 0x1}, 0x48) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9, 0x0, r6}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1f, 0xf, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1000000}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x12, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000009c0)={'ip6tnl0\x00', 0x0}) 1.371888171s ago: executing program 4 (id=1274): sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000800)="21ae1baf930b4569b9ddef9797ffd935c7d80e6466b3e4e62dc9603583f5d4b61fbc65b6ac744d7319535e75bf552062e4cfde1ba7ce29263322e18ea9740aa82ca692f123993e57cda00d2b1f4e799bd41e3f76258180fa91a42aaa8b1ebc4e0ea8fb12f2c71e6e5bc57a8e91f254005514721d93c13c5606ae1fea7f31f558d562bd5a8dfb0b9fed873efa221fccffa847cd374c92e6cbb03e6a9de890ce323f000000abcc6c01326d588495b7c1a7db31ec4129e6336f26bb9e0b7552af3cd2d5dda1632799bbc98425c433384d8a8e4071ff39a36dfdfdf05af35a4ddd340cfecd7ec935f4ce7d3e851583ba1cf53a90a7f7bce5703de57ce93ddef7849b30a01de0637e6d5e507b801d32e582e0c2d564539ebfc84c098a23e765552767b122885fb1629e9c180be47da7931bd125b80de15aab0c56a2edf2e0483b87f5ab299dc046076203dea10ccbfc631d5bf4a87ce67004519f248f086346ce6a8a9d181789a59f81d9b7f6781daac3e229914b8b8998c15c3b6302a519331cb05995bc60b7cb872dd3b5b43331c77c5d72e21f7bd2b1a915ff3204e3f20d3a20b22d6a58155b5a4ebf6d1d1cd90c656ecada531c07ff91deb3efa91762cdecfbcc43553750f22ac5c18cc5e8b6f790c2f4e6373af9f98d10e6df49ff8e5cbcbd68e11ed0b967add11410dc2e34f08dbfaf8eb95d4d1153b4c6093192a340eb30fcc71619888c6486746a049585d249efb96b9cace83320b8f96b40ebe3a9a788d05a053380d1026b9434df87a3a387549bcabe88684c4dbf0da9a5212f3dbc8d1dff24085669", 0x245}, {&(0x7f0000000bc0)="ab29d92826349952eb8f7a2a74f535bc9739c1df57144c51a3391625b8b5354134b06ef1355506aeae96e3f097503998f375a054cf3d7de4fe53ea51518955349cdbadca60e1c65cc18dbe99369be03e492fb55fc9067bb6f7f7c3ee1720000000054a63ac58225ed0502f5ac8999e0c74a5dbb320bd54ec813e8bee6bfa5cbfb0726ac1b6ad97d802d5fae186f0769421fb965c7396854e2a3ac844a3769f8449901ba5e2b2da1ff6119aeb26ac204cfc6b54be73b6f195491ae2c0cb26b0cba61dae7a17740e8112ff188919c6e2e31a2a074863edba4a0e58b61faec4a42c29d7f9e48a43b8cb7d3c5a1e5aa67f87538140f8d633a54bceb8b1dda2397ea147d3b26e903f608b6ab1844ea7cf630d828118bba0f0f85e2e6316ae1ed9a2a7d08a05c170cb76bf111930df0cf760f7768571afdefe82a95296cee7c010f748a97046efcc774e7d85edbd5058104fef4942fb4430da89f67d1fea33bf2acfb793a610b3738b393eed8633fc8e8f630932206960e9076c7d7fc99fce018701c50d39b811a7427a7a9fcb340c2755541f228462010ec40ba945a0febd460dad5d548f1be090f5dbaa8ae8835dc47e", 0x1ae}, {&(0x7f0000000140)="f610e61ac81cc3edc86f0500194d27a5a443f10dfd1ecda0fd0ed9a444b7fb76afe3a0002f0a5eafcd3555a6cad574af080de74a37f54ee5f10fe3f42b445293ca980200000000000000ecfd6cc1b3a9a9263506e88c5557069d0ca055991454ec1307b7411892a1beaef9ae54833107eb88b0411b1bc0ba9bc28d0eb6a73ad76be9facd1d9d82b6a3cc2040e84b398d", 0x90}], 0x3, 0x0, 0x0, 0x900}}], 0x1, 0x0) r0 = socket(0x10, 0x803, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000040)="2e00000011008188040f46", 0xb}], 0x1, 0x0, 0x0, 0xc9e}, 0x400c0c0) recvmmsg(0xffffffffffffffff, &(0x7f0000001ec0)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)=""/215, 0xd7}], 0x1}, 0xffff}], 0x1, 0x0, 0x0) sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000000)=""/102, 0x365}, {&(0x7f0000000280)=""/76, 0x14c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/92, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x188}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 1.327908562s ago: executing program 4 (id=1276): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000040)={@val={0x0, 0x6003}, @void, @eth={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x4000, 0x0, 0x3, 0x2f, 0x0, @private=0x1fe1, @multicast1}, {0xa032, 0x6558, 0x10, 0x0, @gue={{0x2, 0x0, 0x1, 0x9}}}}}}}}, 0x36) 1.02222184s ago: executing program 3 (id=1277): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000b80), 0x220000c, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './cgroup'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2000, 0x800, 0x0) 1.020934342s ago: executing program 0 (id=1278): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './cgroup'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]}) syz_mount_image$fuse(&(0x7f0000000540), &(0x7f0000000000)='./bus\x00', 0x322020, &(0x7f0000000580)=ANY=[], 0x3, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0) fstat(r0, &(0x7f0000003340)) 1.009284689s ago: executing program 3 (id=1279): socket(0x2, 0x80805, 0x0) r0 = socket$l2tp(0x2, 0x2, 0x73) bind$l2tp(r0, &(0x7f00000000c0), 0x10) sendto$l2tp(r0, &(0x7f00000002c0)="e5786a0d000000000000003b", 0xc, 0x400c0c1, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2e}, 0x2004}, 0x10) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000000)=0x3, 0x4) recvfrom$l2tp(r0, 0x0, 0x0, 0x2, 0x0, 0x0) 944.130331ms ago: executing program 0 (id=1280): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1}]}, 0x10) bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x400448ca, 0x0) 930.541355ms ago: executing program 4 (id=1281): r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000808, &(0x7f00000001c0)={0xa, 0x4e20, 0x8, @loopback, 0xdbb}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000000c0)=0x59f8, 0x4) sendto$inet6(r0, &(0x7f00000002c0)="8d", 0x1, 0x80001, 0x0, 0x0) recvmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}, 0xfffffffc}], 0x1, 0x22021, 0x0) 761.165567ms ago: executing program 0 (id=1282): syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff) r0 = syz_open_dev$dvb_demux(&(0x7f0000000080), 0x0, 0x41) ioctl$DVB_DEMUX_DMX_SET_FILTER(r0, 0x403c6f2b, &(0x7f0000000000)={0x6, {"771c2e01f8ffffffffffee00", "000900000000000200"}, 0x7, 0x4}) r1 = syz_open_dev$dvb_demux(&(0x7f0000001e00), 0x0, 0x2000) ioctl$DVB_DEMUX_DMX_SET_FILTER(r1, 0x403c6f2b, &(0x7f0000000000)={0x7, {"2ac78e02ff04856af9fb71f0d3fe13be", "c4ac7700", "47eb01004fcc1910259a8800ff4ba4fb"}, 0x4, 0x7}) 681.641421ms ago: executing program 0 (id=1283): socket(0x80000000000000a, 0x2, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000000100000000000000000000850000004100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffd4, 0x0, 0x0, 0x10, 0x2}, 0x94) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000140)={r1, r2, 0x25, 0x2, @val=@netkit}, 0x1c) syz_emit_ethernet(0x4e, &(0x7f0000000300)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x19}, @void, {@ipv6={0x86dd, @tipc_packet={0xc, 0x6, "a32e48", 0x18, 0x6, 0x0, @dev={0xfe, 0x80, '\x00', 0x38}, @ipv4={'\x00', '\xff\xff', @empty}, {[], @payload_conn={{{0x18, 0x0, 0x0, 0x1, 0x1, 0x6, 0x3, 0x2, 0x8, 0x0, 0x0, 0x9, 0x2, 0x0, 0x7ff, 0xd, 0x5, 0x4e24, 0x4e24}}}}}}}}, 0x0) 680.824515ms ago: executing program 0 (id=1284): openat$ttynull(0xffffffffffffff9c, 0x0, 0x129200, 0x0) r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000040)={0x0, 0x0}, 0x8) r3 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000340)=r2, 0x4) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r3, r1, 0x4, r0}, 0x10) 661.299181ms ago: executing program 0 (id=1285): socket$inet6(0xa, 0x5, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000040)={[{@delalloc}, {@errors_remount}, {@quota}, {@noauto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x5}}, {@orlov}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=") chdir(&(0x7f0000000000)='./file0\x00') r0 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x80042, 0x0) ioctl$PTP_PEROUT_REQUEST(r0, 0x40383d03, &(0x7f00000001c0)={{0x7d3117e6, 0x1}, {0x3, 0x67fb}, 0x681}) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$kcm(0x2, 0xa, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b7000000f8180000bfa300000000000007030000f4ffffff620af0fff8ffffff71a4f0ff000000002d040200000000001d400200000000004604000001ed000062030000000000001d440000000000007a0a00fe00ffffffc3030000f1000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0465f2f994114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840b08000000f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e82623951743283070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00a5b4f7e9ad0500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd64}, 0x48) 566.016767ms ago: executing program 2 (id=1286): write$cgroup_int(0xffffffffffffffff, &(0x7f0000000180)=0x4b6e, 0xfffffdcb) syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2ac}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty, 0x204}, 0x1c) setsockopt(r0, 0x1, 0x9, &(0x7f0000000040), 0x29) 170.237814ms ago: executing program 5 (id=1292): r0 = socket$packet(0x11, 0x2, 0x300) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00', 0x0}) sendto$packet(r0, 0x0, 0x0, 0x30000404, &(0x7f0000000300)={0x11, 0x888e, r2, 0x1, 0x9, 0x6, @local}, 0x14) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x121042, 0x115) pwrite64(r3, 0x0, 0x0, 0x1e7b) 128.865977ms ago: executing program 5 (id=1293): unshare(0x2a020400) r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x1, 0x80) r2 = openat$cgroup_int(r1, &(0x7f0000000040)='cpu.max\x00', 0x2, 0x0) sendfile(r2, r2, 0x0, 0x10000a006) 65.959163ms ago: executing program 5 (id=1294): syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_notify={{0x18, 0x17}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, "b4b3ca39f1e34108acedf05c999388af", 0x5}}}, 0x1a) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0xd) syz_open_procfs(0xffffffffffffffff, 0x0) 65.590852ms ago: executing program 5 (id=1295): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c000000100039042abd70000000000000000000", @ANYRES32=r1, @ANYBLOB="01180200031100002c0012800e00010069703665727370616e0000001800028008001500a8bc0d00040012"], 0x4c}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=@newlink={0x6c, 0x10, 0x401, 0x0, 0x3, {0x0, 0x0, 0x0, r1, 0x42024, 0xad85}, [@IFLA_LINKINFO={0x4c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x38, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00'}, @IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e24}, @IFLA_GRE_REMOTE={0x14, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20004010}, 0x20000018) 65.378207ms ago: executing program 3 (id=1296): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000001500)={0x28, 0x4000, 0x0, @my=0x1}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000000)=0x3, 0x8) 37.284873ms ago: executing program 5 (id=1297): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './cgroup'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}, {@xino_auto}]}) syz_mount_image$fuse(&(0x7f0000000540), &(0x7f0000000000)='./bus\x00', 0x322020, &(0x7f0000000580)=ANY=[], 0x3, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) fstat(r0, &(0x7f0000003340)) 8.388565ms ago: executing program 4 (id=1298): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={r1, r2, 0x6, 0x0, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x3, 0x0, 0x1}}, 0x40) write$cgroup_int(r0, &(0x7f0000000040)=0x1c9, 0x12) 0s ago: executing program 5 (id=1299): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff0000"], 0x7c}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f00000003c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="cf0400000000000000001300000008000300", @ANYRES32=r3, @ANYBLOB="05001300840000000a00060008021100000100000600100080050000060012000100000010001180"], 0x50}, 0x1, 0x0, 0x0, 0x80c1}, 0x0) kernel console output (not intermixed with test programs): is beyond EOD, truncated [ 275.744858][ T6312] loop3: p138 start 4294967292 is beyond EOD, truncated [ 275.744871][ T6312] loop3: p139 start 4294967292 is beyond EOD, truncated [ 275.744885][ T6312] loop3: p140 start 4294967292 is beyond EOD, truncated [ 275.744899][ T6312] loop3: p141 start 4294967292 is beyond EOD, truncated [ 275.744913][ T6312] loop3: p142 start 4294967292 is beyond EOD, truncated [ 275.744927][ T6312] loop3: p143 start 4294967292 is beyond EOD, truncated [ 275.744940][ T6312] loop3: p144 start 4294967292 is beyond EOD, truncated [ 275.744954][ T6312] loop3: p145 start 4294967292 is beyond EOD, truncated [ 275.744968][ T6312] loop3: p146 start 4294967292 is beyond EOD, truncated [ 275.744982][ T6312] loop3: p147 start 4294967292 is beyond EOD, truncated [ 275.744995][ T6312] loop3: p148 start 4294967292 is beyond EOD, truncated [ 275.745009][ T6312] loop3: p149 start 4294967292 is beyond EOD, truncated [ 275.745023][ T6312] loop3: p150 start 4294967292 is beyond EOD, truncated [ 275.745037][ T6312] loop3: p151 start 4294967292 is beyond EOD, truncated [ 275.745051][ T6312] loop3: p152 start 4294967292 is beyond EOD, truncated [ 275.745064][ T6312] loop3: p153 start 4294967292 is beyond EOD, truncated [ 275.745078][ T6312] loop3: p154 start 4294967292 is beyond EOD, truncated [ 275.745092][ T6312] loop3: p155 start 4294967292 is beyond EOD, truncated [ 275.745106][ T6312] loop3: p156 start 4294967292 is beyond EOD, truncated [ 275.745120][ T6312] loop3: p157 start 4294967292 is beyond EOD, truncated [ 275.745134][ T6312] loop3: p158 start 4294967292 is beyond EOD, truncated [ 275.745147][ T6312] loop3: p159 start 4294967292 is beyond EOD, truncated [ 275.745161][ T6312] loop3: p160 start 4294967292 is beyond EOD, truncated [ 275.745175][ T6312] loop3: p161 start 4294967292 is beyond EOD, truncated [ 275.745191][ T6312] loop3: p162 start 4294967292 is beyond EOD, truncated [ 275.745205][ T6312] loop3: p163 start 4294967292 is beyond EOD, truncated [ 275.745219][ T6312] loop3: p164 start 4294967292 is beyond EOD, truncated [ 275.745233][ T6312] loop3: p165 start 4294967292 is beyond EOD, truncated [ 275.745246][ T6312] loop3: p166 start 4294967292 is beyond EOD, truncated [ 275.745260][ T6312] loop3: p167 start 4294967292 is beyond EOD, truncated [ 275.745274][ T6312] loop3: p168 start 4294967292 is beyond EOD, truncated [ 275.745288][ T6312] loop3: p169 start 4294967292 is beyond EOD, truncated [ 275.745301][ T6312] loop3: p170 start 4294967292 is beyond EOD, truncated [ 275.745315][ T6312] loop3: p171 start 4294967292 is beyond EOD, truncated [ 275.745329][ T6312] loop3: p172 start 4294967292 is beyond EOD, truncated [ 275.745343][ T6312] loop3: p173 start 4294967292 is beyond EOD, truncated [ 275.745356][ T6312] loop3: p174 start 4294967292 is beyond EOD, truncated [ 275.745370][ T6312] loop3: p175 start 4294967292 is beyond EOD, truncated [ 275.745384][ T6312] loop3: p176 start 4294967292 is beyond EOD, truncated [ 275.745398][ T6312] loop3: p177 start 4294967292 is beyond EOD, truncated [ 275.745412][ T6312] loop3: p178 start 4294967292 is beyond EOD, truncated [ 275.745425][ T6312] loop3: p179 start 4294967292 is beyond EOD, truncated [ 275.745439][ T6312] loop3: p180 start 4294967292 is beyond EOD, truncated [ 275.745453][ T6312] loop3: p181 start 4294967292 is beyond EOD, truncated [ 275.745466][ T6312] loop3: p182 start 4294967292 is beyond EOD, truncated [ 275.745480][ T6312] loop3: p183 start 4294967292 is beyond EOD, truncated [ 275.745494][ T6312] loop3: p184 start 4294967292 is beyond EOD, truncated [ 275.745508][ T6312] loop3: p185 start 4294967292 is beyond EOD, truncated [ 275.745521][ T6312] loop3: p186 start 4294967292 is beyond EOD, truncated [ 275.745535][ T6312] loop3: p187 start 4294967292 is beyond EOD, truncated [ 275.745549][ T6312] loop3: p188 start 4294967292 is beyond EOD, truncated [ 275.745563][ T6312] loop3: p189 start 4294967292 is beyond EOD, truncated [ 275.745577][ T6312] loop3: p190 start 4294967292 is beyond EOD, truncated [ 275.745590][ T6312] loop3: p191 start 4294967292 is beyond EOD, truncated [ 275.745604][ T6312] loop3: p192 start 4294967292 is beyond EOD, truncated [ 275.745618][ T6312] loop3: p193 start 4294967292 is beyond EOD, truncated [ 275.745632][ T6312] loop3: p194 start 4294967292 is beyond EOD, truncated [ 275.745646][ T6312] loop3: p195 start 4294967292 is beyond EOD, truncated [ 275.745659][ T6312] loop3: p196 start 4294967292 is beyond EOD, truncated [ 275.745673][ T6312] loop3: p197 start 4294967292 is beyond EOD, truncated [ 275.745687][ T6312] loop3: p198 start 4294967292 is beyond EOD, truncated [ 275.745701][ T6312] loop3: p199 start 4294967292 is beyond EOD, truncated [ 275.745715][ T6312] loop3: p200 start 4294967292 is beyond EOD, truncated [ 275.745729][ T6312] loop3: p201 start 4294967292 is beyond EOD, truncated [ 275.745742][ T6312] loop3: p202 start 4294967292 is beyond EOD, truncated [ 275.745756][ T6312] loop3: p203 start 4294967292 is beyond EOD, truncated [ 275.745770][ T6312] loop3: p204 start 4294967292 is beyond EOD, truncated [ 275.745784][ T6312] loop3: p205 start 4294967292 is beyond EOD, truncated [ 275.745798][ T6312] loop3: p206 start 4294967292 is beyond EOD, truncated [ 275.745811][ T6312] loop3: p207 start 4294967292 is beyond EOD, truncated [ 275.745825][ T6312] loop3: p208 start 4294967292 is beyond EOD, truncated [ 275.745839][ T6312] loop3: p209 start 4294967292 is beyond EOD, truncated [ 275.745853][ T6312] loop3: p210 start 4294967292 is beyond EOD, truncated [ 275.745866][ T6312] loop3: p211 start 4294967292 is beyond EOD, truncated [ 275.745880][ T6312] loop3: p212 start 4294967292 is beyond EOD, truncated [ 275.745894][ T6312] loop3: p213 start 4294967292 is beyond EOD, truncated [ 275.745908][ T6312] loop3: p214 start 4294967292 is beyond EOD, truncated [ 275.745921][ T6312] loop3: p215 start 4294967292 is beyond EOD, truncated [ 275.745935][ T6312] loop3: p216 start 4294967292 is beyond EOD, truncated [ 275.745949][ T6312] loop3: p217 start 4294967292 is beyond EOD, truncated [ 275.745963][ T6312] loop3: p218 start 4294967292 is beyond EOD, truncated [ 275.745977][ T6312] loop3: p219 start 4294967292 is beyond EOD, truncated [ 275.745990][ T6312] loop3: p220 start 4294967292 is beyond EOD, truncated [ 275.746004][ T6312] loop3: p221 start 4294967292 is beyond EOD, truncated [ 275.746018][ T6312] loop3: p222 start 4294967292 is beyond EOD, truncated [ 275.746032][ T6312] loop3: p223 start 4294967292 is beyond EOD, truncated [ 275.746045][ T6312] loop3: p224 start 4294967292 is beyond EOD, truncated [ 275.746059][ T6312] loop3: p225 start 4294967292 is beyond EOD, truncated [ 275.746073][ T6312] loop3: p226 start 4294967292 is beyond EOD, truncated [ 275.746087][ T6312] loop3: p227 start 4294967292 is beyond EOD, truncated [ 275.746100][ T6312] loop3: p228 start 4294967292 is beyond EOD, truncated [ 275.746114][ T6312] loop3: p229 start 4294967292 is beyond EOD, truncated [ 275.746128][ T6312] loop3: p230 start 4294967292 is beyond EOD, truncated [ 275.746142][ T6312] loop3: p231 start 4294967292 is beyond EOD, truncated [ 275.746156][ T6312] loop3: p232 start 4294967292 is beyond EOD, truncated [ 275.746169][ T6312] loop3: p233 start 4294967292 is beyond EOD, truncated [ 275.746183][ T6312] loop3: p234 start 4294967292 is beyond EOD, truncated [ 275.746199][ T6312] loop3: p235 start 4294967292 is beyond EOD, truncated [ 275.746213][ T6312] loop3: p236 start 4294967292 is beyond EOD, truncated [ 275.746227][ T6312] loop3: p237 start 4294967292 is beyond EOD, truncated [ 275.746241][ T6312] loop3: p238 start 4294967292 is beyond EOD, truncated [ 275.746255][ T6312] loop3: p239 start 4294967292 is beyond EOD, truncated [ 275.746269][ T6312] loop3: p240 start 4294967292 is beyond EOD, truncated [ 275.746282][ T6312] loop3: p241 start 4294967292 is beyond EOD, truncated [ 275.746296][ T6312] loop3: p242 start 4294967292 is beyond EOD, truncated [ 275.746310][ T6312] loop3: p243 start 4294967292 is beyond EOD, truncated [ 275.746324][ T6312] loop3: p244 start 4294967292 is beyond EOD, truncated [ 275.746337][ T6312] loop3: p245 start 4294967292 is beyond EOD, truncated [ 275.746351][ T6312] loop3: p246 start 4294967292 is beyond EOD, truncated [ 275.746365][ T6312] loop3: p247 start 4294967292 is beyond EOD, truncated [ 275.746379][ T6312] loop3: p248 start 4294967292 is beyond EOD, truncated [ 275.746393][ T6312] loop3: p249 start 4294967292 is beyond EOD, truncated [ 275.746407][ T6312] loop3: p250 start 4294967292 is beyond EOD, truncated [ 275.746420][ T6312] loop3: p251 start 4294967292 is beyond EOD, truncated [ 275.746434][ T6312] loop3: p252 start 4294967292 is beyond EOD, truncated [ 275.746448][ T6312] loop3: p253 start 4294967292 is beyond EOD, truncated [ 275.746462][ T6312] loop3: p254 start 4294967292 is beyond EOD, truncated [ 275.746476][ T6312] loop3: p255 start 4294967292 is beyond EOD, truncated [ 276.853100][ T4678] udevd[4678]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 276.867811][ T4680] udevd[4680]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 277.623828][ T6303] Set syz1 is full, maxelem 65536 reached [ 277.862469][ T4688] EXT4-fs (loop4): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 278.114081][ T4691] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 278.114128][ T4691] Bluetooth: hci3: Injecting HCI hardware error event [ 278.115334][ T4696] Bluetooth: hci3: hardware error 0x00 [ 278.969954][ T6333] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5) [ 278.969977][ T6333] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 278.974478][ T6333] vhci_hcd vhci_hcd.0: Device attached [ 279.407735][ T6333] loop1: detected capacity change from 0 to 8192 [ 279.929769][ T6333] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 280.054997][ T26] usb 4-1: new low-speed USB device number 3 using vhci_hcd [ 280.182672][ T6335] vhci_hcd: connection reset by peer [ 280.195986][ T3746] vhci_hcd vhci_hcd.1: stop threads [ 280.196031][ T3746] vhci_hcd vhci_hcd.1: release socket [ 280.196073][ T3746] vhci_hcd vhci_hcd.1: disconnect device [ 281.301836][ T4696] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 281.746919][ T6355] bridge0: port 3(wlan1) entered blocking state [ 281.746965][ T6355] bridge0: port 3(wlan1) entered disabled state [ 281.747124][ T6355] mac80211_hwsim hwsim10 wlan1: entered allmulticast mode [ 281.747652][ T6355] mac80211_hwsim hwsim10 wlan1: entered promiscuous mode [ 281.747916][ T6355] bridge0: port 3(wlan1) entered blocking state [ 281.747945][ T6355] bridge0: port 3(wlan1) entered forwarding state [ 281.752150][ T12] bridge0: port 3(wlan1) entered disabled state [ 281.939246][ T6375] loop4: detected capacity change from 0 to 8192 [ 282.368356][ T4696] Bluetooth: hci0: command 0x0406 tx timeout [ 282.369759][ T6347] Bluetooth: hci1: command 0x0406 tx timeout [ 282.371075][ T6347] Bluetooth: hci2: command 0x0406 tx timeout [ 282.648472][ T6384] loop2: detected capacity change from 0 to 256 [ 284.929376][ T6389] input: syz1 as /devices/virtual/input/input7 [ 285.612016][ T26] vhci_hcd vhci_hcd.1: vhci_device speed not set [ 285.709019][ T6404] loop0: detected capacity change from 0 to 1024 [ 285.713608][ T6404] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 285.713663][ T6404] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (24168!=20869) [ 285.713721][ T6404] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 285.713737][ T6404] EXT4-fs (loop0): filesystem has both journal inode and journal device! [ 286.077840][ T6413] xt_ecn: cannot match TCP bits for non-tcp packets [ 286.078229][ T6413] loop5: detected capacity change from 0 to 7 [ 286.081749][ T6413] Dev loop5: unable to read RDB block 7 [ 286.081804][ T6413] loop5: unable to read partition table [ 286.081879][ T6413] loop5: partition table beyond EOD, truncated [ 286.081900][ T6413] loop_reread_partitions: partition scan of loop5 (被x ) failed (rc=-5) [ 286.410673][ T6421] tipc: Enabled bearer , priority 0 [ 286.412611][ T6421] syzkaller0: entered promiscuous mode [ 286.413966][ T6421] syzkaller0: entered allmulticast mode [ 286.425795][ T6421] tipc: Resetting bearer [ 286.452083][ T6420] tipc: Resetting bearer [ 286.458214][ T6420] tipc: Disabling bearer [ 286.785407][ T6426] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 286.785430][ T6426] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 286.785571][ T6426] vhci_hcd vhci_hcd.0: Device attached [ 286.857541][ T6426] loop2: detected capacity change from 0 to 8192 [ 286.862155][ T6426] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 287.073201][ T9] usb 6-1: new low-speed USB device number 2 using vhci_hcd [ 287.494980][ T6427] vhci_hcd: connection reset by peer [ 287.499887][ T5540] vhci_hcd vhci_hcd.2: stop threads [ 287.501084][ T5540] vhci_hcd vhci_hcd.2: release socket [ 287.502230][ T5540] vhci_hcd vhci_hcd.2: disconnect device [ 288.482527][ T6444] netlink: 'syz.0.351': attribute type 8 has an invalid length. [ 288.487686][ T6439] 9p: Bad value for 'wfdno' [ 289.576915][ T6450] loop4: detected capacity change from 0 to 256 [ 290.700751][ T4698] Bluetooth: hci5: command 0x1003 tx timeout [ 290.702642][ T4690] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 291.764851][ T6462] random: crng reseeded on system resumption [ 292.318644][ T6460] input: syz1 as /devices/virtual/input/input8 [ 293.484531][ T9] vhci_hcd vhci_hcd.2: vhci_device speed not set [ 293.681642][ T6468] loop2: detected capacity change from 0 to 512 [ 293.682154][ T6468] EXT4-fs: Ignoring removed oldalloc option [ 295.694342][ T6468] EXT4-fs error (device loop2): ext4_iget_extra_inode:5128: inode #15: comm syz.2.358: corrupted in-inode xattr: invalid ea_ino [ 295.694387][ T6468] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 295.694727][ T6468] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.358: couldn't read orphan inode 15 (err -117) [ 295.694755][ T6468] loop2: lost filesystem error report for type 5 error -117 [ 295.695403][ T6468] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 295.700197][ T6472] loop4: detected capacity change from 0 to 256 [ 295.722626][ T6467] netlink: 24 bytes leftover after parsing attributes in process `syz.2.358'. [ 296.048834][ T6479] input: syz1 as /devices/virtual/input/input9 [ 296.404897][ T6481] loop3: detected capacity change from 0 to 8192 [ 296.585462][ T6481] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 297.100802][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.889863][ T6488] loop0: detected capacity change from 0 to 512 [ 297.890288][ T6488] EXT4-fs: Ignoring removed bh option [ 297.923120][ T6488] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 297.934829][ T6488] EXT4-fs (loop0): 1 truncate cleaned up [ 297.938686][ T6488] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 299.447191][ T6503] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5) [ 299.447218][ T6503] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 299.447351][ T6503] vhci_hcd vhci_hcd.0: Device attached [ 299.562807][ T6506] loop4: detected capacity change from 0 to 8192 [ 299.587064][ T6506] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 299.778081][ T4398] usb 10-1: new low-speed USB device number 4 using vhci_hcd [ 300.213250][ T6504] vhci_hcd: connection reset by peer [ 300.223887][ T6369] vhci_hcd vhci_hcd.4: stop threads [ 300.225005][ T6369] vhci_hcd vhci_hcd.4: release socket [ 300.226089][ T6369] vhci_hcd vhci_hcd.4: disconnect device [ 300.381024][ T6510] loop3: detected capacity change from 0 to 512 [ 300.463463][ T6510] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 301.940525][ T4694] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 303.106285][ T6536] loop1: detected capacity change from 0 to 1024 [ 303.106680][ T6536] EXT4-fs: Ignoring removed orlov option [ 303.118733][ T6536] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 303.531795][ T6536] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 305.574741][ T4398] vhci_hcd vhci_hcd.4: vhci_device speed not set [ 305.682399][ T4693] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 306.041799][ T6567] ieee802154 phy0 wpan0: encryption failed: -22 [ 307.725140][ T6586] loop3: detected capacity change from 0 to 1024 [ 307.726017][ T6586] EXT4-fs: Ignoring removed orlov option [ 307.728997][ T6586] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 307.758643][ T6586] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 307.844122][ T4699] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.140610][ T6595] EXT4-fs error (device loop3): ext4_find_dest_de:2050: inode #12: block 7: comm syz.3.385: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 308.146986][ T6595] EXT4-fs (loop3): Remounting filesystem read-only [ 308.360982][ T6605] geneve2: entered promiscuous mode [ 308.361020][ T6605] geneve2: entered allmulticast mode [ 308.545588][ T6604] loop0: detected capacity change from 0 to 512 [ 308.605596][ T6377] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 308.929511][ T4694] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 309.041559][ T40] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 309.066144][ T6368] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 309.185334][ T4690] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 309.205475][ T6368] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 311.036727][ T6604] EXT4-fs error (device loop0): ext4_iget_extra_inode:5128: inode #15: comm syz.0.386: corrupted in-inode xattr: e_value size too large [ 311.036769][ T6604] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 311.053769][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 311.053798][ C0] EXT4-fs (loop0): initial error at time 524590: ext4_iget_extra_inode:5128: inode 15 [ 311.053835][ C0] EXT4-fs (loop0): last error at time 524590: ext4_iget_extra_inode:5128: inode 15 [ 311.306748][ T6604] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.386: couldn't read orphan inode 15 (err -117) [ 311.306835][ T6604] loop0: lost filesystem error report for type 5 error -117 [ 311.320798][ T6604] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 311.892764][ T6627] loop3: detected capacity change from 0 to 1024 [ 311.896079][ T6627] EXT4-fs: Ignoring removed nomblk_io_submit option [ 311.904654][ T6629] loop1: detected capacity change from 0 to 512 [ 312.260211][ T6629] EXT4-fs (loop1): 1 truncate cleaned up [ 312.260693][ T6629] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 312.301565][ T6627] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 312.709753][ T4699] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 313.760234][ T6615] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 465: padding at end of block bitmap is not set [ 313.913589][ T6650] overlayfs: missing 'lowerdir' [ 314.279954][ T30] audit: type=1326 audit(524593.882:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6652 comm="syz.4.396" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9b77aa8 code=0x0 [ 315.229548][ T6662] loop2: detected capacity change from 0 to 512 [ 315.232864][ T4693] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 315.237259][ T4694] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 315.324428][ T6662] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 315.385767][ T6668] futex_wake_op: syz.4.401 tries to shift op by 32; fix this program [ 316.616816][ T6671] rdma_rxe: rxe_newlink: failed to add ipvlan0 [ 316.645225][ T6677] loop4: detected capacity change from 0 to 128 [ 317.898233][ T6686] Invalid logical block size (4194304) [ 318.876299][ T1595] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.876370][ T1595] ieee802154 phy1 wpan1: encryption failed: -22 [ 319.333506][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.255817][ T6693] loop2: detected capacity change from 0 to 1024 [ 320.262837][ T6693] EXT4-fs: Ignoring removed orlov option [ 320.265386][ T6693] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 320.274206][ T6693] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 320.624426][ T6702] loop1: detected capacity change from 0 to 1024 [ 320.625747][ T6702] ext2: Unknown parameter 'subj_type' [ 321.180598][ T4690] Bluetooth: hci5: command 0x1003 tx timeout [ 321.327658][ T4698] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 321.694821][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 321.718927][ T6713] loop2: detected capacity change from 0 to 512 [ 321.720942][ T6713] EXT4-fs: Ignoring removed i_version option [ 321.775381][ T6713] EXT4-fs: Ignoring removed nobh option [ 321.781593][ T6713] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 321.862836][ T6713] EXT4-fs (loop2): 1 truncate cleaned up [ 321.863338][ T6713] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 322.377654][ T6728] overlayfs: failed to resolve './file1': -2 [ 322.802273][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.906181][ T6734] loop1: detected capacity change from 0 to 1024 [ 322.906606][ T6734] EXT4-fs: Ignoring removed nomblk_io_submit option [ 322.938109][ T6734] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 323.902800][ T6747] loop4: detected capacity change from 0 to 512 [ 324.910410][ T6747] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 325.254034][ T6753] overlayfs: failed to resolve './file1': -2 [ 326.634321][ T4693] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.720956][ T6772] tipc: Enabled bearer , priority 0 [ 326.721327][ T6772] syzkaller0: entered promiscuous mode [ 326.721360][ T6772] syzkaller0: entered allmulticast mode [ 326.733192][ T6772] tipc: Resetting bearer [ 326.783587][ T6769] tipc: Resetting bearer [ 326.793264][ T6762] rdma_rxe: rxe_newlink: failed to add ipvlan0 [ 326.794913][ T6769] tipc: Disabling bearer [ 326.800781][ T6773] loop1: detected capacity change from 0 to 1024 [ 327.493124][ T6776] overlayfs: failed to resolve './bus': -2 [ 327.729581][ T6780] loop3: detected capacity change from 0 to 4096 [ 327.786904][ T6787] futex_wake_op: syz.2.422 tries to shift op by 32; fix this program [ 328.097558][ T6793] loop2: detected capacity change from 0 to 128 [ 328.160117][ T6793] netlink: 8 bytes leftover after parsing attributes in process `syz.2.422'. [ 328.696145][ T6780] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 329.136435][ T6797] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.423: corrupted inode contents [ 329.138068][ T6797] EXT4-fs error (device loop3): ext4_dirty_inode:6587: inode #15: comm syz.3.423: mark_inode_dirty error [ 329.551884][ T6797] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.423: corrupted inode contents [ 329.554323][ T6797] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #15: comm syz.3.423: mark_inode_dirty error [ 329.557163][ T6797] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.423: corrupted inode contents [ 329.558025][ T6797] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #15: comm syz.3.423: mark_inode_dirty error [ 329.558255][ T6797] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.423: corrupted inode contents [ 329.561579][ T6797] EXT4-fs error (device loop3): ext4_truncate:4690: inode #15: comm syz.3.423: mark_inode_dirty error [ 329.562417][ T6797] EXT4-fs error (device loop3) in ext4_setattr:6120: Corrupt filesystem [ 329.609899][ T4694] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 329.662651][ T6808] loop3: detected capacity change from 0 to 512 [ 329.676296][ T6808] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 330.062031][ T6812] loop2: detected capacity change from 0 to 128 [ 331.258413][ T4694] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.824514][ T6833] overlayfs: failed to resolve './file1': -2 [ 332.448455][ T6838] overlayfs: missing 'lowerdir' [ 333.571218][ T6842] loop1: detected capacity change from 0 to 512 [ 333.573566][ T6842] EXT4-fs: Ignoring removed i_version option [ 333.573603][ T6842] EXT4-fs: Ignoring removed nobh option [ 333.580722][ T6842] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 333.647382][ T6842] EXT4-fs (loop1): 1 truncate cleaned up [ 333.648430][ T6842] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 333.864450][ T6855] futex_wake_op: syz.0.442 tries to shift op by 32; fix this program [ 334.176755][ T6862] loop0: detected capacity change from 0 to 128 [ 334.214154][ T6862] netlink: 8 bytes leftover after parsing attributes in process `syz.0.442'. [ 334.269667][ T24] page_pool_release_retry() stalled pool shutdown: id 25, 44 inflight 121 sec [ 334.784979][ T4693] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 334.880568][ T6867] loop1: detected capacity change from 0 to 4096 [ 335.210326][ T6867] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 335.487434][ T6874] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #15: comm syz.1.443: corrupted inode contents [ 335.723294][ T6874] EXT4-fs error (device loop1): ext4_dirty_inode:6587: inode #15: comm syz.1.443: mark_inode_dirty error [ 335.743629][ T6874] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #15: comm syz.1.443: corrupted inode contents [ 335.747676][ T6874] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.443: mark_inode_dirty error [ 335.750948][ T6874] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #15: comm syz.1.443: corrupted inode contents [ 335.754853][ T6874] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.443: mark_inode_dirty error [ 335.759043][ T6874] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #15: comm syz.1.443: corrupted inode contents [ 335.763354][ T6874] EXT4-fs error (device loop1): ext4_truncate:4690: inode #15: comm syz.1.443: mark_inode_dirty error [ 335.784950][ T6880] geneve2: entered promiscuous mode [ 335.785029][ T6880] geneve2: entered allmulticast mode [ 335.896385][ T12] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 335.900883][ T3725] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 335.900955][ T3725] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 335.901003][ T3725] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 335.906926][ T6874] EXT4-fs error (device loop1) in ext4_setattr:6120: Corrupt filesystem [ 335.921868][ T6877] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #15: comm syz.1.443: corrupted inode contents [ 336.340929][ T4693] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.469135][ T30] audit: type=1326 audit(1048902.848:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6881 comm="syz.3.447" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9177aa8 code=0x0 [ 336.531054][ T4688] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.583453][ T6887] overlayfs: failed to resolve './file1': -2 [ 337.022941][ T6896] loop2: detected capacity change from 0 to 1024 [ 337.024745][ T6896] EXT4-fs: Ignoring removed orlov option [ 337.031076][ T4698] Bluetooth: hci0: unexpected event for opcode 0x0c1b [ 337.047771][ T6896] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 337.078578][ T6896] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 337.654920][ T6905] EXT4-fs error (device loop2): ext4_find_dest_de:2050: inode #12: block 7: comm syz.2.461: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 337.666510][ T6905] EXT4-fs (loop2): Remounting filesystem read-only [ 337.730691][ T6911] loop0: detected capacity change from 0 to 128 [ 337.793798][ T6914] loop3: detected capacity change from 0 to 512 [ 337.794187][ T6914] EXT4-fs: Ignoring removed nomblk_io_submit option [ 337.794999][ T6914] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 337.831449][ T6914] EXT4-fs (loop3): 1 truncate cleaned up [ 337.833168][ T6914] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 337.864471][ T6914] EXT4-fs error (device loop3): ext4_find_dest_de:2050: inode #2: block 13: comm syz.3.454: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=2, rec_len=8, size=1024 fake=1 [ 338.812597][ T4694] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 339.387940][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 339.736436][ T6929] loop3: detected capacity change from 0 to 512 [ 339.765155][ T6929] EXT4-fs (loop3): 1 truncate cleaned up [ 339.765650][ T6929] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 340.138670][ T6929] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.469: invalid indirect mapped block 234881024 (level 0) [ 340.138732][ T6929] loop3: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 340.145111][ T6929] EXT4-fs (loop3): Remounting filesystem read-only [ 340.181945][ T6937] futex_wake_op: syz.1.457 tries to shift op by 32; fix this program [ 340.201954][ T4694] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 340.294410][ T6939] loop1: detected capacity change from 0 to 128 [ 340.679196][ T6939] netlink: 8 bytes leftover after parsing attributes in process `syz.1.457'. [ 341.213517][ T6944] loop4: detected capacity change from 0 to 4096 [ 341.243460][ T6944] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 341.252256][ T6950] loop2: detected capacity change from 0 to 128 [ 341.684163][ T6954] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #15: comm syz.4.458: corrupted inode contents [ 341.685710][ T6954] EXT4-fs error (device loop4): ext4_dirty_inode:6587: inode #15: comm syz.4.458: mark_inode_dirty error [ 341.685871][ T6954] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #15: comm syz.4.458: corrupted inode contents [ 341.686008][ T6954] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.458: mark_inode_dirty error [ 341.686142][ T6954] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #15: comm syz.4.458: corrupted inode contents [ 341.686284][ T6954] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.458: mark_inode_dirty error [ 341.686423][ T6954] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #15: comm syz.4.458: corrupted inode contents [ 341.686652][ T6954] EXT4-fs error (device loop4): ext4_truncate:4690: inode #15: comm syz.4.458: mark_inode_dirty error [ 341.686779][ T6954] EXT4-fs error (device loop4) in ext4_setattr:6120: Corrupt filesystem [ 341.690229][ T6953] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #15: comm syz.4.458: corrupted inode contents [ 341.703137][ T6958] loop0: detected capacity change from 0 to 512 [ 341.703491][ T6958] EXT4-fs: Ignoring removed bh option [ 341.727482][ T6962] tipc: Started in network mode [ 341.727503][ T6962] tipc: Node identity b2d1e45b652e, cluster identity 4711 [ 341.727563][ T6962] tipc: Enabled bearer , priority 0 [ 341.727819][ T6962] syzkaller0: entered promiscuous mode [ 341.727829][ T6962] syzkaller0: entered allmulticast mode [ 341.731006][ T6958] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 341.731023][ T6958] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 341.731971][ T6953] EXT4-fs warning (device loop4): swap_inode_boot_loader:481: couldn't mark inode #15 dirty (err -117) [ 341.738645][ T6958] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 341.739856][ T6958] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 341.740453][ T6958] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 341.751547][ T6962] tipc: Resetting bearer [ 341.793687][ T6960] tipc: Resetting bearer [ 341.814870][ T4699] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 341.827823][ T6969] loop1: detected capacity change from 0 to 256 [ 341.843276][ T6969] FAT-fs (loop1): Directory bread(block 64) failed [ 341.845787][ T6969] FAT-fs (loop1): Directory bread(block 65) failed [ 341.845855][ T6969] FAT-fs (loop1): Directory bread(block 66) failed [ 341.845878][ T6969] FAT-fs (loop1): Directory bread(block 67) failed [ 341.845916][ T6969] FAT-fs (loop1): Directory bread(block 68) failed [ 341.845938][ T6969] FAT-fs (loop1): Directory bread(block 69) failed [ 341.845973][ T6969] FAT-fs (loop1): Directory bread(block 70) failed [ 341.845992][ T6969] FAT-fs (loop1): Directory bread(block 71) failed [ 341.846023][ T6969] FAT-fs (loop1): Directory bread(block 72) failed [ 341.846038][ T6969] FAT-fs (loop1): Directory bread(block 73) failed [ 341.892738][ T6960] tipc: Disabling bearer [ 341.976909][ T30] audit: type=1326 audit(1048908.038:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6970 comm="syz.0.466" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb5f77aa8 code=0x0 [ 342.137145][ T4688] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 342.170326][ T6978] loop3: detected capacity change from 0 to 128 [ 342.974523][ T30] audit: type=1107 audit(1048908.959:6): pid=6988 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='' [ 343.560594][ T7000] loop2: detected capacity change from 0 to 512 [ 343.562802][ T4698] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 343.562835][ T4698] CPU: 1 UID: 0 PID: 4698 Comm: kworker/u9:4 Tainted: G L syzkaller #0 PREEMPT [ 343.562852][ T4698] Tainted: [L]=SOFTLOCKUP [ 343.562856][ T4698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/02/2026 [ 343.562862][ T4698] Workqueue: hci0 hci_rx_work [ 343.562878][ T4698] Call trace: [ 343.562881][ T4698] show_stack+0x2c/0x3c (C) [ 343.562896][ T4698] __dump_stack+0x30/0x40 [ 343.562908][ T4698] dump_stack_lvl+0xd8/0x12c [ 343.562920][ T4698] dump_stack+0x1c/0x28 [ 343.562931][ T4698] sysfs_warn_dup+0x9c/0xb8 [ 343.562943][ T4698] sysfs_create_dir_ns+0x190/0x1f4 [ 343.562954][ T4698] kobject_add_internal+0x290/0x6f0 [ 343.562965][ T4698] kobject_add_varg+0x9c/0xe8 [ 343.562975][ T4698] kobject_add+0x110/0x1c8 [ 343.562984][ T4698] device_add+0x394/0x9f0 [ 343.562994][ T4698] hci_conn_add_sysfs+0xbc/0x1e8 [ 343.563007][ T4698] le_conn_complete_evt+0xc68/0x10f8 [ 343.563018][ T4698] hci_le_enh_conn_complete_evt+0x114/0x3d8 [ 343.563029][ T4698] hci_le_meta_evt+0x2b0/0x46c [ 343.563041][ T4698] hci_event_packet+0x4c0/0x9c8 [ 343.563053][ T4698] hci_rx_work+0x2f4/0xd78 [ 343.563062][ T4698] process_scheduled_works+0x788/0x10b8 [ 343.563072][ T4698] worker_thread+0x798/0xbd0 [ 343.563081][ T4698] kthread+0x304/0x3d4 [ 343.563089][ T4698] ret_from_fork+0x10/0x20 [ 343.563110][ T4698] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 343.563130][ T4698] Bluetooth: hci0: failed to register connection device [ 343.578114][ T7000] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 343.587554][ T7002] x_tables: duplicate underflow at hook 3 [ 343.593986][ T7000] EXT4-fs (loop2): orphan cleanup on readonly fs [ 343.637906][ T7000] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.479: invalid indirect mapped block 4294967295 (level 1) [ 343.637951][ T7000] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 343.642565][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 343.642594][ C1] EXT4-fs (loop2): initial error at time 1048909: ext4_free_branches:1023: inode 11 [ 343.642635][ C1] EXT4-fs (loop2): last error at time 1048909: ext4_free_branches:1023: inode 11 [ 343.650267][ T7000] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.479: invalid indirect mapped block 4294967295 (level 1) [ 343.650311][ T7000] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 343.658492][ T7000] EXT4-fs (loop2): 2 truncates cleaned up [ 343.659043][ T7000] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 343.697712][ T4690] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 343.718943][ T7008] netlink: 16 bytes leftover after parsing attributes in process `syz.1.485'. [ 343.723144][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 343.990288][ T7018] overlayfs: failed to resolve './file1': -2 [ 343.996216][ T7014] loop2: detected capacity change from 0 to 4096 [ 344.003398][ T7019] loop1: detected capacity change from 0 to 1024 [ 344.003780][ T7019] EXT4-fs: Ignoring removed orlov option [ 344.014424][ T7019] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 344.039217][ T7022] EXT4-fs: Ignoring removed mblk_io_submit option [ 344.048507][ T7022] EXT4-fs (loop0): orphan cleanup on readonly fs [ 344.048545][ T7022] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13 [ 344.048956][ T7014] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 344.055475][ T7022] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #13: comm syz.0.497: attempt to clear invalid blocks 2 len 1 [ 344.058690][ T7022] loop0: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 344.060708][ T7022] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 344.063109][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 344.063128][ C0] EXT4-fs (loop0): initial error at time 1048909: ext4_clear_blocks:876: inode 13 [ 344.063143][ C0] EXT4-fs (loop0): last error at time 1048909: ext4_clear_blocks:876: inode 13 [ 344.071415][ T7019] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 344.078382][ T7022] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.497: invalid indirect mapped block 1819239214 (level 0) [ 344.081602][ T7022] loop0: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 344.517938][ T7030] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #15: comm syz.2.487: corrupted inode contents [ 344.536948][ T7030] EXT4-fs error (device loop2): ext4_dirty_inode:6587: inode #15: comm syz.2.487: mark_inode_dirty error [ 344.547182][ T7030] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #15: comm syz.2.487: corrupted inode contents [ 344.550137][ T7030] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.487: mark_inode_dirty error [ 344.552443][ T7030] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #15: comm syz.2.487: corrupted inode contents [ 344.552667][ T7030] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.487: mark_inode_dirty error [ 344.552820][ T7030] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #15: comm syz.2.487: corrupted inode contents [ 344.554818][ T7030] EXT4-fs error (device loop2): ext4_truncate:4690: inode #15: comm syz.2.487: mark_inode_dirty error [ 344.554997][ T7030] EXT4-fs error (device loop2) in ext4_setattr:6120: Corrupt filesystem [ 344.557375][ T7031] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #15: comm syz.2.487: corrupted inode contents [ 344.558461][ T7031] EXT4-fs warning (device loop2): swap_inode_boot_loader:481: couldn't mark inode #15 dirty (err -117) [ 344.575664][ T7022] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.497: invalid indirect mapped block 1819239214 (level 1) [ 344.575713][ T7022] loop0: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 344.580421][ T7022] EXT4-fs (loop0): 1 truncate cleaned up [ 344.580908][ T7022] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 344.610057][ T7022] EXT4-fs (loop0): Quota file not on filesystem root. Journaled quota will not work [ 344.625236][ T4699] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 344.755826][ T7042] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 344.927874][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 344.944307][ T7058] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 345.029350][ T4693] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.295926][ T7066] workqueue: name exceeds WQ_NAME_LEN. Truncating to: 9W!m$@I: 0N+zW [ 345.328373][ T7074] set_capacity_and_notify: 1 callbacks suppressed [ 345.328418][ T7074] loop2: detected capacity change from 0 to 512 [ 345.339990][ T7074] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 345.342492][ T7074] EXT4-fs (loop2): 1 truncate cleaned up [ 345.342966][ T7074] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 345.358403][ T7079] comedi comedi0: bad chanlist[0]=0x00800000 chan=0 range length=2 [ 345.379627][ T7074] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. [ 345.419574][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.423843][ T7090] overlayfs: failed to resolve './file1': -2 [ 345.479111][ T7095] loop2: detected capacity change from 0 to 1024 [ 345.480921][ T7095] EXT4-fs: Ignoring removed orlov option [ 345.488840][ T7095] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 345.505647][ T7095] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 345.510318][ T7097] loop0: detected capacity change from 0 to 1024 [ 345.511973][ T7097] EXT4-fs: Ignoring removed orlov option [ 345.513135][ T7097] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 345.521450][ T7091] loop3: detected capacity change from 0 to 4096 [ 345.841474][ T7091] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 345.845571][ T7097] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 345.912396][ T7110] netlink: 104 bytes leftover after parsing attributes in process `syz.4.522'. [ 346.159552][ T7111] EXT4-fs error (device loop0): ext4_find_dest_de:2050: inode #12: block 7: comm syz.0.520: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 346.252444][ T7111] EXT4-fs (loop0): Remounting filesystem read-only [ 346.256757][ T7116] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.516: corrupted inode contents [ 346.269560][ T7116] EXT4-fs error (device loop3): ext4_dirty_inode:6587: inode #15: comm syz.3.516: mark_inode_dirty error [ 346.271957][ T7116] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.516: corrupted inode contents [ 346.275518][ T7116] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #15: comm syz.3.516: mark_inode_dirty error [ 346.278060][ T7116] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.516: corrupted inode contents [ 346.278257][ T7116] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #15: comm syz.3.516: mark_inode_dirty error [ 346.278401][ T7116] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.516: corrupted inode contents [ 346.278588][ T7116] EXT4-fs error (device loop3): ext4_truncate:4690: inode #15: comm syz.3.516: mark_inode_dirty error [ 346.278930][ T7116] EXT4-fs error (device loop3) in ext4_setattr:6120: Corrupt filesystem [ 346.287011][ T7115] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.516: corrupted inode contents [ 346.303208][ T7115] EXT4-fs warning (device loop3): swap_inode_boot_loader:481: couldn't mark inode #15 dirty (err -117) [ 346.304949][ T4690] Bluetooth: hci0: unexpected cc 0x204b length: 9 > 3 [ 346.304968][ T4690] Bluetooth: hci0: unexpected event for opcode 0x204b [ 346.459851][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 346.475529][ T7132] loop4: detected capacity change from 0 to 256 [ 346.475939][ T7132] vfat: Deprecated parameter 'posix' [ 346.475947][ T7132] FAT-fs: "posix" option is obsolete, not supported now [ 346.529998][ T4694] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 346.536557][ T4699] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 346.599252][ T7134] loop2: detected capacity change from 0 to 128 [ 346.609256][ T7134] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 346.699870][ T7144] netlink: 'syz.4.531': attribute type 4 has an invalid length. [ 346.907917][ T4692] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 346.925646][ T7147] tipc: Enabled bearer , priority 0 [ 346.927582][ T7147] syzkaller0: entered promiscuous mode [ 346.928621][ T7147] syzkaller0: entered allmulticast mode [ 346.933308][ T7147] tipc: Resetting bearer [ 346.936625][ T7146] tipc: Resetting bearer [ 346.948157][ T7146] tipc: Disabling bearer [ 346.969711][ T7149] overlayfs: failed to resolve './file1': -2 [ 347.303985][ T7166] loop0: detected capacity change from 0 to 1024 [ 347.305024][ T7166] EXT4-fs: Ignoring removed orlov option [ 347.305974][ T7166] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 347.325617][ T7166] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 347.428345][ T7177] loop2: detected capacity change from 0 to 512 [ 347.428790][ T7177] EXT4-fs: Ignoring removed mblk_io_submit option [ 347.433144][ T7177] EXT4-fs (loop2): orphan cleanup on readonly fs [ 347.433175][ T7177] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13 [ 347.433685][ T7177] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.545: attempt to clear invalid blocks 2 len 1 [ 347.433701][ T7177] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 347.433955][ T7177] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 347.434326][ T7177] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.545: invalid indirect mapped block 1819239214 (level 0) [ 347.434349][ T7177] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 347.434618][ T7177] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.545: invalid indirect mapped block 1819239214 (level 1) [ 347.434638][ T7177] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 347.435136][ T7177] EXT4-fs (loop2): 1 truncate cleaned up [ 347.435756][ T7177] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 347.703506][ T7177] EXT4-fs (loop2): Quota file not on filesystem root. Journaled quota will not work [ 347.730971][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 347.772632][ T7183] netlink: 20 bytes leftover after parsing attributes in process `syz.2.547'. [ 347.782583][ T7185] loop4: detected capacity change from 0 to 512 [ 347.788817][ T7185] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 347.789427][ T7185] EXT4-fs (loop4): 1 truncate cleaned up [ 347.789891][ T7185] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 347.813341][ T7185] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 347.838229][ T4688] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 347.843839][ T7194] loop3: detected capacity change from 0 to 256 [ 347.877854][ T7193] tipc: Enabled bearer , priority 0 [ 347.878320][ T7193] syzkaller0: entered promiscuous mode [ 347.878351][ T7193] syzkaller0: entered allmulticast mode [ 347.895463][ T7193] tipc: Resetting bearer [ 347.907831][ T7191] tipc: Resetting bearer [ 347.931965][ T7191] tipc: Disabling bearer [ 347.963623][ T7198] bridge1: entered promiscuous mode [ 347.989958][ T7204] overlayfs: failed to resolve './file1': -2 [ 348.356081][ T7222] netlink: 8 bytes leftover after parsing attributes in process `syz.2.564'. [ 348.356121][ T7222] netlink: 24 bytes leftover after parsing attributes in process `syz.2.564'. [ 348.356450][ T7222] netlink: 24 bytes leftover after parsing attributes in process `syz.2.564'. [ 348.368627][ T7218] EXT4-fs: Ignoring removed bh option [ 348.368668][ T7218] EXT4-fs: Ignoring removed nomblk_io_submit option [ 348.371663][ T7218] EXT4-fs (loop4): Test dummy encryption mode enabled [ 348.373590][ T4699] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 348.382285][ T7218] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 348.396649][ T7218] VFS: Lookup of 'file0' in ext4 loop4 would have caused loop [ 348.442611][ T4688] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 348.507624][ T7234] tipc: Enabled bearer , priority 0 [ 348.509288][ T7234] syzkaller0: entered promiscuous mode [ 348.510351][ T7234] syzkaller0: entered allmulticast mode [ 348.518849][ T7234] tipc: Resetting bearer [ 348.522452][ T7231] tipc: Resetting bearer [ 348.553864][ T7231] tipc: Disabling bearer [ 348.576893][ T7245] comedi comedi0: bad chanlist[0]=0x00800000 chan=0 range length=2 [ 348.608072][ T7247] EXT4-fs: Ignoring removed orlov option [ 348.608119][ T7247] EXT4-fs: Ignoring removed mblk_io_submit option [ 348.610753][ T7247] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13 [ 348.616996][ T7247] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.577: attempt to clear invalid blocks 2 len 1 [ 348.617034][ T7247] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 348.617643][ T7247] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 348.617867][ T7247] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.577: invalid indirect mapped block 1819239214 (level 0) [ 348.617882][ T7247] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 348.618144][ T7247] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.577: invalid indirect mapped block 1819239214 (level 1) [ 348.618169][ T7247] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 348.620539][ C1] EXT4-fs (loop2): error count since last fsck: 4 [ 348.620556][ C1] EXT4-fs (loop2): initial error at time 1048914: ext4_clear_blocks:876: inode 13 [ 348.620571][ C1] EXT4-fs (loop2): last error at time 1048914: ext4_free_branches:1023: inode 13 [ 348.624593][ T7247] EXT4-fs (loop2): 1 truncate cleaned up [ 348.625059][ T7247] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 348.648817][ T7250] EXT4-fs: Ignoring removed orlov option [ 348.650824][ T7250] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 348.672513][ T7250] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 348.735353][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 348.776030][ T7262] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 348.786878][ T7262] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001) [ 349.121388][ T7276] vfat: Deprecated parameter 'posix' [ 349.121422][ T7276] FAT-fs: "posix" option is obsolete, not supported now [ 349.144880][ T7275] FAT-fs (loop3): Directory bread(block 64) failed [ 349.144922][ T7275] FAT-fs (loop3): Directory bread(block 65) failed [ 349.144960][ T7275] FAT-fs (loop3): Directory bread(block 66) failed [ 349.144972][ T7275] FAT-fs (loop3): Directory bread(block 67) failed [ 349.144994][ T7275] FAT-fs (loop3): Directory bread(block 68) failed [ 349.145005][ T7275] FAT-fs (loop3): Directory bread(block 69) failed [ 349.145027][ T7275] FAT-fs (loop3): Directory bread(block 70) failed [ 349.145037][ T7275] FAT-fs (loop3): Directory bread(block 71) failed [ 349.145058][ T7275] FAT-fs (loop3): Directory bread(block 72) failed [ 349.145068][ T7275] FAT-fs (loop3): Directory bread(block 73) failed [ 349.153540][ T7275] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 349.175383][ T7281] tipc: Enabled bearer , priority 0 [ 349.177008][ T7281] syzkaller0: entered promiscuous mode [ 349.178071][ T7281] syzkaller0: entered allmulticast mode [ 349.182950][ T7281] tipc: Resetting bearer [ 349.188461][ T7280] tipc: Resetting bearer [ 349.216101][ T7283] EXT4-fs: Ignoring removed orlov option [ 349.233042][ T7283] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 349.236709][ T7280] tipc: Disabling bearer [ 349.274213][ T7283] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 349.388125][ T7290] netlink: 'syz.0.588': attribute type 4 has an invalid length. [ 349.779295][ T7291] EXT4-fs error (device loop2): ext4_find_dest_de:2050: inode #12: block 7: comm syz.2.592: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 349.788765][ T7291] EXT4-fs (loop2): Remounting filesystem read-only [ 349.892320][ T4688] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.000562][ T7301] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 350.284256][ T7317] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.596: corrupted inode contents [ 350.374477][ T7317] EXT4-fs error (device loop3): ext4_dirty_inode:6587: inode #15: comm syz.3.596: mark_inode_dirty error [ 350.414206][ T7317] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.596: corrupted inode contents [ 350.432063][ T7317] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #15: comm syz.3.596: mark_inode_dirty error [ 350.434598][ T7317] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.596: corrupted inode contents [ 350.437161][ T7317] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #15: comm syz.3.596: mark_inode_dirty error [ 350.440696][ T7317] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.596: corrupted inode contents [ 350.443274][ T7317] EXT4-fs error (device loop3): ext4_truncate:4690: inode #15: comm syz.3.596: mark_inode_dirty error [ 350.443449][ T7317] EXT4-fs error (device loop3) in ext4_setattr:6120: Corrupt filesystem [ 350.446215][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.446988][ T7320] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #15: comm syz.3.596: corrupted inode contents [ 350.472925][ T7310] EXT4-fs warning (device loop3): swap_inode_boot_loader:481: couldn't mark inode #15 dirty (err -117) [ 350.506624][ T7324] overlayfs: failed to resolve './file1': -2 [ 350.910412][ T4694] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.922706][ T7334] set_capacity_and_notify: 9 callbacks suppressed [ 350.928744][ T7334] loop1: detected capacity change from 0 to 256 [ 350.929290][ T7334] vfat: Deprecated parameter 'posix' [ 350.929299][ T7334] FAT-fs: "posix" option is obsolete, not supported now [ 351.025029][ T7344] netlink: 8 bytes leftover after parsing attributes in process `syz.4.612'. [ 351.225075][ T7357] netlink: 'syz.1.608': attribute type 4 has an invalid length. [ 352.135261][ T7363] loop0: detected capacity change from 0 to 1024 [ 352.142320][ T7363] EXT4-fs: Ignoring removed bh option [ 352.143548][ T7363] EXT4-fs: Ignoring removed nomblk_io_submit option [ 352.359579][ T7363] EXT4-fs (loop0): Test dummy encryption mode enabled [ 352.368585][ T7363] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.647917][ T7363] VFS: Lookup of 'file0' in ext4 loop0 would have caused loop [ 352.672641][ T4699] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.720244][ T7381] netlink: 'syz.3.626': attribute type 1 has an invalid length. [ 352.720288][ T7381] netlink: 12 bytes leftover after parsing attributes in process `syz.3.626'. [ 352.778158][ T7389] loop3: detected capacity change from 0 to 512 [ 352.788497][ T7389] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 352.788570][ T7389] System zones: 1-12 [ 352.788786][ T7389] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.630: Directory hole found for htree index block 0 [ 352.788808][ T7389] loop3: lost file I/O error report for ino 2 type 5 pos 0x0 len 0x0 error -117 [ 352.791963][ T7389] EXT4-fs (loop3): Remounting filesystem read-only [ 352.792265][ T7389] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 352.792322][ T7389] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 352.792777][ T7389] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.833075][ T7397] overlayfs: failed to resolve './file1': -2 [ 352.875519][ T4694] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.247276][ T7411] binder: 7409:7411 unknown command 1074029334 [ 353.248472][ T7411] binder: 7409:7411 ioctl c0306201 20000080 returned -22 [ 353.348874][ T7424] loop0: detected capacity change from 0 to 512 [ 353.356764][ T7424] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 353.358586][ T7424] System zones: 1-12 [ 353.359904][ T7427] loop3: detected capacity change from 0 to 512 [ 353.361196][ T7424] EXT4-fs error (device loop0): dx_probe:791: inode #2: comm syz.0.646: Directory hole found for htree index block 0 [ 353.361232][ T7424] loop0: lost file I/O error report for ino 2 type 5 pos 0x0 len 0x0 error -117 [ 353.369875][ T7427] EXT4-fs: Ignoring removed nomblk_io_submit option [ 353.372070][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 353.372083][ C1] EXT4-fs (loop0): initial error at time 1048918: dx_probe:791: inode 2 [ 353.372102][ C1] EXT4-fs (loop0): last error at time 1048918: dx_probe:791: inode 2 [ 353.373038][ T7424] EXT4-fs (loop0): Remounting filesystem read-only [ 353.373083][ T7424] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -117 [ 353.373130][ T7424] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117 [ 353.373656][ T7424] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 353.389157][ T4699] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.396213][ T7433] loop4: detected capacity change from 0 to 1024 [ 353.398250][ T7433] EXT4-fs: Ignoring removed orlov option [ 353.400898][ T7433] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 353.405409][ T7427] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 353.422619][ T7433] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 353.481898][ T4694] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.657063][ T7447] EXT4-fs error (device loop4): ext4_find_dest_de:2050: inode #12: block 7: comm syz.4.649: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 353.795047][ T7447] EXT4-fs (loop4): Remounting filesystem read-only [ 353.821185][ T7452] binder: 7451:7452 unknown command 1074029334 [ 353.822394][ T7452] binder: 7451:7452 ioctl c0306201 20000080 returned -22 [ 353.844125][ T7455] netlink: 12 bytes leftover after parsing attributes in process `syz.1.656'. [ 353.900690][ T7462] loop1: detected capacity change from 0 to 512 [ 353.905395][ T7462] EXT4-fs: inline encryption not supported [ 353.907626][ T7462] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 353.914991][ T7462] EXT4-fs error (device loop1): ext4_orphan_get:1423: comm syz.1.659: bad orphan inode 131083 [ 353.917113][ T7462] loop1: lost filesystem error report for type 5 error -117 [ 353.917962][ T7462] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 353.927344][ T7462] overlayfs: upper fs needs to support d_type. [ 353.944943][ T4693] EXT4-fs error (device loop1): ext4_readdir:265: inode #2: block 13: comm syz-executor: path /131/bus: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 354.027839][ T7471] netlink: 'syz.0.664': attribute type 4 has an invalid length. [ 354.027875][ T7471] netlink: 152 bytes leftover after parsing attributes in process `syz.0.664'. [ 354.036951][ T7471] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 354.066920][ T7473] overlayfs: failed to resolve './file1': -2 [ 354.509661][ T5491] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 354.944518][ T4698] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 354.945624][ T4698] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 354.945939][ T4698] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 354.946307][ T4698] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 354.946545][ T4698] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 355.064581][ T7487] lo speed is unknown, defaulting to 1000 [ 355.129747][ T7487] bridge0: port 1(bridge_slave_0) entered blocking state [ 355.129886][ T7487] bridge0: port 1(bridge_slave_0) entered disabled state [ 355.129947][ T7487] bridge_slave_0: entered allmulticast mode [ 355.130375][ T7487] bridge_slave_0: entered promiscuous mode [ 355.131705][ T7487] bridge0: port 2(bridge_slave_1) entered blocking state [ 355.131753][ T7487] bridge0: port 2(bridge_slave_1) entered disabled state [ 355.131814][ T7487] bridge_slave_1: entered allmulticast mode [ 355.132341][ T7487] bridge_slave_1: entered promiscuous mode [ 355.139955][ T7487] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 355.141020][ T7487] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 355.148157][ T7487] team0: Port device team_slave_0 added [ 355.149439][ T7487] team0: Port device team_slave_1 added [ 355.155861][ T7487] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 355.155943][ T7487] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 355.155959][ T7487] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 355.156602][ T7487] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 355.156609][ T7487] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 355.156622][ T7487] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 355.168982][ T7487] hsr_slave_0: entered promiscuous mode [ 355.169404][ T7487] hsr_slave_1: entered promiscuous mode [ 355.169680][ T7487] debugfs: 'hsr0' already exists in 'hsr' [ 355.169691][ T7487] Cannot create hsr debugfs directory [ 355.222638][ T7487] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 355.225718][ T7487] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 355.226137][ T7487] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 355.227900][ T7487] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 355.228204][ T7487] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 355.230304][ T7487] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 355.230683][ T7487] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 355.233696][ T7487] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 355.242206][ T7487] bridge0: port 2(bridge_slave_1) entered blocking state [ 355.242251][ T7487] bridge0: port 2(bridge_slave_1) entered forwarding state [ 355.242330][ T7487] bridge0: port 1(bridge_slave_0) entered blocking state [ 355.242358][ T7487] bridge0: port 1(bridge_slave_0) entered forwarding state [ 355.258438][ T7487] 8021q: adding VLAN 0 to HW filter on device bond0 [ 355.261790][ T4955] bridge0: port 1(bridge_slave_0) entered disabled state [ 355.263312][ T4955] bridge0: port 2(bridge_slave_1) entered disabled state [ 355.268669][ T7487] 8021q: adding VLAN 0 to HW filter on device team0 [ 355.271533][ T4955] bridge0: port 1(bridge_slave_0) entered blocking state [ 355.271579][ T4955] bridge0: port 1(bridge_slave_0) entered forwarding state [ 355.274852][ T6282] bridge0: port 2(bridge_slave_1) entered blocking state [ 355.274893][ T6282] bridge0: port 2(bridge_slave_1) entered forwarding state [ 355.285584][ T7487] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 355.285612][ T7487] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 355.375611][ T7487] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 355.434345][ T7487] veth0_vlan: entered promiscuous mode [ 355.436898][ T7487] veth1_vlan: entered promiscuous mode [ 355.448661][ T7487] veth0_macvtap: entered promiscuous mode [ 355.450266][ T7487] veth1_macvtap: entered promiscuous mode [ 355.454421][ T7487] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 355.455730][ T7487] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 355.458861][ T5540] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.459749][ T5540] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.459773][ T5540] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.459789][ T5540] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.490393][ T6609] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 355.490412][ T6609] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 355.502372][ T6609] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 355.502399][ T6609] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 355.540855][ T7531] loop0: detected capacity change from 0 to 512 [ 355.545427][ T7532] loop4: detected capacity change from 0 to 512 [ 356.754762][ T7550] tipc: Enabled bearer , priority 0 [ 356.755099][ T7550] syzkaller0: entered promiscuous mode [ 356.755135][ T7550] syzkaller0: entered allmulticast mode [ 356.759665][ T7550] sch_tbf: peakrate 11 is lower than or equals to rate 2048 ! [ 356.766211][ T7550] tipc: Resetting bearer [ 356.768399][ T7548] tipc: Resetting bearer [ 356.774827][ T7548] tipc: Disabling bearer [ 356.806111][ T7555] loop4: detected capacity change from 0 to 512 [ 356.808143][ T7555] EXT4-fs: Ignoring removed nobh option [ 356.896796][ T4698] Bluetooth: hci4: ACL packet for unknown connection handle 201 [ 356.965979][ T7576] netlink: 20 bytes leftover after parsing attributes in process `syz.3.690'. [ 356.966145][ T7577] xt_hashlimit: size too large, truncated to 1048576 [ 357.103604][ T7589] loop0: detected capacity change from 0 to 512 [ 357.116853][ T7591] tipc: Enabled bearer , priority 0 [ 357.119013][ T7591] syzkaller0: entered promiscuous mode [ 357.120054][ T7591] syzkaller0: entered allmulticast mode [ 357.123771][ T7591] sch_tbf: peakrate 11 is lower than or equals to rate 2048 ! [ 357.132088][ T7591] tipc: Resetting bearer [ 357.134193][ T7590] tipc: Resetting bearer [ 357.142692][ T7590] tipc: Disabling bearer [ 357.162691][ T4698] Bluetooth: hci2: command tx timeout [ 357.403306][ T7589] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000d40000 ro. [ 357.478804][ T7601] loop3: detected capacity change from 0 to 512 [ 357.482689][ T7601] EXT4-fs: Ignoring removed nobh option [ 357.555596][ T7608] loop0: detected capacity change from 0 to 512 [ 357.738490][ T7621] netlink: 20 bytes leftover after parsing attributes in process `syz.5.703'. [ 357.847983][ T4698] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 357.861177][ T7635] tmpfs: Cannot enable quota on remount [ 357.874686][ T7639] overlayfs: failed to resolve './file1': -2 [ 358.276100][ T7656] loop3: detected capacity change from 0 to 1024 [ 358.276500][ T7656] EXT4-fs: Ignoring removed i_version option [ 358.276522][ T7656] EXT4-fs: inline encryption not supported [ 358.279196][ T7656] EXT4-fs (loop3): Test dummy encryption mode enabled [ 358.316986][ T7662] loop5: detected capacity change from 0 to 128 [ 358.367980][ T7671] loop3: detected capacity change from 0 to 512 [ 358.452720][ T7676] xt_hashlimit: size too large, truncated to 1048576 [ 358.879706][ T7690] loop2: detected capacity change from 0 to 512 [ 358.893730][ T7692] loop0: detected capacity change from 0 to 1024 [ 358.894121][ T7692] EXT4-fs: Ignoring removed orlov option [ 358.896649][ T7692] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 358.913257][ T7700] loop4: detected capacity change from 0 to 256 [ 358.935918][ T7690] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 358.935947][ T7690] EXT4-fs: Cannot change journaled quota options when quota turned on [ 359.003653][ T7707] overlayfs: failed to resolve './file1': -2 [ 359.072398][ T7711] EXT4-fs: Ignoring removed oldalloc option [ 359.074905][ T7711] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 359.080021][ T7711] EXT4-fs (loop2): 1 truncate cleaned up [ 359.189554][ T7721] overlayfs: failed to resolve './file1': -2 [ 359.398542][ T4698] Bluetooth: hci2: command tx timeout [ 359.652618][ T7738] EXT4-fs: Ignoring removed bh option [ 359.653398][ T7738] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 359.665759][ T7738] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e84ce028, mo2=0000] [ 359.665814][ T7738] System zones: 0-1, 3-12 [ 359.668577][ T7738] EXT4-fs error (device loop5): ext4_map_blocks:833: inode #3: block 1: comm syz.5.750: lblock 1 mapped to illegal pblock 1 (length 1) [ 359.668620][ T7738] loop5: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 359.669899][ T7738] EXT4-fs (loop5): Remounting filesystem read-only [ 359.669921][ T7738] Quota error (device loop5): write_blk: dquota write failed [ 359.669946][ T7738] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 359.669992][ T7738] Quota error (device loop5): v2_write_file_info: Can't write info structure [ 359.670055][ T7738] EXT4-fs (loop5): 1 orphan inode deleted [ 359.726082][ T7743] netlink: 7 bytes leftover after parsing attributes in process `syz.5.752'. [ 359.800257][ T7749] SQUASHFS error: Unable to read directory block [631:43] [ 359.907047][ T7755] EXT4-fs: Ignoring removed oldalloc option [ 359.907911][ T7755] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 359.915823][ T7755] EXT4-fs error (device loop5): ext4_iget_extra_inode:5128: inode #11: comm syz.5.758: corrupted in-inode xattr: invalid ea_ino [ 359.915859][ T7755] loop5: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 359.916064][ T7755] EXT4-fs error (device loop5): ext4_orphan_get:1402: comm syz.5.758: couldn't read orphan inode 11 (err -117) [ 359.916083][ T7755] loop5: lost filesystem error report for type 5 error -117 [ 360.069552][ T4698] Bluetooth: min 6 > max 0 [ 360.156395][ T7778] EXT4-fs: Ignoring removed orlov option [ 360.165529][ T7778] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 360.184389][ T7782] overlayfs: failed to resolve './file1': -2 [ 360.191331][ T7786] EXT4-fs: Ignoring removed bh option [ 360.332383][ T7791] tipc: Started in network mode [ 360.333453][ T7791] tipc: Node identity ee1a28f2b63f, cluster identity 4711 [ 360.335028][ T7791] tipc: Enabled bearer , priority 0 [ 360.339480][ T7791] syzkaller0: entered promiscuous mode [ 360.339519][ T7791] syzkaller0: entered allmulticast mode [ 360.343728][ T7791] sch_tbf: burst 255 is lower than device syzkaller0 mtu (1514) ! [ 360.357355][ T7791] tipc: Resetting bearer [ 360.362490][ T7790] tipc: Resetting bearer [ 360.374262][ T7790] tipc: Disabling bearer [ 360.473220][ T7805] netlink: 220 bytes leftover after parsing attributes in process `syz.5.778'. [ 360.477661][ T7805] netlink: 'syz.5.778': attribute type 5 has an invalid length. [ 360.502378][ T7807] overlayfs: failed to resolve './file1': -2 [ 360.895328][ T7815] Cannot find add_set index 0 as target [ 360.973557][ T7819] EXT4-fs: Ignoring removed bh option [ 360.998505][ T7819] EXT4-fs mount: 36 callbacks suppressed [ 360.998722][ T7819] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 361.013640][ T4699] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.036223][ T7823] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 361.053011][ T4699] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.112228][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.821789][ T4698] Bluetooth: hci2: command tx timeout [ 361.853915][ T7847] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 361.861845][ T7854] overlayfs: failed to resolve './file1': -2 [ 361.863634][ T7847] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.795: No space for directory leaf checksum. Please run e2fsck -D. [ 361.863661][ T7847] EXT4-fs error (device loop3): ext4_readdir:225: inode #2: comm syz.3.795: path /160/file1: directory fails checksum at offset 0 [ 361.939425][ T4694] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.966723][ T7861] macsec1: entered promiscuous mode [ 362.064356][ T7872] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.806: Directory hole found for htree index block 0 [ 362.064398][ T7872] loop2: lost file I/O error report for ino 2 type 5 pos 0x0 len 0x0 error -117 [ 362.064542][ T7872] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 362.065084][ T7872] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 362.096003][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.175551][ T7885] xt_hashlimit: size too large, truncated to 1048576 [ 362.282623][ T7897] set_capacity_and_notify: 15 callbacks suppressed [ 362.285177][ T7897] loop2: detected capacity change from 0 to 512 [ 362.285900][ T7897] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 362.296371][ T7897] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.816: invalid block [ 362.296426][ T7897] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 362.297031][ T7897] EXT4-fs (loop2): Remounting filesystem read-only [ 362.297232][ T7897] EXT4-fs (loop2): 2 truncates cleaned up [ 362.297689][ T7897] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 362.339284][ T4698] Bluetooth: hci0: command 0x0406 tx timeout [ 362.348129][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.369232][ T7904] loop3: detected capacity change from 0 to 512 [ 362.375331][ T7904] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.819: Directory hole found for htree index block 0 [ 362.375372][ T7904] loop3: lost file I/O error report for ino 2 type 5 pos 0x0 len 0x0 error -117 [ 362.382421][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 362.382460][ C1] EXT4-fs (loop3): initial error at time 1048926: dx_probe:791: inode 2 [ 362.382491][ C1] EXT4-fs (loop3): last error at time 1048926: dx_probe:791: inode 2 [ 362.382959][ T7904] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 362.391830][ T7904] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 362.468871][ T4694] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.838033][ T7921] tipc: Started in network mode [ 362.838076][ T7921] tipc: Node identity ee173bfa389d, cluster identity 4711 [ 362.838145][ T7921] tipc: Enabled bearer , priority 0 [ 362.838488][ T7921] syzkaller0: entered promiscuous mode [ 362.838508][ T7921] syzkaller0: entered allmulticast mode [ 362.845904][ T7921] sch_tbf: burst 255 is lower than device syzkaller0 mtu (1514) ! [ 362.880301][ T7921] tipc: Resetting bearer [ 362.882775][ T7920] tipc: Resetting bearer [ 362.887904][ T7923] loop2: detected capacity change from 0 to 1024 [ 362.889474][ T7923] EXT4-fs: Ignoring removed orlov option [ 362.889928][ T7920] tipc: Disabling bearer [ 362.893760][ T7923] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 362.904052][ T7923] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 363.032021][ T7931] tipc: Enabling of bearer rejected, already enabled [ 363.039389][ T7932] loop4: detected capacity change from 0 to 512 [ 363.049255][ T7932] EXT4-fs: Ignoring removed bh option [ 363.056657][ T7932] EXT4-fs error (device loop4): ext4_iget_extra_inode:5128: inode #11: comm syz.4.828: corrupted in-inode xattr: bad e_name length [ 363.056709][ T7932] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 363.057108][ T7932] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.828: couldn't read orphan inode 11 (err -117) [ 363.057136][ T7932] loop4: lost filesystem error report for type 5 error -117 [ 363.057493][ T7932] EXT4-fs (loop4): 1 truncate cleaned up [ 363.057972][ T7932] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 363.079110][ T7932] xt_hashlimit: size too large, truncated to 1048576 [ 363.130557][ T7941] loop5: detected capacity change from 0 to 128 [ 363.133797][ T7941] FAT-fs (loop5): bogus logical sector size 0 [ 363.133829][ T7941] FAT-fs (loop5): Can't find a valid FAT filesystem [ 363.208041][ T4688] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 363.282325][ T7955] loop4: detected capacity change from 0 to 1024 [ 363.284076][ T7955] EXT4-fs: Ignoring removed orlov option [ 363.288939][ T7954] tipc: Enabled bearer , priority 0 [ 363.290656][ T7954] syzkaller0: entered promiscuous mode [ 363.291018][ T7955] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 363.293868][ T7954] syzkaller0: entered allmulticast mode [ 363.296561][ T7954] sch_tbf: burst 255 is lower than device syzkaller0 mtu (1514) ! [ 363.309082][ T7957] ubi1: attaching mtd0 [ 363.309120][ T7957] ubi1 error: ubi_attach_mtd_dev: bad VID header (38) or data offsets (102) [ 363.339595][ T7954] tipc: Resetting bearer [ 363.343041][ T7955] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 363.392212][ T7952] tipc: Resetting bearer [ 363.414145][ T7952] tipc: Disabling bearer [ 363.417461][ T7963] netlink: 40 bytes leftover after parsing attributes in process `syz.0.842'. [ 363.546450][ T7971] EXT4-fs error (device loop4): ext4_find_dest_de:2050: inode #12: block 7: comm syz.4.839: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 363.547829][ T7971] EXT4-fs (loop4): Remounting filesystem read-only [ 363.826598][ T7987] loop0: detected capacity change from 0 to 512 [ 363.853538][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 363.864933][ T7987] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 363.894054][ T7987] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 363.904934][ T7993] netlink: 'syz.2.853': attribute type 1 has an invalid length. [ 363.907304][ T7987] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28 [ 363.907335][ T7987] EXT4-fs (loop0): This should not happen!! Data will be lost [ 363.907335][ T7987] [ 363.907357][ T7987] EXT4-fs (loop0): Total free blocks count 0 [ 363.907371][ T7987] EXT4-fs (loop0): Free/Dirty block details [ 363.907394][ T7987] EXT4-fs (loop0): free_blocks=65280 [ 363.907411][ T7987] EXT4-fs (loop0): dirty_blocks=1 [ 363.907423][ T7987] EXT4-fs (loop0): Block reservation details [ 363.907433][ T7987] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 363.919878][ T7993] netlink: 28 bytes leftover after parsing attributes in process `syz.2.853'. [ 363.933351][ T7995] loop3: detected capacity change from 0 to 256 [ 363.951914][ T4699] EXT4-fs warning (device loop0): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 363.952742][ T4699] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 363.969902][ T7995] FAT-fs (loop3): Directory bread(block 64) failed [ 363.969942][ T7995] FAT-fs (loop3): Directory bread(block 65) failed [ 363.969969][ T7995] FAT-fs (loop3): Directory bread(block 66) failed [ 363.969982][ T7995] FAT-fs (loop3): Directory bread(block 67) failed [ 363.970006][ T7995] FAT-fs (loop3): Directory bread(block 68) failed [ 363.970017][ T7995] FAT-fs (loop3): Directory bread(block 69) failed [ 363.970040][ T7995] FAT-fs (loop3): Directory bread(block 70) failed [ 363.970051][ T7995] FAT-fs (loop3): Directory bread(block 71) failed [ 363.970073][ T7995] FAT-fs (loop3): Directory bread(block 72) failed [ 363.970083][ T7995] FAT-fs (loop3): Directory bread(block 73) failed [ 363.983903][ T7999] loop2: detected capacity change from 0 to 256 [ 363.993841][ T7997] loop5: detected capacity change from 0 to 2048 [ 363.994265][ T7997] EXT4-fs: Ignoring removed mblk_io_submit option [ 364.004659][ T7999] FAT-fs (loop2): Directory bread(block 64) failed [ 364.004699][ T7999] FAT-fs (loop2): Directory bread(block 65) failed [ 364.004727][ T7999] FAT-fs (loop2): Directory bread(block 66) failed [ 364.004739][ T7999] FAT-fs (loop2): Directory bread(block 67) failed [ 364.004762][ T7999] FAT-fs (loop2): Directory bread(block 68) failed [ 364.004773][ T7999] FAT-fs (loop2): Directory bread(block 69) failed [ 364.004794][ T7999] FAT-fs (loop2): Directory bread(block 70) failed [ 364.004804][ T7999] FAT-fs (loop2): Directory bread(block 71) failed [ 364.004828][ T7999] FAT-fs (loop2): Directory bread(block 72) failed [ 364.004839][ T7999] FAT-fs (loop2): Directory bread(block 73) failed [ 364.033887][ T7997] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 364.038386][ T8001] tipc: Enabled bearer , priority 0 [ 364.038804][ T8001] syzkaller0: entered promiscuous mode [ 364.038815][ T8001] syzkaller0: entered allmulticast mode [ 364.042498][ T8001] sch_tbf: burst 255 is lower than device syzkaller0 mtu (1514) ! [ 364.043543][ T7997] __find_get_block_slow() failed. block=144115188075855872, b_blocknr=0, b_state=0x00006019, b_size=2048, device loop5 blocksize: 2048 [ 364.043559][ T7997] grow_buffers: requested out-of-range block 144115188075855872 for device loop5 [ 364.043569][ T7997] EXT4-fs warning (device loop5): ext4_resize_fs:2018: can't read last block, resize aborted [ 364.064058][ T8001] tipc: Resetting bearer [ 364.070422][ T8000] tipc: Resetting bearer [ 364.072266][ T4698] Bluetooth: hci2: command tx timeout [ 364.077284][ T7487] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.110650][ T8000] tipc: Disabling bearer [ 364.240331][ T4688] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.245867][ T4698] Bluetooth: hci1: command 0x0406 tx timeout [ 364.339862][ T8025] netlink: 'syz.4.867': attribute type 1 has an invalid length. [ 364.341560][ T8025] netlink: 28 bytes leftover after parsing attributes in process `syz.4.867'. [ 364.470003][ T8031] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 364.487088][ T8033] tap0: tun_chr_ioctl cmd 1074025681 [ 364.505115][ T8031] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 364.513097][ T8031] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28 [ 364.517898][ T8031] EXT4-fs (loop2): This should not happen!! Data will be lost [ 364.517898][ T8031] [ 364.519994][ T8031] EXT4-fs (loop2): Total free blocks count 0 [ 364.520035][ T8031] EXT4-fs (loop2): Free/Dirty block details [ 364.520056][ T8031] EXT4-fs (loop2): free_blocks=65280 [ 364.520077][ T8031] EXT4-fs (loop2): dirty_blocks=1 [ 364.520091][ T8031] EXT4-fs (loop2): Block reservation details [ 364.520103][ T8031] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 364.528725][ T8039] FAT-fs (loop0): Directory bread(block 64) failed [ 364.531190][ T8039] FAT-fs (loop0): Directory bread(block 65) failed [ 364.531270][ T8039] FAT-fs (loop0): Directory bread(block 66) failed [ 364.531291][ T8039] FAT-fs (loop0): Directory bread(block 67) failed [ 364.531322][ T8039] FAT-fs (loop0): Directory bread(block 68) failed [ 364.531340][ T8039] FAT-fs (loop0): Directory bread(block 69) failed [ 364.531370][ T8039] FAT-fs (loop0): Directory bread(block 70) failed [ 364.531387][ T8039] FAT-fs (loop0): Directory bread(block 71) failed [ 364.531414][ T8039] FAT-fs (loop0): Directory bread(block 72) failed [ 364.531429][ T8039] FAT-fs (loop0): Directory bread(block 73) failed [ 364.578284][ T4692] EXT4-fs warning (device loop2): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 364.579139][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.638392][ T8049] EXT4-fs: Ignoring removed bh option [ 364.648198][ T8049] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 364.655621][ T8049] EXT4-fs (loop2): 1 truncate cleaned up [ 364.656091][ T8049] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 364.736953][ T8055] EXT4-fs: Ignoring removed oldalloc option [ 364.755589][ T8055] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 364.973851][ T4688] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.009115][ T8073] tap0: tun_chr_ioctl cmd 1074025677 [ 365.010262][ T8073] tap0: linktype set to 778 [ 365.311373][ T8075] tap0: tun_chr_ioctl cmd 1074025681 [ 365.375512][ T8083] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 365.387061][ T8083] EXT4-fs error (device loop5): ext4_iget_extra_inode:5128: inode #12: comm syz.5.891: corrupted in-inode xattr: invalid size in ea xattr [ 365.413905][ T7487] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 365.457646][ T4698] Bluetooth: hci4: link tx timeout [ 365.458003][ T4698] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa [ 365.492920][ T8097] tipc: Enabled bearer , priority 0 [ 365.493279][ T8097] syzkaller0: entered promiscuous mode [ 365.493290][ T8097] syzkaller0: entered allmulticast mode [ 365.494385][ T8097] sch_tbf: burst 255 is lower than device syzkaller0 mtu (1514) ! [ 365.502217][ T8097] tipc: Resetting bearer [ 365.506645][ T8096] tipc: Resetting bearer [ 365.515739][ T8096] tipc: Disabling bearer [ 365.566838][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.601111][ T8104] overlayfs: failed to resolve './file1': -2 [ 365.638311][ T8107] netlink: 8 bytes leftover after parsing attributes in process `syz.5.901'. [ 365.881581][ T8117] usb usb8: usbfs: process 8117 (syz.3.905) did not claim interface 0 before use [ 366.116987][ T8135] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 366.262464][ T8143] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 366.284204][ T8143] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 366.296979][ T8143] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.918: bg 0: block 217: padding at end of block bitmap is not set [ 366.298049][ T8143] EXT4-fs (loop3): Remounting filesystem read-only [ 366.336135][ T4690] Bluetooth: hci2: command tx timeout [ 366.393840][ T4694] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 366.397225][ T1099] Quota error (device loop3): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync! [ 366.397264][ T1099] Quota error (device loop3): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync! [ 366.476251][ T8158] EXT4-fs (loop0): Test dummy encryption mode enabled [ 366.479907][ T8158] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 366.484362][ T8158] EXT4-fs error (device loop0): ext4_orphan_get:1423: comm syz.0.924: bad orphan inode 131083 [ 366.486397][ T8158] loop0: lost filesystem error report for type 5 error -117 [ 366.487840][ T8158] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 366.493500][ T4690] Bluetooth: hci4: ACL packet for unknown connection handle 201 [ 366.548176][ T4699] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 366.572470][ T8163] tap0: tun_chr_ioctl cmd 1074025677 [ 366.573630][ T8163] tap0: linktype set to 776 [ 366.584680][ T8167] xt_hashlimit: size too large, truncated to 1048576 [ 366.601402][ T8113] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 366.617767][ T8169] EXT4-fs: Ignoring removed orlov option [ 366.629694][ T8169] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 366.647954][ T8169] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 366.895183][ T8198] tipc: Enabled bearer , priority 0 [ 366.895524][ T8198] syzkaller0: entered promiscuous mode [ 366.895552][ T8198] syzkaller0: entered allmulticast mode [ 366.897047][ T8198] sch_tbf: burst 255 is lower than device syzkaller0 mtu (1514) ! [ 366.905466][ T8197] tipc: Resetting bearer [ 366.920146][ T8197] tipc: Disabling bearer [ 367.021179][ T8205] EXT4-fs: Ignoring removed nobh option [ 367.022646][ T8205] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 367.023281][ T8205] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.943: invalid indirect mapped block 256 (level 1) [ 367.023301][ T8205] loop4: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 367.023473][ T8205] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.943: invalid indirect mapped block 2683928664 (level 1) [ 367.023487][ T8205] loop4: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 367.023860][ T8205] EXT4-fs (loop4): 1 truncate cleaned up [ 367.024349][ T8205] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 367.032752][ T8205] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.943: Invalid block bitmap block 3 in block_group 0 [ 367.032998][ T8205] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 367.033155][ T8205] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.943: invalid indirect mapped block 480848489 (level 1) [ 367.047627][ T4688] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.119176][ T8212] netlink: 28 bytes leftover after parsing attributes in process `syz.3.947'. [ 367.199221][ T8220] EXT4-fs: Ignoring removed bh option [ 367.204124][ T8220] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 367.219266][ T8220] EXT4-fs (loop3): 1 truncate cleaned up [ 367.219746][ T8220] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 367.725738][ T4690] Bluetooth: hci4: command 0x0406 tx timeout [ 367.885280][ T4690] Bluetooth: hci0: command 0x0406 tx timeout [ 368.139534][ T4699] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 368.175005][ T4698] Bluetooth: hci1: unexpected event for opcode 0x202d [ 368.330823][ T8237] set_capacity_and_notify: 13 callbacks suppressed [ 368.330865][ T8237] loop0: detected capacity change from 0 to 2048 [ 368.331234][ T8237] EXT4-fs: Ignoring removed oldalloc option [ 368.338621][ T4694] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 368.373415][ T8237] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 368.386529][ T8243] loop4: detected capacity change from 0 to 128 [ 368.570555][ T8255] xt_hashlimit: size too large, truncated to 1048576 [ 368.578867][ T4698] Bluetooth: hci2: command tx timeout [ 368.580511][ T4699] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 368.627057][ T8255] x9: renamed from bridge_slave_0 (while UP) [ 368.656817][ T8262] overlayfs: failed to resolve './file1': -2 [ 368.710346][ T8264] netlink: 48 bytes leftover after parsing attributes in process `syz.4.965'. [ 368.742371][ T8267] loop4: detected capacity change from 0 to 1024 [ 368.744228][ T8267] EXT4-fs: Ignoring removed orlov option [ 368.747477][ T8267] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 368.755481][ T8267] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 368.812602][ T8271] loop7: detected capacity change from 0 to 5 [ 368.812998][ T8271] buffer_io_error: 9 callbacks suppressed [ 368.813021][ T8271] Buffer I/O error on dev loop7, logical block 0, async page read [ 368.813063][ T8271] Buffer I/O error on dev loop7, logical block 0, async page read [ 368.813102][ T8271] Buffer I/O error on dev loop7, logical block 0, async page read [ 368.813138][ T8271] Buffer I/O error on dev loop7, logical block 0, async page read [ 368.813169][ T8271] Buffer I/O error on dev loop7, logical block 0, async page read [ 368.813198][ T8271] ldm_validate_partition_table(): Disk read failed. [ 368.813217][ T8271] Buffer I/O error on dev loop7, logical block 0, async page read [ 368.813248][ T8271] Buffer I/O error on dev loop7, logical block 0, async page read [ 368.813276][ T8271] Buffer I/O error on dev loop7, logical block 0, async page read [ 368.813303][ T8271] Buffer I/O error on dev loop7, logical block 0, async page read [ 368.813324][ T8271] Dev loop7: unable to read RDB block 0 [ 368.813339][ T8271] Buffer I/O error on dev loop7, logical block 0, async page read [ 368.813398][ T8271] loop7: unable to read partition table [ 368.813464][ T8271] loop7: partition table beyond EOD, truncated [ 368.813479][ T8271] loop_reread_partitions: partition scan of loop7 () failed (rc=-5) [ 368.963856][ T8276] EXT4-fs error (device loop4): ext4_find_dest_de:2050: inode #12: block 7: comm syz.4.966: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 368.984511][ T8276] EXT4-fs (loop4): Remounting filesystem read-only [ 369.137317][ T30] audit: type=1326 audit(1048933.133:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8278 comm="syz.5.970" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff96b77aa8 code=0x0 [ 369.215089][ T8289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 369.219273][ T8289] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 369.241783][ T8291] overlayfs: failed to resolve './file1': -2 [ 369.349779][ T8294] loop2: detected capacity change from 0 to 1024 [ 369.351533][ T8294] EXT4-fs: Ignoring removed nomblk_io_submit option [ 369.364297][ T8294] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 369.380100][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 369.734274][ T4688] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.808680][ T8316] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.986'. [ 369.809415][ T8316] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.986'. [ 369.816927][ T8317] overlayfs: failed to resolve './file1': -2 [ 369.868589][ T8324] loop0: detected capacity change from 0 to 128 [ 369.934986][ T8329] overlayfs: failed to resolve './file1': -2 [ 370.082551][ T8319] loop4: detected capacity change from 0 to 256 [ 370.091583][ T8336] loop5: detected capacity change from 0 to 1024 [ 370.103008][ T8336] EXT4-fs: Ignoring removed orlov option [ 370.104841][ T8336] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 370.115442][ T8336] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 370.252416][ T7487] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.323387][ T8347] netlink: 8 bytes leftover after parsing attributes in process `syz.4.998'. [ 370.405661][ T30] audit: type=1326 audit(1048934.305:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8353 comm="syz.4.1003" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9b77aa8 code=0x0 [ 370.876343][ T6090] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 370.878444][ T6090] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 370.913314][ T8368] loop0: detected capacity change from 0 to 1024 [ 370.915118][ T8368] EXT4-fs: Ignoring removed orlov option [ 370.916970][ T8368] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 370.935921][ T8364] fido_id[8364]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 370.954167][ T8368] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 371.028871][ T8374] overlayfs: failed to resolve './file1': -2 [ 371.051912][ T8378] loop2: detected capacity change from 0 to 128 [ 371.064863][ T4699] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 371.071638][ T8378] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 371.097667][ T8378] overlayfs: upper fs needs to support d_type. [ 371.120685][ T4692] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 371.220221][ T8393] EXT4-fs: Ignoring removed orlov option [ 371.228206][ T8393] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 371.244854][ T8393] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 371.270624][ T8398] overlayfs: failed to resolve './file1': -2 [ 371.346059][ T6090] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 371.350440][ T6090] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 371.356089][ T8401] hid-generic 0000:0000:0000.0002: pid 8401 passed too short report [ 371.642634][ T8402] fido_id[8402]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 371.665757][ T4698] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 371.668970][ T8410] overlayfs: failed to resolve './file1': -2 [ 372.081013][ T8415] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 372.092373][ T8415] xt_hashlimit: size too large, truncated to 1048576 [ 372.158860][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 372.177159][ T8419] ldm_validate_partition_table(): Disk read failed. [ 372.177375][ T8419] Dev loop7: unable to read RDB block 0 [ 372.177452][ T8419] loop7: unable to read partition table [ 372.177522][ T8419] loop7: partition table beyond EOD, truncated [ 372.177539][ T8419] loop_reread_partitions: partition scan of loop7 () failed (rc=-5) [ 372.325989][ T8429] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 372.428404][ T8437] xt_hashlimit: size too large, truncated to 1048576 [ 372.435725][ T8438] IPVS: Error connecting to the multicast addr [ 372.555560][ T8431] lo speed is unknown, defaulting to 1000 [ 372.632442][ T8445] EXT4-fs: Ignoring removed orlov option [ 372.634339][ T8445] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 372.651923][ T8445] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 373.295575][ T8478] Dev loop8: unable to read RDB block 7 [ 373.295620][ T8478] loop8: unable to read partition table [ 373.295691][ T8478] loop8: partition table beyond EOD, truncated [ 373.295702][ T8478] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 373.327262][ T8482] xt_hashlimit: size too large, truncated to 1048576 [ 373.427040][ T8490] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1054'. [ 373.500387][ T30] audit: type=1400 audit(1048937.167:9): lsm=SMACK fn=smack_inode_permission action=denied subject="y" object="_" requested=wx pid=8495 comm="syz.0.1057" name="222" dev="tmpfs" ino=1227 [ 373.562383][ T4688] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 373.605149][ T8504] overlayfs: failed to resolve './file1': -2 [ 373.649719][ T8507] EXT4-fs: Ignoring removed oldalloc option [ 373.652786][ T8507] EXT4-fs: Ignoring removed oldalloc option [ 373.689655][ T8510] xt_hashlimit: size too large, truncated to 1048576 [ 373.695131][ T8507] EXT4-fs (loop4): stripe (4) is not aligned with cluster size (16), stripe is disabled [ 373.714249][ T8507] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 373.722394][ T8507] EXT4-fs (loop4): shut down requested (1) [ 373.727077][ T8518] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 373.727144][ T8518] System zones: 1-3, 19-19, 35-36 [ 373.727743][ T8518] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 373.737227][ T8518] EXT4-fs warning (device loop0): verify_group_input:137: Cannot add at group 125855 (only 1 groups) [ 373.748409][ T4688] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 373.761247][ T4699] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 373.784803][ T8522] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1066'. [ 373.890110][ T8537] set_capacity_and_notify: 7 callbacks suppressed [ 373.903982][ T8537] loop2: detected capacity change from 0 to 1024 [ 373.904427][ T8537] EXT4-fs: inline encryption not supported [ 373.920292][ T8541] overlayfs: failed to resolve './file1': -2 [ 373.959921][ T8537] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 374.019425][ T4692] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 374.309135][ T30] audit: type=1326 audit(1048937.897:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8544 comm="syz.0.1077" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb5f77aa8 code=0x0 [ 374.633721][ T8550] loop3: detected capacity change from 0 to 2048 [ 374.642129][ T8554] loop5: detected capacity change from 0 to 8 [ 374.653994][ T8553] bridge0: port 4(vlan2) entered blocking state [ 374.654417][ T8553] bridge0: port 4(vlan2) entered disabled state [ 374.654516][ T8553] vlan2: entered allmulticast mode [ 374.654528][ T8553] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 374.655306][ T8553] vlan2: entered promiscuous mode [ 374.655318][ T8553] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 374.660457][ T8550] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 374.662353][ T8554] SQUASHFS error: Failed to read block 0x4de: -5 [ 374.662365][ T8554] SQUASHFS error: Unable to read data cache entry [4de] [ 374.662373][ T8554] SQUASHFS error: Unable to read page, block 4de, size 1000000 [ 374.662525][ T8554] SQUASHFS error: Unable to read data cache entry [4de] [ 374.662531][ T8554] SQUASHFS error: Unable to read page, block 4de, size 1000000 [ 374.842233][ T8568] loop2: detected capacity change from 0 to 1024 [ 374.842672][ T8568] EXT4-fs: inline encryption not supported [ 374.925526][ T8575] loop5: detected capacity change from 0 to 7 [ 374.933398][ T8577] binder: 8576:8577 ioctl c0306201 0 returned -14 [ 374.933583][ T8577] binder: 8576:8577 got transaction to invalid handle, 1 [ 374.933606][ T8577] binder: 8576:8577 cannot find target node [ 374.933628][ T8577] binder: 8576:8577 transaction call to 0:0 failed 14/29201/-22, code 0 size 0-0 line 3236 [ 374.940004][ T4787] binder: undelivered TRANSACTION_ERROR: 29201 [ 374.946549][ T8575] Dev loop5: unable to read RDB block 7 [ 374.947493][ T8575] loop5: unable to read partition table [ 374.947577][ T8575] loop5: partition table beyond EOD, truncated [ 374.947597][ T8575] loop_reread_partitions: partition scan of loop5 (被x ) failed (rc=-5) [ 374.973932][ T8575] Dev loop5: unable to read RDB block 7 [ 374.973968][ T8575] loop5: unable to read partition table [ 374.974036][ T8575] loop5: partition table beyond EOD, truncated [ 374.974053][ T8575] loop_reread_partitions: partition scan of loop5 (被x ) failed (rc=-5) [ 375.229439][ T8568] EXT4-fs error (device loop2): ext4_map_blocks:833: inode #15: comm syz.2.1086: lblock 0 mapped to illegal pblock 0 (length 6) [ 375.232540][ T8568] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117 [ 375.234407][ T8568] EXT4-fs (loop2): This should not happen!! Data will be lost [ 375.234407][ T8568] [ 375.256314][ T1099] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 112: padding at end of block bitmap is not set [ 375.260538][ T1099] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2048 with max blocks 2048 with error 28 [ 375.260574][ T1099] EXT4-fs (loop2): This should not happen!! Data will be lost [ 375.260574][ T1099] [ 375.260588][ T1099] EXT4-fs (loop2): Total free blocks count 0 [ 375.260600][ T1099] EXT4-fs (loop2): Free/Dirty block details [ 375.260622][ T1099] EXT4-fs (loop2): free_blocks=0 [ 375.260641][ T1099] EXT4-fs (loop2): dirty_blocks=14336 [ 375.260651][ T1099] EXT4-fs (loop2): Block reservation details [ 375.260660][ T1099] EXT4-fs (loop2): i_reserved_data_blocks=896 [ 375.296948][ T4692] EXT4-fs warning (device loop2): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 375.320140][ T8590] loop0: detected capacity change from 0 to 512 [ 375.433404][ T4698] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 375.480982][ T8597] loop5: detected capacity change from 0 to 256 [ 375.503022][ T8600] overlayfs: failed to resolve './file1': -2 [ 375.997673][ T4398] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 375.999257][ T4398] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 376.044905][ T8613] loop0: detected capacity change from 0 to 512 [ 376.051133][ T8613] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 376.083060][ T8613] EXT4-fs (loop0): shut down requested (2) [ 376.187997][ T8624] loop4: detected capacity change from 0 to 1024 [ 376.231208][ T8624] EXT4-fs error (device loop4): ext4_map_blocks:833: inode #15: comm syz.4.1108: lblock 0 mapped to illegal pblock 0 (length 6) [ 376.232560][ T8624] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117 [ 376.232578][ T8624] EXT4-fs (loop4): This should not happen!! Data will be lost [ 376.232578][ T8624] [ 376.263806][ T1099] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 112: padding at end of block bitmap is not set [ 376.264241][ T1099] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 32 with error 28 [ 376.264254][ T1099] EXT4-fs (loop4): This should not happen!! Data will be lost [ 376.264254][ T1099] [ 376.264261][ T1099] EXT4-fs (loop4): Total free blocks count 0 [ 376.264268][ T1099] EXT4-fs (loop4): Free/Dirty block details [ 376.264275][ T1099] EXT4-fs (loop4): free_blocks=0 [ 376.264283][ T1099] EXT4-fs (loop4): dirty_blocks=32 [ 376.264288][ T1099] EXT4-fs (loop4): Block reservation details [ 376.264294][ T1099] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 376.264889][ T4688] EXT4-fs warning (device loop4): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 376.374983][ T8636] loop0: detected capacity change from 0 to 8192 [ 376.514169][ T8649] Dev loop7: unable to read RDB block 7 [ 376.514212][ T8649] loop7: unable to read partition table [ 376.514310][ T8649] loop7: partition table beyond EOD, truncated [ 376.514339][ T8649] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 376.543290][ C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 376.543338][ C1] buffer_io_error: 24 callbacks suppressed [ 376.543359][ C1] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 376.601220][ T8659] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 376.654658][ T8666] EXT4-fs: Ignoring removed orlov option [ 376.663160][ T8666] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 376.812865][ T8681] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 376.812908][ T8681] TCP: tcp_parse_options: Illegal window scaling value 215 > 14 received [ 376.835714][ T8683] EXT4-fs: Ignoring removed nobh option [ 376.836925][ T8683] EXT4-fs: Ignoring removed nobh option [ 376.871733][ T8683] EXT4-fs (loop5): shut down requested (2) [ 376.981109][ T8688] EXT4-fs error (device loop2): ext4_lookup:1789: inode #2: comm syz.2.1136: deleted inode referenced: 12 [ 376.982429][ T8688] EXT4-fs (loop2): Remounting filesystem read-only [ 377.010371][ T8694] binder: 8693:8694 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 377.010629][ T8694] binder: 8693:8694 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 377.046649][ T8696] Dev loop7: unable to read RDB block 7 [ 377.046808][ T8696] loop7: unable to read partition table [ 377.046925][ T8696] loop7: partition table beyond EOD, truncated [ 377.046959][ T8696] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 377.048986][ C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 377.049005][ C1] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 377.317047][ T8702] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1141'. [ 377.317082][ T8702] netlink: 'syz.5.1141': attribute type 32 has an invalid length. [ 377.317112][ T8702] bond0: option coupled_control: mode dependency failed, not supported in mode balance-rr(0) [ 377.374926][ T8705] EXT4-fs: inline encryption not supported [ 377.435151][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 377.448344][ T8714] EXT4-fs: Ignoring removed nobh option [ 377.455637][ T8714] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 377.462117][ T8714] EXT4-fs (loop2): 1 truncate cleaned up [ 377.604180][ T8727] serio: Serial port ptm0 [ 377.729748][ T8737] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1152'. [ 377.798326][ T8739] EXT4-fs error (device loop5): ext4_orphan_get:1397: inode #15: comm syz.5.1153: inode has both inline data and extents flags [ 377.798370][ T8739] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 377.798636][ T8739] EXT4-fs error (device loop5): ext4_orphan_get:1402: comm syz.5.1153: couldn't read orphan inode 15 (err -117) [ 377.798669][ T8739] loop5: lost filesystem error report for type 5 error -117 [ 377.808313][ T8739] EXT4-fs error (device loop5): ext4_check_dx_root:2201: inode #2: comm syz.5.1153: Corrupt dir, invalid name_len for '.', running e2fsck is recommended [ 377.919178][ T8746] overlayfs: failed to resolve './file1': -2 [ 378.008492][ T8752] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 378.080824][ T8711] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 378.086853][ T1099] EXT4-fs error (device loop4): ext4_map_blocks:833: inode #15: comm kworker/u8:4: lblock 0 mapped to illegal pblock 0 (length 6) [ 378.094061][ T1099] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117 [ 378.094100][ T1099] EXT4-fs (loop4): This should not happen!! Data will be lost [ 378.094100][ T1099] [ 378.106862][ T8705] EXT4-fs error (device loop4): ext4_ext_remove_space:2969: inode #15: comm syz.4.1143: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 378.112505][ T8705] EXT4-fs error (device loop4): ext4_ext_remove_space:2969: inode #15: comm syz.4.1143: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 378.117872][ T8705] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2048 with max blocks 2048 with error 28 [ 378.120358][ T8705] EXT4-fs (loop4): This should not happen!! Data will be lost [ 378.120358][ T8705] [ 378.125809][ T8705] EXT4-fs (loop4): Total free blocks count 0 [ 378.125836][ T8705] EXT4-fs (loop4): Free/Dirty block details [ 378.125858][ T8705] EXT4-fs (loop4): free_blocks=0 [ 378.125926][ T8705] EXT4-fs (loop4): dirty_blocks=13936 [ 378.125941][ T8705] EXT4-fs (loop4): Block reservation details [ 378.125953][ T8705] EXT4-fs (loop4): i_reserved_data_blocks=871 [ 378.213220][ T4688] EXT4-fs warning (device loop4): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 378.278583][ T8763] EXT4-fs: Ignoring removed orlov option [ 378.278962][ T8763] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 378.559332][ T8781] binder: 8780:8781 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 378.563077][ T8781] binder: 8780:8781 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 378.601926][ T8783] overlayfs: failed to resolve './file1': -2 [ 379.014344][ T8791] EXT4-fs error (device loop4): ext4_iget_extra_inode:5128: inode #15: comm syz.4.1173: corrupted in-inode xattr: invalid ea_ino [ 379.014397][ T8791] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 379.017493][ T8791] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.1173: couldn't read orphan inode 15 (err -117) [ 379.017528][ T8791] loop4: lost filesystem error report for type 5 error -117 [ 379.021836][ C0] EXT4-fs (loop4): error count since last fsck: 2 [ 379.021861][ C0] EXT4-fs (loop4): initial error at time 1048942: ext4_iget_extra_inode:5128: inode 15 [ 379.021882][ C0] EXT4-fs (loop4): last error at time 1048942: ext4_orphan_get:1402 [ 379.039479][ T8791] EXT4-fs (loop4): shut down requested (2) [ 379.545012][ T8813] set_capacity_and_notify: 11 callbacks suppressed [ 379.546728][ T8813] loop0: detected capacity change from 0 to 512 [ 379.547192][ T8813] EXT4-fs: Ignoring removed nobh option [ 379.550122][ T8813] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 379.566544][ T8813] EXT4-fs (loop0): 1 truncate cleaned up [ 379.650489][ T8821] overlayfs: failed to resolve './file1': -2 [ 379.768859][ T8827] loop5: detected capacity change from 0 to 1024 [ 379.770775][ T8827] EXT4-fs: Ignoring removed orlov option [ 379.879451][ T8827] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 380.104294][ T8834] EXT4-fs error (device loop5): ext4_find_dest_de:2050: inode #12: block 7: comm syz.5.1188: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 380.146025][ T8834] EXT4-fs (loop5): Remounting filesystem read-only [ 380.491942][ T8849] loop3: detected capacity change from 0 to 128 [ 380.790380][ T8858] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1197'. [ 380.885771][ T8863] input: syz1 as /devices/virtual/input/input10 [ 380.911333][ T8858] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 381.010462][ T8858] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 381.076432][ T8849] EXT4-fs error (device loop3): htree_dirblock_to_tree:1080: inode #2: block 4: comm syz.3.1194: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1 [ 381.102466][ T8858] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 381.160081][ T8876] tipc: Enabling of bearer rejected, failed to enable media [ 381.190103][ T8858] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 381.299318][ T8890] loop5: detected capacity change from 0 to 1024 [ 381.301638][ T8890] EXT4-fs: Ignoring removed orlov option [ 381.304337][ T8890] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 381.390195][ T8894] overlayfs: failed to resolve './file1': -2 [ 381.419173][ T6609] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.423007][ T6609] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.425250][ T6609] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.426803][ T6609] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.846120][ T8906] loop3: detected capacity change from 0 to 256 [ 381.878436][ T8906] FAT-fs (loop3): Directory bread(block 64) failed [ 381.878480][ T8906] FAT-fs (loop3): Directory bread(block 65) failed [ 381.878507][ T8906] FAT-fs (loop3): Directory bread(block 66) failed [ 381.878520][ T8906] FAT-fs (loop3): Directory bread(block 67) failed [ 381.878544][ T8906] FAT-fs (loop3): Directory bread(block 68) failed [ 381.878556][ T8906] FAT-fs (loop3): Directory bread(block 69) failed [ 381.878582][ T8906] FAT-fs (loop3): Directory bread(block 70) failed [ 381.878592][ T8906] FAT-fs (loop3): Directory bread(block 71) failed [ 381.878615][ T8906] FAT-fs (loop3): Directory bread(block 72) failed [ 381.878625][ T8906] FAT-fs (loop3): Directory bread(block 73) failed [ 381.939998][ T8910] loop4: detected capacity change from 0 to 512 [ 382.309350][ T8931] overlayfs: failed to resolve './file1': -2 [ 382.442301][ T8941] loop5: detected capacity change from 0 to 2048 [ 382.464784][ T8941] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.1233: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 382.472465][ T8941] EXT4-fs (loop5): Remounting filesystem read-only [ 382.674883][ T8964] Illegal XDP return value 4294967274 on prog (id 80) dev syz_tun, expect packet loss! [ 382.692498][ T8968] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1243'. [ 382.711135][ T8971] loop4: detected capacity change from 0 to 1024 [ 382.712614][ T8971] EXT4-fs: Ignoring removed orlov option [ 382.717050][ T8971] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 382.731504][ T4698] Bluetooth: hci1: unexpected event for opcode 0x0c5b [ 382.753882][ T8979] loop5: detected capacity change from 0 to 512 [ 383.073734][ T9001] loop5: detected capacity change from 0 to 512 [ 383.075790][ T9001] EXT4-fs: Ignoring removed bh option [ 383.081214][ T9001] EXT4-fs (loop5): 1 truncate cleaned up [ 383.091828][ T9001] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1254: invalid indirect mapped block 4294901760 (level 0) [ 383.094836][ T9001] EXT4-fs (loop5): Remounting filesystem read-only [ 383.388385][ T9028] Bluetooth: hci0: service_discovery: expected 4 bytes, got 7 bytes [ 383.457011][ T9033] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 383.581616][ T9040] EXT4-fs: Ignoring removed orlov option [ 383.583404][ T9040] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 383.590090][ T9042] overlayfs: failed to resolve './file1': -2 [ 383.823849][ T9055] EXT4-fs error (device loop2): ext4_find_dest_de:2050: inode #12: block 7: comm syz.2.1271: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 383.824810][ T9055] EXT4-fs (loop2): Remounting filesystem read-only [ 384.440253][ T9080] EXT4-fs: Ignoring removed orlov option [ 384.440689][ T9080] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 384.559082][ T9084] syzkaller1: entered promiscuous mode [ 384.561513][ T9084] syzkaller1: entered allmulticast mode [ 384.874211][ T1595] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.874264][ T1595] ieee802154 phy1 wpan1: encryption failed: -22 [ 385.006651][ T9105] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1295'. [ 385.058944][ T9109] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 385.096668][ T9113] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1299'. [ 385.100052] ** replaying previous printk message ** [ 385.100052][ T9113] ------------[ cut here ]------------ [ 385.100082][ T9113] intf 08:02:11:00:00:00 [link=0]: bad STA 08:02:11:00:00:01 bandwidth 20 MHz (0) > channel config 10 MHz (7) [ 385.100273][ T9113] WARNING: drivers/net/wireless/virtual/mac80211_hwsim.c:2832 at mac80211_hwsim_sta_rc_update+0x4fc/0x6b4, CPU#0: syz.5.1299/9113 [ 385.106091][ T9113] Modules linked in: [ 385.106786][ T9113] CPU: 0 UID: 0 PID: 9113 Comm: syz.5.1299 Tainted: G L syzkaller #0 PREEMPT [ 385.108524][ T9113] Tainted: [L]=SOFTLOCKUP [ 385.109234][ T9113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/02/2026 [ 385.110916][ T9113] pstate: 63400005 (nZCv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) [ 385.112200][ T9113] pc : mac80211_hwsim_sta_rc_update+0x4fc/0x6b4 [ 385.113212][ T9113] lr : mac80211_hwsim_sta_rc_update+0x4fc/0x6b4 [ 385.114294][ T9113] sp : ffff800092e86d20 [ 385.115026][ T9113] x29: ffff800092e86d60 x28: 0000000000000014 x27: ffff80008a049000 [ 385.116433][ T9113] x26: dfff800000000000 x25: ffff000101ae72c0 x24: ffff0000d6ae9090 [ 385.117854][ T9113] x23: 0000000000000000 x22: ffff80008a049000 x21: 0000000000000000 [ 385.119286][ T9113] x20: 1fffe0001e002d39 x19: 0000000000000007 x18: 00000000ffffffff [ 385.120805][ T9113] x17: ffff80008a680000 x16: 0000000000000004 x15: ffff80008a209c80 [ 385.122173][ T9113] x14: 0000000000000001 x13: 0000000000000001 x12: ffff000107f00000 [ 385.123537][ T9113] x11: 0000000000000000 x10: 0000000000080000 x9 : 70452e91d2277f00 [ 385.124863][ T9113] x8 : 70452e91d2277f00 x7 : ffff80008048076c x6 : 0000000000000000 [ 385.126340][ T9113] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff8000802f45e0 [ 385.127756][ T9113] x2 : 0000000100000000 x1 : ffff000107f00000 x0 : 0000000000000001 [ 385.129092][ T9113] Call trace: [ 385.129596][ T9113] mac80211_hwsim_sta_rc_update+0x4fc/0x6b4 (P) [ 385.130615][ T9113] mac80211_hwsim_sta_add+0xa8/0x278 [ 385.131472][ T9113] drv_sta_state+0x6c0/0x1a48 [ 385.132263][ T9113] sta_info_insert_rcu+0x16dc/0x23c0 [ 385.133141][ T9113] sta_info_insert+0x20/0xd8 [ 385.133850][ T9113] ieee80211_add_station+0x3ec/0x5e4 [ 385.134743][ T9113] rdev_add_station+0x118/0x428 [ 385.135532][ T9113] nl80211_new_station+0x134c/0x1818 [ 385.136435][ T9113] genl_family_rcv_msg_doit+0x1e4/0x2d4 [ 385.137392][ T9113] genl_rcv_msg+0x43c/0x620 [ 385.138106][ T9113] netlink_rcv_skb+0x238/0x414 [ 385.138929][ T9113] genl_rcv+0x38/0x50 [ 385.139553][ T9113] netlink_unicast+0x600/0x7f8 [ 385.140298][ T9113] netlink_sendmsg+0x648/0x948 [ 385.141105][ T9113] __sock_sendmsg+0xc8/0x138 [ 385.141857][ T9113] ____sys_sendmsg+0x3d0/0x6c8 [ 385.142633][ T9113] ___sys_sendmsg+0x198/0x224 [ 385.143370][ T9113] __sys_sendmsg+0x160/0x214 [ 385.144126][ T9113] __arm64_sys_sendmsg+0x80/0x94 [ 385.144957][ T9113] invoke_syscall+0x98/0x244 [ 385.145687][ T9113] el0_svc_common+0xec/0x23c [ 385.146486][ T9113] do_el0_svc+0x4c/0x5c [ 385.147224][ T9113] el0_svc+0x64/0x260 [ 385.147920][ T9113] el0t_64_sync_handler+0x48/0x148 [ 385.148737][ T9113] el0t_64_sync+0x198/0x19c [ 385.149609][ T9113] irq event stamp: 918 [ 385.150296][ T9113] hardirqs last enabled at (917): [] vprintk_store+0x924/0xb94 [ 385.151862][ T9113] hardirqs last disabled at (918): [] el1_brk64+0x20/0x54 [ 385.153173][ T9113] softirqs last enabled at (906): [] rate_control_rate_init+0x378/0x5d4 [ 385.154856][ T9113] softirqs last disabled at (902): [] rate_control_rate_init+0x30c/0x5d4 [ 385.156393][ T9113] ---[ end trace 0000000000000000 ]--- [ 391.639330][ T4698] Bluetooth: hci2: command 0x0406 tx timeout