last executing test programs: 8m48.547708258s ago: executing program 2 (id=22): syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x800714, &(0x7f0000000180)={[{@dioread_nolock}, {@jqfmt_vfsv0}]}, 0xff, 0x4a9, &(0x7f0000000580)="$eJzs3M9rXNUeAPDvnUnS301eX1/fa1+r0SoWfyRNWrULFyoKLhQEXdRlTNJaO22kiWBLsFGkLqXgXlwK/gXu3Ii6EMGtgkspFA1CUxcSub+aZDKZ5menzXw+MJlz5p6Zc773njNz5p7cCaBt9aZ/koidEfFzRHTn2YUFevO7menJ4ZvTk8NJzM6+9nuSlbsxPTlcFi2ft6PIHKlEVD5K4tlkcb3jFy+dHarVRi8U+f6Jc+/0j1+89MSZc0OnR0+Pnh88ceL4sYGnnxp8cl3iTOO6ceD9sYP7X3rj6ivDJ6+++d2XabP2Hcq3z4/jtm42CKiB3nSv/TGbqd/28Arafi/YNS+ddLSwIaxINSLSw9WZjf/uqMbcweuOFz9saeOADZV+Nm1ZevPULLCJJdHqFgCtUX7Qp99/y9sdmnrcFa4/F9EV+fmKmenJ4Zlb8XdEpSjTuYH190bEyam/PktvsdLzEAAAq5DNbR5vNP+rxL7sPl/r2F2sofRExL8iYk9E/Dsi9kbEfyKysv+NiP/lT57tXmb9vXX5xfOfyrWGbV4n6fzvmZib+83Mi7+466kWuV1Z/J3JqTO10aPFPjkSnVvS/ECTOr5+4adPlto2f/6X3tL6y7lg0YBrHXUn6EaGJobWaydc/yDiQEej+JNbKwFpD9gfEQdi8TpWE7vLxJlHvzi4VKHbx9/EOqwzzX4e8Uh+/KeiLv5S0nx9sn9r1EaP9pe9YrHvf7zy6oIHqnPJNcW/DtLjv31h/68r0f1nkq/XdkatNnphfOV1XPnl4yW/06yk/5ddPu3/Xcnr2Zr1D2/lB+q9oYmJCwMRXcnLWZmuomz2+ODcq5X5snwa/5HDjcf/nuI5aQX/j4i0Ex+KiPsi4v6i7Q9ExIMRcbhJ/N8+/9DbTeJPIomWHv+Rhu9/t/p/TzJ/vX4VierZb75aasV8ecf/eExl77W57P3vNpbbwDXuPgAAALgnVCJiZySVvjzduzMqlb6+/H/498b2Sm1sfOKxU2Pvnh/JrxHoic5Keaare9750IFkqnjFPD9YnCsutx8rzht/Wt2W5fuGx2ojLY4d2t2OheM/yvGf+q3a6tYBG871WtC+6sd/pUXtAO685Xz++y4Am1OD8b+tFe0A7jzf/6F9NRr/l+vy5v+wOXUsSvza4CfrgM3I/B/al/EP7cv4h7a0luv6V58oLxZY/etsXfYV/psmcbl5mfIXLzayGdti7pGo3B27pWHi7+LnLe+W9qw5kY6YBY9EJLGhlc79hgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC97J8AAAD//wHu668=") sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000000) renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x183042, 0x15) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) io_uring_register$IORING_REGISTER_FILES2(r0, 0xd, &(0x7f0000000d00)={0x5, 0x1, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000300)=""/97, 0x61}, {&(0x7f0000000480)=""/88, 0x58}, {&(0x7f0000000500)=""/68, 0x44}, {0x0}, {&(0x7f0000000c00)=""/80, 0x50}], &(0x7f0000000000)=[0x8, 0x2, 0x6, 0x7d, 0x100]}, 0x20) r6 = dup(r5) write$UHID_INPUT(r6, &(0x7f0000004000)={0xf, {"a2e3ad21ed0d09f91b50090987f70906d038e7ff7fc6e5539b0d3d0e8b089b33396d63060890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffe59}}, 0xfa) 8m44.342673639s ago: executing program 2 (id=27): bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xb, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xa, 0x0, 0x0, 0x41000, 0x54, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6) syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r3, 0x0, 0x20, &(0x7f0000000000)='0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$tipc(r7, &(0x7f0000005a40)=@id={0x1e, 0x3, 0x0, {0x4e20, 0x2}}, 0x10) r8 = socket$nl_route(0x10, 0x3, 0x0) timer_create(0x2, 0x0, &(0x7f0000000000)) sendmsg$nl_route(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@newlink={0x28, 0x10, 0x801, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, 0x0, 0x8028}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x5b4efbb362ec214f}, 0x0) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000000)={0x5, 0x9, 0x2, 0xf4f4, 0x1a, "413156f16099905a"}) 8m33.786572265s ago: executing program 2 (id=41): sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0xfffffffffffffdee, &(0x7f0000000000)=0x8000000000005) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94) sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4800}, 0x20000000) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) getresuid(0x0, 0x0, &(0x7f00000002c0)) socket$inet6(0xa, 0x2, 0x0) 8m26.496358364s ago: executing program 4 (id=60): bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0xa0683, 0x0) 8m24.924545021s ago: executing program 4 (id=61): prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() r1 = gettid() fcntl$setown(0xffffffffffffffff, 0x8, r1) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xe, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x9031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x18) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==") connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback, 0xa}, 0x1c) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f000000e0c0), 0x10010) 8m21.701383807s ago: executing program 4 (id=67): r0 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0xc0c00) ioctl$IOC_PR_PREEMPT(r0, 0x40046109, &(0x7f0000000040)={0xd0, 0xfffffffffffffffe}) socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) r2 = syz_open_dev$video4linux(0x0, 0x0, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="020004100000040000008ba0a485d4c7f5a56a77e5ba9b6dfb82e008532933a6a88667ada05b6544f2c600"/56, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r2, @ANYBLOB='\x00'/28], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000010000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000001c0)={r6}, 0xc) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$TIOCGWINSZ(r9, 0x545d, &(0x7f0000000340)) connect$unix(r7, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r10 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)={0xb0, 0x1403, 0x1, 0x0, 0x25dfdbfb, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'virt_wifi0\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'vlan1\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'rose0\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'veth1_macvtap\x00'}}]}, 0xb0}, 0x1, 0x0, 0x0, 0x200808e4}, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) clock_getres(0x8, 0x0) 8m18.562808173s ago: executing program 32 (id=41): sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0xfffffffffffffdee, &(0x7f0000000000)=0x8000000000005) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94) sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4800}, 0x20000000) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) getresuid(0x0, 0x0, &(0x7f00000002c0)) socket$inet6(0xa, 0x2, 0x0) 8m16.704419015s ago: executing program 4 (id=73): r0 = syz_open_procfs(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r5}, 0x10) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r6}, 0x10) setitimer(0x1, 0x0, 0x0) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r7 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r7, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendto$inet(r7, 0x0, 0x0, 0x404c0c6, &(0x7f0000000180)={0x2, 0x4e21, @remote}, 0x10) capset(&(0x7f0000a31000)={0x20080522}, &(0x7f0000000080)) sendto$inet(r7, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000002300)=0x2, 0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r8, 0x0, 0x0) socketpair$tipc(0x1e, 0x0, 0x0, 0x0) setsockopt$TIPC_MCAST_BROADCAST(0xffffffffffffffff, 0x10f, 0x85) 8m14.980319349s ago: executing program 4 (id=76): setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3, &(0x7f0000000000)=0x1, 0x4) bind$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0}, 0x18) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x20000023896) close(r5) r7 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc)) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x240, 0x0) 8m13.579964128s ago: executing program 4 (id=78): syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4002, &(0x7f0000000080)={[{@noquota}, {@errors_remount}]}, 0x3, 0xbc9, &(0x7f0000002380)="$eJzs3M1rG2caAPBnxrLiJN6VsyzLZi/rZVkSWFaxszhswsImS5a99FBor4UYRw7Gyge2S2rHB7n9B0rbc6GXQtvQ0kNzzqWlvfbSJteWHgqhuHELpbQuow/biSXbqaWMcX4/eDXvO6+k53k0SDMvSArgiTWc3aQRRyPiQhJRau5PI6JY7w1E1Br3W1lenPh+eXEiidXVZ75JIomI+8uLE63nSprbw83BQER8+t8kfvfS5riz8wvT49VqZaY5PjF3+dqJ2fmFf0xdHr9UuVS5MnrqX2Mnx06NnB7rWq0/fHH21nd/+f9XtR/f/unmt6++mcTZGGzObayjW4ZjeO012agQEePdDpaTvmY9G+tMCts8KO1xUgAAdJRuuIb7Q5SiL9Yv3krx4We5JgcAAAB0xWpfxCoAAACwzyXW/wAAALDPtb4HcH95caLV8v1GwuN171xEDDXqX2m2xkwhavXtQPRHxKH7SWz8WWvSeNiuDUfEl3dPv5e16NHvkLdSW4qIP7Y7/km9/qH6r7g3159GxEgX4g8/NN6m/r4uhHzAbuo/24X4j1g/AHTF7XONE9nm81+6dv0Tbc5/hTbnrl+jzfmv6+f4rbSu/1Y2Xf+t19/X4frv6R3GuPHW69c7zWX1//vW/95ttSx+tt1VUY/g3lLEnwrt6k/W6k861H9hhzFKP1+vdJrLu/7VNyKORfv6W5Kt/5/oxORUtTLSuG0bY+mTsXc6xc+7/uz4H+pQf+v/nzod/2s7jPHc+fPvb9p5d727df3p18Xk2Xqv2Nzzwvjc3MxoRDF5avP+k1vn0rpP6zmy+o//dev3f7v6s8+EWvN1yNYCS81tNn7xoZj/uXnjg075tNZ/eR7/ix2O/8b6Py5sPv4v7zDG3z565XinuY3r36xl8VtrYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSSNiMJK0vNZP03I54nBE/D4OpdWrs3N/n7z6/JWL2VzEUPSnk1PVykhElBrjJBuP1vvr45MPjf8ZEUci4rXSwfq4PHG1ejHv4gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhzOCIGI0nLEZFGxEopTcvlvLMCAAAAum4o7wQAAACAnrP+BwAAgP3P+h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAeO/Ln23eSiKidOVhvmWJzrj/XzIBeS/NOAMhNX94JALkp5J0AkJtHXOO7XIB9KNlmfqDjzIGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA3nXs6O07SUTUzhyst0yxOdefa2ZAr6V5JwDkpm+rycLjywN4/LzF4clljQ8k28wPrN+n9uDMgZ7lBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDeM1hvSVqOiGJzX7kc8ZuIGIr+ZHKqWhmJiN9GxOel/gPZeDTnnAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOi+2fmF6fFqtTKTddJodtb26Kx3ksYrVtsr+ejsslOMPZHGHu3k/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAeZucXpser1crMbN6ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmbnV+YHq9WKzM97ORdIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+fklAAD//+K3Chc=") r0 = creat(&(0x7f00000001c0)='./file1\x00', 0x25) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000021000000850000001b000000b700000000"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000340)='signal_deliver\x00', r0, 0x0, 0x5}, 0x18) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10) syz_clone(0xc0001480, 0x0, 0x0, &(0x7f0000000a00), 0x0, 0x0) r4 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000040)={0x1, 0x1}, 0x4) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8002}, 0x4) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x2000}, 0x4) 7m58.018710759s ago: executing program 33 (id=78): syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4002, &(0x7f0000000080)={[{@noquota}, {@errors_remount}]}, 0x3, 0xbc9, &(0x7f0000002380)="$eJzs3M1rG2caAPBnxrLiJN6VsyzLZi/rZVkSWFaxszhswsImS5a99FBor4UYRw7Gyge2S2rHB7n9B0rbc6GXQtvQ0kNzzqWlvfbSJteWHgqhuHELpbQuow/biSXbqaWMcX4/eDXvO6+k53k0SDMvSArgiTWc3aQRRyPiQhJRau5PI6JY7w1E1Br3W1lenPh+eXEiidXVZ75JIomI+8uLE63nSprbw83BQER8+t8kfvfS5riz8wvT49VqZaY5PjF3+dqJ2fmFf0xdHr9UuVS5MnrqX2Mnx06NnB7rWq0/fHH21nd/+f9XtR/f/unmt6++mcTZGGzObayjW4ZjeO012agQEePdDpaTvmY9G+tMCts8KO1xUgAAdJRuuIb7Q5SiL9Yv3krx4We5JgcAAAB0xWpfxCoAAACwzyXW/wAAALDPtb4HcH95caLV8v1GwuN171xEDDXqX2m2xkwhavXtQPRHxKH7SWz8WWvSeNiuDUfEl3dPv5e16NHvkLdSW4qIP7Y7/km9/qH6r7g3159GxEgX4g8/NN6m/r4uhHzAbuo/24X4j1g/AHTF7XONE9nm81+6dv0Tbc5/hTbnrl+jzfmv6+f4rbSu/1Y2Xf+t19/X4frv6R3GuPHW69c7zWX1//vW/95ttSx+tt1VUY/g3lLEnwrt6k/W6k861H9hhzFKP1+vdJrLu/7VNyKORfv6W5Kt/5/oxORUtTLSuG0bY+mTsXc6xc+7/uz4H+pQf+v/nzod/2s7jPHc+fPvb9p5d727df3p18Xk2Xqv2Nzzwvjc3MxoRDF5avP+k1vn0rpP6zmy+o//dev3f7v6s8+EWvN1yNYCS81tNn7xoZj/uXnjg075tNZ/eR7/ix2O/8b6Py5sPv4v7zDG3z565XinuY3r36xl8VtrYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSSNiMJK0vNZP03I54nBE/D4OpdWrs3N/n7z6/JWL2VzEUPSnk1PVykhElBrjJBuP1vvr45MPjf8ZEUci4rXSwfq4PHG1ejHv4gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhzOCIGI0nLEZFGxEopTcvlvLMCAAAAum4o7wQAAACAnrP+BwAAgP3P+h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAeO/Ln23eSiKidOVhvmWJzrj/XzIBeS/NOAMhNX94JALkp5J0AkJtHXOO7XIB9KNlmfqDjzIGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA3nXs6O07SUTUzhyst0yxOdefa2ZAr6V5JwDkpm+rycLjywN4/LzF4clljQ8k28wPrN+n9uDMgZ7lBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDeM1hvSVqOiGJzX7kc8ZuIGIr+ZHKqWhmJiN9GxOel/gPZeDTnnAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOi+2fmF6fFqtTKTddJodtb26Kx3ksYrVtsr+ejsslOMPZHGHu3k/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAeZucXpser1crMbN6ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmbnV+YHq9WKzM97ORdIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+fklAAD//+K3Chc=") r0 = creat(&(0x7f00000001c0)='./file1\x00', 0x25) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000021000000850000001b000000b700000000"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000340)='signal_deliver\x00', r0, 0x0, 0x5}, 0x18) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10) syz_clone(0xc0001480, 0x0, 0x0, &(0x7f0000000a00), 0x0, 0x0) r4 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000040)={0x1, 0x1}, 0x4) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8002}, 0x4) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x2000}, 0x4) 7m17.488583005s ago: executing program 5 (id=146): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="06000000040000000300000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000a61a7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10) syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[], 0x48) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000340)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r5 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$uinput_user_dev(r5, &(0x7f0000000a00)={'syz1\x00', {0x6ec9, 0x7, 0x5, 0x5}, 0x3e, [0x9, 0x2, 0x8, 0x2, 0x5334, 0x400, 0x80000000, 0x5, 0x8, 0x0, 0x6, 0xf5, 0x9, 0x39, 0x747d5a13, 0x8, 0xfffffb9a, 0xfffffffc, 0x4, 0xfffffffb, 0x4, 0x3, 0x4, 0xf252, 0x4, 0x800, 0x300000, 0x7, 0xe, 0x4623b, 0x0, 0x0, 0x1ff, 0x8000, 0x3ff, 0x3, 0xd, 0x3, 0xba55, 0x8da8, 0x2, 0x200, 0x2, 0x400008, 0xe, 0x4, 0x2, 0x0, 0x8, 0x9, 0x1, 0x199f, 0x8, 0x2, 0x9, 0x1, 0x4, 0x6, 0x1000, 0x5, 0x40, 0x9, 0x7, 0x5], [0x6, 0x1e, 0x3, 0x8000, 0xfffffffe, 0x3, 0x0, 0x5, 0x7, 0xfffffffc, 0x4, 0x7fff, 0x72c, 0x1c32, 0x3, 0x9, 0x10000, 0x400, 0x8001, 0x3, 0x1, 0x297, 0x5, 0x0, 0x981, 0x4, 0x100, 0x3ff, 0x0, 0xfffffffe, 0x0, 0x1000001, 0x10, 0xfffffff9, 0x0, 0x5, 0x1, 0xffffffff, 0x6, 0x5, 0x800, 0xffff, 0x6, 0x96, 0xfffffffd, 0x101, 0x0, 0x2, 0x401, 0xc, 0x3, 0x379, 0x9, 0xe, 0x5, 0x7, 0x6, 0x2, 0x1, 0x1, 0x8, 0x6, 0x200, 0x3], [0x401, 0xc584, 0xffff, 0xcd4, 0x7, 0x20, 0x7, 0x4, 0x8, 0x10, 0x7, 0x9, 0xe8b, 0x5, 0x80000001, 0x8, 0xffffffff, 0x1000, 0x2, 0x10, 0x1, 0xfffffff9, 0xe55, 0x10, 0x80000001, 0x4, 0x4, 0x5, 0x9, 0x2, 0x20000005, 0x80, 0x9, 0x9, 0x47, 0x2, 0x3, 0x4, 0x7, 0x6d7e, 0x3, 0x8, 0x8001, 0xbf23, 0x6, 0x8, 0x95a, 0xffffffff, 0x4, 0x3, 0x6, 0x100fffd, 0x2005, 0x7, 0x4, 0xea, 0x9, 0x5, 0x6, 0xd9, 0x0, 0x7ff, 0x401, 0x5], [0x108e, 0x7fff, 0x3, 0x3, 0x88, 0x2, 0x6, 0x4, 0x50, 0x2, 0x763, 0xb, 0x402, 0x800, 0x2, 0x1000, 0x7f, 0x5, 0x3fa6, 0x4, 0x0, 0x5, 0x1e0, 0x4, 0xe47, 0x3, 0x3, 0x4, 0x200, 0x1000, 0x3b, 0x2, 0x5, 0x800, 0xa80a, 0x65f413f9, 0x4, 0x8, 0x8a8, 0x2, 0x40, 0x7, 0x2, 0x4, 0x4, 0x10, 0x0, 0x0, 0x7fff, 0x2, 0xfffffff8, 0x401, 0x1, 0x200, 0x7, 0x4edf, 0xfffffffd, 0x7, 0xe, 0x2, 0xe, 0xf, 0x133, 0x6]}, 0x45c) ioctl$UI_DEV_CREATE(r5, 0x5501) 7m11.26816555s ago: executing program 5 (id=157): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401) r3 = fcntl$dupfd(r2, 0x406, r2) r4 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0) writev(r4, &(0x7f0000000000)=[{&(0x7f0000000080)="08d946221e629e2d18ac55da1b119288593c4199772f", 0x16}], 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x8, 0x3, 0x2c0, 0x100, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1f0, 0xffffffff, 0xffffffff, 0x1f0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev, [], [], 'batadv0\x00', 'wg1\x00', {}, {0x101}, 0x6}, 0x0, 0xd8, 0x100, 0x0, {0x0, 0x4c00}, [@common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x1, 0x4}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0xd0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x320) r5 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r5, 0x1, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r8 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000140)='GPL\x00'}, 0x94) r9 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={r8, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540), &(0x7f0000000540), 0x0, 0x7f, &(0x7f0000000400)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000005c0), &(0x7f0000000600), 0x8, 0xf0, 0x8, 0x8, &(0x7f0000000640)}}, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'bridge0\x00'}) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000bc0)) sendmsg$nl_route(r9, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@newlink={0x28, 0x10, 0x801, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, 0x0, 0x8028}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x5b4efbb362ec214f}, 0x0) 7m7.214609456s ago: executing program 5 (id=162): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x4c, 0x2, 0x6, 0x5, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x11}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xc8f}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x4c}}, 0x20004000) 7m4.654030221s ago: executing program 5 (id=167): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r2, 0x0) setpgid(0x0, r2) mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x10000, 0x0) r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$AUTOFS_IOC_CATATONIC(r3, 0x9362, 0x0) 7m3.797727901s ago: executing program 5 (id=168): syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x800714, &(0x7f0000000180)={[{@dioread_nolock}, {@jqfmt_vfsv0}]}, 0xff, 0x4a9, &(0x7f0000000580)="$eJzs3M9rXNUeAPDvnUnS301eX1/fa1+r0SoWfyRNWrULFyoKLhQEXdRlTNJaO22kiWBLsFGkLqXgXlwK/gXu3Ii6EMGtgkspFA1CUxcSub+aZDKZ5menzXw+MJlz5p6Zc773njNz5p7cCaBt9aZ/koidEfFzRHTn2YUFevO7menJ4ZvTk8NJzM6+9nuSlbsxPTlcFi2ft6PIHKlEVD5K4tlkcb3jFy+dHarVRi8U+f6Jc+/0j1+89MSZc0OnR0+Pnh88ceL4sYGnnxp8cl3iTOO6ceD9sYP7X3rj6ivDJ6+++d2XabP2Hcq3z4/jtm42CKiB3nSv/TGbqd/28Arafi/YNS+ddLSwIaxINSLSw9WZjf/uqMbcweuOFz9saeOADZV+Nm1ZevPULLCJJdHqFgCtUX7Qp99/y9sdmnrcFa4/F9EV+fmKmenJ4Zlb8XdEpSjTuYH190bEyam/PktvsdLzEAAAq5DNbR5vNP+rxL7sPl/r2F2sofRExL8iYk9E/Dsi9kbEfyKysv+NiP/lT57tXmb9vXX5xfOfyrWGbV4n6fzvmZib+83Mi7+466kWuV1Z/J3JqTO10aPFPjkSnVvS/ECTOr5+4adPlto2f/6X3tL6y7lg0YBrHXUn6EaGJobWaydc/yDiQEej+JNbKwFpD9gfEQdi8TpWE7vLxJlHvzi4VKHbx9/EOqwzzX4e8Uh+/KeiLv5S0nx9sn9r1EaP9pe9YrHvf7zy6oIHqnPJNcW/DtLjv31h/68r0f1nkq/XdkatNnphfOV1XPnl4yW/06yk/5ddPu3/Xcnr2Zr1D2/lB+q9oYmJCwMRXcnLWZmuomz2+ODcq5X5snwa/5HDjcf/nuI5aQX/j4i0Ex+KiPsi4v6i7Q9ExIMRcbhJ/N8+/9DbTeJPIomWHv+Rhu9/t/p/TzJ/vX4VierZb75aasV8ecf/eExl77W57P3vNpbbwDXuPgAAALgnVCJiZySVvjzduzMqlb6+/H/498b2Sm1sfOKxU2Pvnh/JrxHoic5Keaare9750IFkqnjFPD9YnCsutx8rzht/Wt2W5fuGx2ojLY4d2t2OheM/yvGf+q3a6tYBG871WtC+6sd/pUXtAO685Xz++y4Am1OD8b+tFe0A7jzf/6F9NRr/l+vy5v+wOXUsSvza4CfrgM3I/B/al/EP7cv4h7a0luv6V58oLxZY/etsXfYV/psmcbl5mfIXLzayGdti7pGo3B27pWHi7+LnLe+W9qw5kY6YBY9EJLGhlc79hgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC97J8AAAD//wHu668=") sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000000) renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000002c0)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@barrier}, {@auto_da_alloc}, {@nodioread_nolock}]}, 0x1, 0x599, &(0x7f0000001280)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=") r0 = openat(0xffffffffffffff9c, 0x0, 0x183042, 0x15) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) pwrite64(r0, 0x0, 0x0, 0xe7c) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_on}]}) 7m0.311959808s ago: executing program 5 (id=173): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) io_setup(0x3, &(0x7f0000000000)=0x0) io_pgetevents(r1, 0x2, 0x2, &(0x7f0000000080)=[{}, {}], &(0x7f0000000100)={0x0, 0x989680}, 0x0) 6m59.729689213s ago: executing program 34 (id=173): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) io_setup(0x3, &(0x7f0000000000)=0x0) io_pgetevents(r1, 0x2, 0x2, &(0x7f0000000080)=[{}, {}], &(0x7f0000000100)={0x0, 0x989680}, 0x0) 12.854759824s ago: executing program 1 (id=750): r0 = socket$inet6(0xa, 0x80002, 0x0) getpid() socket$nl_audit(0x10, 0x3, 0x9) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0xb8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) connect$unix(0xffffffffffffffff, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0700000004000000080200000100000000000000", @ANYRES32, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) r5 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x670, 0x5, 0x328, 0xa8, 0x1e8, 0xfeffffff, 0x290, 0xa8, 0x290, 0x290, 0xffffffff, 0x290, 0x290, 0x5, 0x0, {[{{@ip={@broadcast, @remote, 0x0, 0x0, 'dummy0\x00', 'geneve0\x00'}, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @port, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x0, 0x7}}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x1e8}}, {{@ip={@rand_addr=0x64010100, @multicast1, 0x0, 0xffffffff, 'veth1_to_bond\x00', 'ip_vti0\x00', {0xff}, {0xff}, 0x89, 0x1, 0xa}, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @local, @local, @icmp_id=0x67, @gre_key=0x4}}}}, {{@ip={@private, @local, 0x0, 0x0, 'veth1_virt_wifi\x00', 'pim6reg0\x00'}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @local, @loopback, @icmp_id=0x67, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x388) 11.534648679s ago: executing program 1 (id=753): syz_genetlink_get_family_id$ieee802154(&(0x7f0000001bc0), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_GETPARAMS(0xffffffffffffffff, 0x0, 0x48) r0 = gettid() timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) getpid() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x11, 0x0, 0x0, 0x6, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000540)={0x4, 0x1, 0x87d, 0x9}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000640)=[{0x0, 0x3, 0xb, 0x2}, {0x1, 0x2, 0xd, 0x3}, {0x2, 0x5, 0x3, 0x7}], 0x10, 0x5}, 0x94) sendmmsg(0xffffffffffffffff, &(0x7f000000d800)=[{{&(0x7f0000000300)=@rc={0x1f, @none, 0x8c}, 0x80, 0x0}}], 0x1, 0x4) io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1}) dup(0xffffffffffffffff) r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) readv(r1, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000380)=""/174, 0xae}, {&(0x7f0000000440)=""/208, 0xd0}], 0x3) 10.26929735s ago: executing program 1 (id=755): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x4000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x800) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000080000000000000008000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000040000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000950000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000004}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x1e8629867d7bdaee, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='environ\x00') preadv(r4, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0xc002a0, 0x0) r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) ioctl$RTC_UIE_ON(r5, 0x7003) ioctl$RTC_SET_TIME(r5, 0x4024700a, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0xc, 0x1, 0x20a9, 0x3, 0x2, 0x1}) 8.772373701s ago: executing program 3 (id=756): sendmmsg$inet(0xffffffffffffffff, &(0x7f0000006540)=[{{&(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10, 0x0}}], 0x1, 0x80) io_setup(0x197, &(0x7f0000000440)=0x0) r1 = openat$sysfs(0xffffff9c, &(0x7f0000000300)='/sys/kernel/address_bits', 0x8402, 0x37) io_submit(r0, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0xfffffc98}]) 8.610418613s ago: executing program 1 (id=758): prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000380), 0x109000, 0x0) sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f0000000140)={[{@nogrpid}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@errors_remount}, {@nodiscard}, {@quota}]}, 0x3, 0x438, &(0x7f0000000580)="$eJzs289rHFUcAPDv7GZT01+Jpf5oWjVaxeCPpElr7cGLouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU8Fr3oXoUgurZ5WZncm2d1sfnaTrd3PByb5vpm3vPfNzNt9My8bQNcaSn8kEfsj4veI6K8VGysM1X7dXlqY/GdpYTKJSuXtv5NqvVtLC5N51fx1+/JCT0Th8ySOtmh37srVCxPl8vTlrDw6f/GD0bkrV5+fuThxfvr89KXxM2dOnRx78fT4C23JM83r1uDHs8eOvP7u9Tcnz15/75fvkjz/pjzaZGi9g09VKm1urrMO1MVJTwc7wpYUa8M0StXx3x/FWDl5/fHaZx3tHLCjKpVK5cG1Dy9WgHtYEp3uAdAZ+Qd9ev+bb7s09bgr3Hy5dgOU5n0722pHeqKQ1Sk13d+201BEnF389+t0i515DgEA0OCHdP7zXKv5XyHqnwsdzNZQBiLi/og4FBGnI+JwRDwQUa37UEQ8vMX2mxdJVs9/Dm4rr81K538vZWtbjfO/fPYXA8WsdKCafyk5N1OePpH1bDhKe9Ly2Dpt/Pjqb1+2PJA1kc//0i1tP58LZpX+6tnT+LKpifmJO8m53s1PIwZ7WuWfLK8EJBFxJCIGt9nGzDPfHlvr2NCG+a+jDetMlW8inq6d/8Voyj+XrL8+OXpflKdPjOZXxWq/3rj21lrt31H+bZCe/70tr//l/AeS+vXaua23ce2PL9a8p9k4/9bXf2/yTsO+jybm5y+PRfQmb9Q6Xb9/vKne+Er9NP/h463H/6FY+UscjYj0In4kIh6NiMeyvj8eEU9ExPHVqd3ozYKfX3ny/WpQ2k7+OyvNf2pL538l6I3mPa2D4oWfvm9odGAr+afn/1Q1Gs72bOb9bzP92t7VDAAAAP8/hYjYH0lhZDkuFEZGav/Dfzj2Fsqzc/PPnpv98NJU7TsCA1Eq5E+6+uueh45lt/V5ebypfDJ7bvxVsa9aHpmcLU91OnnocvvWGP+pP4ud7h2w43xfC7qX8Q/dy/iH7mX8Q/dqMf77OtEPYPe1+vz/pAP9AHZf0/i37AddxP0/dC/jH7qX8Q9daa4vNv6SvECwKojCXdENwQ4FnX5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI//AgAA//9Lr+a0") setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000006d80)={'filter\x00', 0x7, 0x4, 0x408, 0x0, 0x110, 0x0, 0x110, 0x320, 0x320, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @private, @remote}}}, {{@arp={@rand_addr, @remote, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_hsr\x00', 'macvlan1\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@broadcast, @mac=@remote, @remote, @multicast1}}}, {{@uncond, 0xc0, 0x100}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "a62fc17084a5529259b49fd11336d17a70955372bc8ea881043d3504e2a3"}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x458) socket$nl_netfilter(0x10, 0x3, 0xc) r4 = socket(0x10, 0x3, 0x0) r5 = epoll_create1(0x0) r6 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000000)={0xe000202b}) epoll_pwait(r6, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x18) dup3(r4, r6, 0x0) 8.372240904s ago: executing program 3 (id=759): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x3, 0x2, 0x3, 0x0, 0xffffffffffffffff, 0x3}, 0x50) bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB, @ANYBLOB], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000001400)={0x11, 0x15, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000020000000000000000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_int(r1, 0x0, 0x2, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000009c0)={0x11, 0x5, &(0x7f0000000340)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r2}, 0x10) socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) bpf$PROG_LOAD(0x5, 0x0, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r5}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="c50a00000000000061139c00000000001800000000000000000000000000000095000000000000005b343f100624b3de7926e22e7edb1497bf3991011242f785f0d596bb538ff72ed469b954afb2361cd3c59f04b57ebf2a29c94ea39c171264f6a088721d3a80495e3ed97583c8bf335cba5f728965fed3d22dd59ee0d06124c3aeb14cb61a877b1382c2489060f66d2018d74d1cd2c729541b0885f7a78a423a83f15537e7ef488da890f5cf403719b04057766ee017e7220e68a7ea43c069da2d0b05dd3567487d73dd363920cd575b2419179af731a6b1bd8c462df0f949c3a16ff977cddb2e84614a492c3d3ec65b1335bc6949473b8eec37c55781b5a83771c146b4027601df36e666908010355216568f8f67a2a136232f96bf7ef1bcb9d42baca52173809ca16d6cbb4760867c6f24fdd803934d5a8fae179929fed9c414cff600d3a673497b71f2fc10d239192e357388288f001ac7"], &(0x7f0000000000)='GPL\x00'}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) 7.891890559s ago: executing program 3 (id=760): syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file0\x00', 0x1080000, 0x0, 0x8, 0x0, 0x0) pipe2$9p(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x52, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 5.660232746s ago: executing program 0 (id=762): bpf$MAP_CREATE(0x0, 0x0, 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)=ANY=[@ANYBLOB="e80100000001050500000000000000000a0000003c0002802c00018014000300ff01000000000000000000000000000114000400ff0200000000000000000000000000010c00028005000100000000003c0001800c00028005000100000000002c00018014000300ff020d40f799000000000000000000011400040020010000000000000000000000000001080007"], 0x1e8}}, 0x0) 5.434356179s ago: executing program 3 (id=763): bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x3, 0x0, 0x0, 0x0, 0xfffffff9, 0x0, 0x0, 0x40f00, 0xd, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x77e}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), 0x0, 0x75, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x2000000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000002c0)='sched_kthread_work_queue_work\x00', r1}, 0x10) socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0)) 5.286763949s ago: executing program 0 (id=764): syz_genetlink_get_family_id$ieee802154(&(0x7f0000001bc0), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_GETPARAMS(0xffffffffffffffff, 0x0, 0x48) r0 = gettid() timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) getpid() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x11, 0x0, 0x0, 0x6, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000540)={0x4, 0x1, 0x87d, 0x9}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000640)=[{0x0, 0x3, 0xb, 0x2}, {0x1, 0x2, 0xd, 0x3}, {0x2, 0x5, 0x3, 0x7}], 0x10, 0x5}, 0x94) sendmmsg(0xffffffffffffffff, &(0x7f000000d800)=[{{&(0x7f0000000300)=@rc={0x1f, @none, 0x8c}, 0x80, 0x0}}], 0x1, 0x4) io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1}) dup(0xffffffffffffffff) r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) readv(r1, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000380)=""/174, 0xae}, {&(0x7f0000000440)=""/208, 0xd0}], 0x3) 5.087924516s ago: executing program 3 (id=765): socket$nl_sock_diag(0x10, 0x3, 0x4) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={0x1, 0x58, &(0x7f00000000c0)}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x202) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) r4 = add_key(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, r3) keyctl$get_keyring_id(0x0, r4, 0x0) connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r5}, 0x18) socket$inet6_icmp(0xa, 0x2, 0x3a) syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000bc0)=ANY=[@ANYBLOB='iocharset=maciceland,iocharset=default,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6572726f72733d636f6e74696e75652c696f636861727365743d63703835352c666d61736b3d30303030303030303030303030303030303030303230342c756d61736b3d30303030303030303030303030303030303031303030002c6b6565705f6c6173745f646f74732c757466382c696f636861727365743d69736f383835382d322c00716e38bcb049da85848e6756a3bd4745417549b1cb9a33b753aa8794c7e33757ce7c8e8fffc81ac6d5041b8ed65bd4dbe75b53ad789c5f492cb5866d74265428e77c8824127d6f36cd183083f016bdaf33c30f8645e367d089cb4235517369a13ead2b4ea75585050ac51ba363c593780cf08ef99a97db4c453e6fded10a48d332668e93902504c38866c149921b590e1dd141206e28b0b817e984629c659b02a0508f2b8ca4ae4a125af4831e79e8bbb571147676f45a4e36f460952320d5a1d97c98508c7f149f9a30b543949899e532f8be39abce"], 0x1, 0x152c, &(0x7f0000001f80)="$eJzs3AuYTtUaOPD3XWvtMSS+JrkMa6138yWXZZIklyS5JEklSXJLSJrkSEJiCEkakpBchiSGkFwmJo37/X5JSJImSUJyS9b/mfB3OnX+dc7pn/OceX/Ps59Z76y91n73936Xtfcz833TZUitxrWrNyQi+I/g+R9JABALAAMAIC8ABABQPq58XFZ/TolJ/9lB2J/rgdTLnQG7nLj+2RvXP3vj+mdvXP/sjeufvXH9szeuf/bG9WcsO9s4tdBVvGXfje//Z2f8+f8/JLPMmC9Wl7mmK0DMHx3C9c/euP7/s4I/shPXP3vj+mdXsZc7AfZfgF//2UGOf9rD9c/euP6MZWeX+/7z5d4g8l/2GBzOeb4wf9X5M8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjf4FT/hIFABfblzsvxhhjjDHGGGOM/Xl8jsudAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBAFdCHsgLEbgK4uBqyAfXQH4oAAWhEMRDYSgCGgxYIAihKBSDKFwLxeE6KAEloRSUBgdlIAGuh7JwA5SDG6E83AQV4GaoCJWgMlSBW6Aq3ArV4DaoDrdDDagJtaA23AF14E6oC3dBPbgb6sM9cC/cBw3gfmgID0AjeBAaw0PQBB6GptAMmkMLaPlvjX8OesDz0BN6QRL0hj7wAvSFftAfXoQB8BIMhJdhELwCyTAYhsCrMBReg2HwOgyHETAS3oBR8CaMhjEwFsZBCoyHCfAWTIS3YRK8A5NhCqTCVJgG78J0mAEz4T2YBe/DbJgDc2EepMEHMB8WQDp8CAvhI8iARbAYlsBSWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBtvhY9gBn8BO2AW74VPYA5/9i+NP/sP4rggIKFCgQoUxGIOxGIu5MBfmxtyYB/NgBCMYh3GYD/NhfsyPBbEgxmM8FsEiaNAgIWFRLIpRjGJxLI4lsASWwlLo0GECJmBZvAHLYTksj+WxAlbAilgJK2EVrIJVsSpWw2pYHatjDayBtbAW3oF3YG+si3WxHtbD+lj/4u0pbIgNsRE2wsbYGJtgE2yKTbE5NseW2BJbYStsja2xLbbFdtgO22N7TMRE7IAdsCN2xE7YCTtjZ+yCXbArdsNumc/lAHwen8deWEP0xj7YB/tico7++CK+iC/hQHwZX8ZXMBkH4xB8FV/F13AYnsDhOAJH4kisKt7E0TgGSYzDFEzBCTgBJ+JEzEr0HZyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4T/1Wjj0uuSgaRRQklYkSMiBWxIpfIJXKL3CKPyCMiIiLiRJzIJ/KJ/CK/KCgKingRL4qIIsIII0iEMQAgoiIqioviooQoIUqJUsIJJxJEgigryopyopwoL24SFcTNoqKoJNq4KqKKqCraumriNlFdVBc1RE1RS9QWtUUdUUfUFXVFPVFP1Bf1xb3iPtFA9Mb++IDIqkxjMRibiCHYVDQT8sI7WCsxDFuLNqKteEyMwOHYXrRyieJJ0UGMxo7ib2IMPi06i3HYRTwruopuort4TvQQrV1P0UtMwt6ij5iCfUU/0V+8KKZjTfEezspZS7wiksVgMUS8Kubha2KYeF0MFyPESPGGGCXeFKPFGDFWjBMpYryYIN4SE8XbYpJ4R0wWU0SqmCqmiXfFdDFDzBTviVnifTFbzBFzxTyRJj4Q88UCkS4+FAvFRyJDLBKLxRKxVCwTy8UKsVKsEqvFGrFWrBPrxQaxUWwSm0UsbBXbxHbxsdghPhE7xS6xW3wq9ojPxF7xudgnvhD7xZciU3wlDoivxUHxjTgkvhWHxXfiiDgqjonvxXHxgzghTopT4rQ4I34UZ8VP4pzwAiRKIaVUMpAxMoeMlTllLnmFzC2DC4/uVTJOXi3zyWtkfllAFpSFZLwsLItILY20kmQoi8piMiqvlcXldbKELClLydLSyTIyQV4vy8obZDl5oywvb5IV5M2yoqwkK8sq8hZZVd4qIXL+GDVkTVlL1pZ3yCS4U9aVd8l68m5ZX94j75X3yQbyftlQPiAbyQdlY/mQbCIflk1lM9lctpAt5SOylXxUtpZtZFv5mGwnH5ft5RMyUT4pO0h/4SnytOwsn5Fd5LOyq+wmu8uf5DnpZU/ZS0JvkH3kC7Kv7Cf7xwKAfEkOlC/LQfIVmSwHyyHyVTlUviaHydflcDlCjpRvyFHyTTlajpFj5TiZIsfLCfItOVG+LSfJd+RkOUWmyqmyvxzw80wzpfzd8W/9xvhBPx99g9woN8nNcovcKrfJ7fJjuUPukDvlTrlb7pZ75B65V+6V++Q+uV/ul5kyUx6QB+RBeVAekofkYXlYHpFH5Wn5vTwuf5An5El5Up6WZ+QZefbCYwAKlVBSKRWoGJVDxaqcKpe6QuVWV6o8Kq+KqKtUnLpa5VPXqPyqgCqoCql4VVgVUVoZZRWpUBVVxVRUXYsXnjCqlCqtnCqjEtT1/8p4VVxdp0qokr8YfzG/pH+SX0vVUrVSrVRr1Vq1VW1VO9VOtVftVaJKVB1UB9VRdVSdVCfVWXVWXVSXrOeD6q66qx6qh+qpeqoklaT6qBdUX9VP9VcvqgHqJTVQDVSD1CCVrJLVEDVEDVVD1TA1TA1Xw9VINVKNUqPUaDVajVVjVYpKURPUBDVRTVST1CQ1WU1WqSpVTVPT1HQ1Xc1UM9UsNUvNVrPVXDVXpak0NV/NV+kqXS1UC1WGWqQWqSVqiVqmlqkVaoVapVapNWqNWqfWqQy1UW1Um9VmtVVtVdvVdrVD7VA7xU61W+1We9QetVftVfvUPrVf7VeZKlMdUAfUQXVQHVKH1GF1WB1RR9QxdUwdV8fVCXVCnVKn1Bl1Rp1VZ9U5dS5r2ReIQAQqUEFMEBPEBrFBriBXkDvIHeQJ8gSRIBLEBXFBvuCaIH9QICgYFArig8JBkUAHJrCBuFD0aHBtUDy4LigRlAxKBaUDF5QJEoLrg7LBDUG54MagfHBTUCG4OagYVAoqB1WCW4Kqwa1BteC2oHpwe1AjqBnUCmoHdwR1gjuDusFdQb3g7qB+cE9wb3Bf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmQbOgedAiaPmnzu/9iQKPup66l07SvXUf/YLuq/vp/vpFPUC/pAfql/Ug/YpO1oP1EP2qHqpf08P063q4HqFH6jf0KP2mHq3H6LF6nE7R4/UE/ZaeqN/Wk/Q7erKeolP1VD1Nv6un6xl6pn5Pz9Lv69l6jp6r5+k0/YGerxfodP2hXqg/0hl6kV6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q4/1jv0J3qn3qV360/1Hv2Z3qs/1/v0F3q//lJn6q/0Af21Pqi/0Yf0t/qw/k4f0Uf1Mf29Pq5/0Cf0SX1Kn9Zn9I/6rP5Jn9M+a3Gf9fFulFEmxsSYWBNrcplcJrfJbfKYPCZiIibOxJl8Jp/Jb/KbgqagiTfxpogpYrKQIVPUFDVREzXFTXFTwpQwpUwp44wzCSbBlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3GJuMbeaW81t5jZzu7nd1DQ1TW1T29QxdUxdU9fUM/VMfVPf3GvuNQ1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1Nc9PStDStTCvT2rQ2bU1b0860M+1Ne5NoEk0H08F0NB1NJ9PJdDadTRfTxXQ1XU130930MD1MT9PTJJkk08f0MX1NX9Pf9DcDzAAz0Aw0g8wgk2ySzRAzxAw1Q80wM8wMNyPMyKyFqnnTjDZjzFgzzqSYFDPBTDATzUQzyUwyk81kk2pSzTQzzUw3081MM9PMMrPMbDPbzDVzTZpJM/PNfJNu0s1Cs9BkmAyz2Cw2S81Ss9wsNyvNSrParDZrYa1Zb9abjWaj2Ww2m61mq9lutpsdZofZaXaa3Wa32WP2mL1mr9ln9pn9Zr/JNJnmgDlgDpqD5pA5ZA6bw+aIOWKOmWPmuDluTpgT5pQ5Zc6YAhc+L72JtTltLnuFzW2vtHlsXvuPcUFbyMbbwraI1Ta/LfCL2FhrS9iStpQtbZ0tYxPs9b+KK9pKtrKtYm+xVe2tttqv4jr2TlvX3mXr2bttbXvHL+L69h6btTppgAhgm9lGtoVtbB+yTezDtqltZpvbFradfdy2t0/YRPuk7WCf+lU83y6wK+0qu9qusTvtLnvKnrYH7Tf2jP3R9rS97AD7kh1oX7aD7Cs22Q7+VTzSvmFH2TftaDvGjrXjfhVPtlNsqp1qp9l37XQ741dxmv3AzrLpdradY+faeT/HWTml2w/tQvuRzbABLLZL7FK7zC63Ky7m6vPadXa93WB32E/sZrvFbrXb7PaLC2G7y+62n9o99jN7wH5t99kv7H57yGbar36Os87vkP3WHrbf2SP2qD1mv7fH7Q/q4uisc//e/mTPWW+BkIAkKQoohnJQLOWkXHQF5aYrKQ/lpQhdRXF0NeWjayg/FaCCVIjiqTAVIU2GLBGFVJSKUZSupYvplaLS5KgMJdD1VJZuoHJ0I5Wnm6gC3UwVqRJVpip0C1WlW6ka3UbV6XaqQTWpFtWmO6gO3Ul16S6qR3dTfbqH7qX7qAHdTw3pAWpED1Jjeoia0MPUlJpRc2pBLekRakWPUmtqQ23pMWpHj1N7eoIS6UnqQE9RR/obdaKnqTM9Q13oWepK3ag7PUc96HnqSb0oiXpTH3qB+lI/6k8v0gB6iQbSyzSIXqFkGkxD6FUaSq/RMHqdhtMIGklv0Ch6k0bTGBpL4yiFxtMEeosm0ts0id6hyTSFUmkqTaN3aTrNoJn0Hs2i92k2zaG5NI/S6AOaTwsonT6khfQRZdAiWkxLaCkto+W0glbSKlpNa2gtraP1tIE20ibaTFtoK22j7fQx7aBPaCftot30Ke2hzwjpc9pHX9B++pIy6Ss6QF/TQfqGDtG3vhd9R0foKB2j7+k4/UAn6CSdotN0hn6ks/QTnSNPEGIoQhmqMAhjwhxhbJgzzBVeEeYOrwzzhHnDSHhVGBdeHeYLrwnzhwXCgmGhMD4sHBYJdWhCG1IYhkXDYmE0vDYsHl4XlghLhqXC0qELy4QJ4fVh2fCGsFx4Y1g+vCmsEN4cVgwrhQ/dXSW8Jawa3hpWC28Lq4e3hzXCmmGtsHZ4R1gnvDOsG94V1gvvDsuF94T3hveFDcL7w4bhA2Gj8MGwcfhQ2CR8OGwaNgubhy3CluEjYavw0bB12CZsGz4WtgsfD9uHT4SJ4ZNhh/Cpn/vvWfDP+5PC3mGf8IXwhdD7u+Tc6LxoWvSD6Pzogmh69MPowuhH0Yzoouji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iao97VzgEMnnHTKBS7G5XCxLqfL5a5wud2VLo/L6yLuKhfnrnb53DUuvyvgCrpCLt4VdkWcdsZZRy50RV0xF3XXuuLuOlfClXSlXGnnXBmX4Fq4lq6la+Ueda1dG9fWPeYec4+7x90T7gn3pOvgnnId3d9cJ/e06+yecc+4Z11X1811d8+5Hm58nvOvySTXx/VxfV1f19/1dwPcADfQDXSD3CCX7JLdEDfEDXVD3TA3zA13w91IN9KNcqPcaDfajXVjXYpLcRPcBDfRTXST3CQ32U12qS7VTXPT3HQ33VWdcf4os91sN9fNdWkuzc13WWvGdLfQLXQZLsMtdovdUrfULXfL3Uq30q12q91at9atd+vdRrfRbXab3Va31W13290Ot8Pt9HnPT+r2uL1ur9vn9rn97kuX6b5yB9zX7qD7xh1y37rD7jt3xB11x9z37rj7wZ1wJ90pd9qdcT+6s+4nd855lxIZH5kQeSsyMfJ2ZFLknaxZI6mRqZFpkXcj0yMzIjMj70VmRd6PzI7MicyNzIukRT6IzI8siKRHPowsjHwUyYgsiiyOLIksjSyLeF94c+iL+mI+6q/1xf11voQv6Uv50t75Mj7BX+/L+ht8OX+jL+9v8hX8zb6ir+Qr+4d9U9/MN/ctfEv/iG/lH/WtfRvf1j/m2/nHfXv/hE/0T/oO/inf0f/Nd/JP+87+Gd/FP+u7+m6+u3/O9/DP+56+l0/yvX0f/4Lv6/v5/v5FP8C/5Af6l/0g/4pP9oP9EP+qH+pf88P86364H+FHxrzhR128RIZxPsWP9xP8W36if9tP8u/4yX6KT/VT/TT/rp/uZ/iZ/j0/y7/vZ/s5fq6f59P8B36+X+DT/Yd+of/IZ/hFF28q++V+hV/pV/nVfo1f69f59X6D3+g3+c1+i9/qt/nt/mO/w3/id/pdfrf/1O/xn/m9/nO/z3/h9/svfab/yh/wX/uD/ht/yH/rD/vv/BF/1B/z3/vj/gd/wp/0p/xpf8b/6M/6n/w5/p81xhhjjLE/ZPylpvhlz/nb+b1/Y4z4u537AMCVWwpl/n1/1opybf7z7X4ivl0EAJ7s1eWBi1uNGklJSRf2zZAQFJuTte6+ND4GLsWLoC08DonQBsr+Zv79RLcz9DvzR28CyPV3Y2LhUnxp/s8BMOk35n/ksZHzK4Sn4v4f888BKFHs0piccCleBG1/vr/SBsr9k/wLtPqd/HN+kQLQ+u/G5IZL8aX8E+BReAoSf7EnY4wxxhhjjDF2Xj9RudPF68+Lf/H5W9fn8erSmBxwKf6963PGGGOMMcYYY4xdfk936/7EI4mJbTr9641qv7+P+mMTxvxWVxP4dxPjxr/V8B7g/xYOAP7DCQGyGvKvPItNf8mxki+8dP6xa+lpH8B/Ryn/jMZlfmNijDHGGGOM/ekuLfp/+Xt1uRJijDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayof/0O97gD3xL3+U+R8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+xy+z8BAAD//9t19x0=") bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94) r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r6, &(0x7f0000000600)=""/192, 0xc0) 5.086333111s ago: executing program 1 (id=766): syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0) read$FUSE(r3, &(0x7f0000004ac0)={0x2020}, 0x2020) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000074"], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18) r6 = inotify_init1(0x0) r7 = inotify_add_watch(r6, &(0x7f0000000200)='.\x00', 0x400) r8 = dup(r6) ftruncate(0xffffffffffffffff, 0xc17a) read$FUSE(r8, &(0x7f0000002280)={0x2020}, 0x2020) inotify_rm_watch(r8, r7) 3.683313672s ago: executing program 0 (id=767): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x4000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r3, 0xffffffffffffffff}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000080000000000000008000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000040000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000950000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000004}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x1e8629867d7bdaee, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='environ\x00') preadv(r6, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0xc002a0, 0x0) r7 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) ioctl$RTC_UIE_ON(r7, 0x7003) ioctl$RTC_SET_TIME(r7, 0x4024700a, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0xc, 0x1, 0x20a9, 0x3, 0x2, 0x1}) 2.259818919s ago: executing program 0 (id=768): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x93, &(0x7f00000003c0)=""/147}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r4 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r4, 0x0, 0x0) listen(r4, 0x0) r5 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r5, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10) writev(r5, &(0x7f00000003c0)=[{0x0}], 0x1) r6 = accept4$unix(r4, 0x0, 0x0, 0x0) recvmmsg(r6, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f0000003380)=[{&(0x7f0000000140)=""/120, 0x78}, {&(0x7f0000000040)=""/40, 0x28}, {&(0x7f0000003300)=""/107, 0x6b}], 0x3}}], 0x4000000000000a1, 0x2, 0x0) recvfrom$unix(r6, &(0x7f00000002c0)=""/236, 0xec, 0x10120, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004", @ANYRES32=0x0, @ANYBLOB='\x00'/10, @ANYBLOB], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, 0x0, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d) socket$inet_udp(0x2, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='task_rename\x00', r8}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48) 1.168580934s ago: executing program 3 (id=769): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) ptrace$ARCH_SHSTK_LOCK(0x1e, r0, 0x1, 0x5003) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) unshare(0x62040200) 568.109414ms ago: executing program 0 (id=770): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x3, 0x2, 0x3, 0x0, 0xffffffffffffffff, 0x3}, 0x50) bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB, @ANYBLOB], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000001400)={0x11, 0x15, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000020000000000000000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_int(r1, 0x0, 0x2, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000009c0)={0x11, 0x5, &(0x7f0000000340)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r2}, 0x10) socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) bpf$PROG_LOAD(0x5, 0x0, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r5}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="c50a00000000000061139c00000000001800000000000000000000000000000095000000000000005b343f100624b3de7926e22e7edb1497bf3991011242f785f0d596bb538ff72ed469b954afb2361cd3c59f04b57ebf2a29c94ea39c171264f6a088721d3a80495e3ed97583c8bf335cba5f728965fed3d22dd59ee0d06124c3aeb14cb61a877b1382c2489060f66d2018d74d1cd2c729541b0885f7a78a423a83f15537e7ef488da890f5cf403719b04057766ee017e7220e68a7ea43c069da2d0b05dd3567487d73dd363920cd575b2419179af731a6b1bd8c462df0f949c3a16ff977cddb2e84614a492c3d3ec65b1335bc6949473b8eec37c55781b5a83771c146b4027601df36e666908010355216568f8f67a2a136232f96bf7ef1bcb9d42baca52173809ca16d6cbb4760867c6f24fdd803934d5a8fae179929fed9c414cff600d3a673497b71f2fc10d239192e357388288f001ac7"], &(0x7f0000000000)='GPL\x00'}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) 421.786547ms ago: executing program 1 (id=771): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000080)='./bus\x00', 0x10040d0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) chdir(&(0x7f0000000140)='./file0\x00') r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x80042, 0x4) ioctl$FICLONERANGE(r5, 0x4020940d, &(0x7f00000000c0)={{r5}, 0x0, 0x0, 0x7}) r6 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x440, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x7fffffe, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2a0, 0x310, 0x0, {0x200003ae, 0x7f00}, [@common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4a0) 0s ago: executing program 0 (id=772): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) kernel console output (not intermixed with test programs): 761755.556:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7954 comm="syz.0.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 405.239848][ T30] audit: type=1326 audit(1757761755.556:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7954 comm="syz.0.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 405.309900][ T30] audit: type=1326 audit(1757761755.556:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7954 comm="syz.0.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 405.378284][ T30] audit: type=1326 audit(1757761755.556:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7954 comm="syz.0.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 405.445263][ T30] audit: type=1326 audit(1757761755.556:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7954 comm="syz.0.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 405.935925][ T5887] Bluetooth: hci1: command tx timeout [ 406.969463][ T750] team0 (unregistering): Port device team_slave_1 removed [ 407.043852][ T750] team0 (unregistering): Port device team_slave_0 removed [ 407.735593][ T7970] random: crng reseeded on system resumption [ 408.041633][ T5887] Bluetooth: hci1: command tx timeout [ 409.306051][ T750] team0 (unregistering): Port device team_slave_1 removed [ 409.347437][ T750] team0 (unregistering): Port device team_slave_0 removed [ 410.089817][ T5887] Bluetooth: hci1: command tx timeout [ 411.941203][ T750] team0 (unregistering): Port device team_slave_1 removed [ 412.281903][ T750] team0 (unregistering): Port device team_slave_0 removed [ 412.306747][ T5887] Bluetooth: hci1: command tx timeout [ 413.491949][ T7989] loop0: detected capacity change from 0 to 512 [ 413.586455][ T7989] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 413.847925][ T5870] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 414.427980][ T7697] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 414.446330][ T7999] netlink: 4 bytes leftover after parsing attributes in process `syz.1.415'. [ 414.538902][ T7697] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 414.624092][ T7697] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 414.658386][ T7695] 8021q: adding VLAN 0 to HW filter on device bond0 [ 414.668390][ T7697] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 415.010506][ T7695] 8021q: adding VLAN 0 to HW filter on device team0 [ 415.172607][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 415.179852][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 415.265711][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 415.272951][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 416.308923][ T8004] loop0: detected capacity change from 0 to 40427 [ 416.335737][ T8004] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 416.362124][ T8004] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 416.476615][ T8004] F2FS-fs (loop0): invalid crc value [ 416.606326][ T7695] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 417.133751][ T8004] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 417.242294][ T7697] 8021q: adding VLAN 0 to HW filter on device bond0 [ 417.413764][ T7697] 8021q: adding VLAN 0 to HW filter on device team0 [ 417.465622][ T8004] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 417.487735][ T8004] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 417.587201][ T8036] 9pnet_fd: Insufficient options for proto=fd [ 418.407844][ T6051] bridge0: port 1(bridge_slave_0) entered blocking state [ 418.415079][ T6051] bridge0: port 1(bridge_slave_0) entered forwarding state [ 418.464473][ T6062] bridge0: port 2(bridge_slave_1) entered blocking state [ 418.471695][ T6062] bridge0: port 2(bridge_slave_1) entered forwarding state [ 418.731970][ T7950] chnl_net:caif_netlink_parms(): no params data found [ 419.981680][ T5180] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 420.390514][ T8064] overlayfs: failed to resolve './file2': -2 [ 420.954256][ T5180] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 420.970273][ T5180] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 420.980147][ T5180] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 420.988292][ T5180] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 421.482468][ T7950] bridge0: port 1(bridge_slave_0) entered blocking state [ 421.511432][ T7950] bridge0: port 1(bridge_slave_0) entered disabled state [ 421.529295][ T7950] bridge_slave_0: entered allmulticast mode [ 421.549185][ T7950] bridge_slave_0: entered promiscuous mode [ 421.824292][ T7950] bridge0: port 2(bridge_slave_1) entered blocking state [ 421.838950][ T7950] bridge0: port 2(bridge_slave_1) entered disabled state [ 421.846823][ T7950] bridge_slave_1: entered allmulticast mode [ 421.856037][ T7950] bridge_slave_1: entered promiscuous mode [ 422.172849][ T8074] netlink: 4 bytes leftover after parsing attributes in process `syz.1.428'. [ 422.331541][ T7950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 422.381570][ T7950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 423.720441][ T5887] Bluetooth: hci3: command tx timeout [ 423.741294][ T5887] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 423.750770][ T5887] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 423.760021][ T5887] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 423.781194][ T5887] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 423.790088][ T5887] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 423.964339][ T7950] team0: Port device team_slave_0 added [ 423.983649][ T7950] team0: Port device team_slave_1 added [ 424.192475][ T7950] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 424.210992][ T7950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 424.286285][ T7950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 424.317925][ T7950] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 424.327628][ T7950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 424.398947][ T7950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 424.677753][ T7950] hsr_slave_0: entered promiscuous mode [ 424.687586][ T7950] hsr_slave_1: entered promiscuous mode [ 424.741061][ T7950] debugfs: 'hsr0' already exists in 'hsr' [ 424.746837][ T7950] Cannot create hsr debugfs directory [ 424.905296][ T8090] loop1: detected capacity change from 0 to 40427 [ 424.965592][ T8090] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 425.004624][ T8090] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 425.083901][ T8090] F2FS-fs (loop1): invalid crc value [ 425.196314][ T8100] 9pnet_fd: Insufficient options for proto=fd [ 425.769896][ T5887] Bluetooth: hci3: command tx timeout [ 425.849866][ T5887] Bluetooth: hci4: command tx timeout [ 426.327156][ T8090] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 426.391880][ T8090] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 426.640979][ T8090] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 427.453360][ T3480] bridge_slave_1: left allmulticast mode [ 427.459130][ T3480] bridge_slave_1: left promiscuous mode [ 427.499987][ T3480] bridge0: port 2(bridge_slave_1) entered disabled state [ 427.580891][ T3480] bridge_slave_0: left allmulticast mode [ 427.586836][ T3480] bridge_slave_0: left promiscuous mode [ 427.636416][ T3480] bridge0: port 1(bridge_slave_0) entered disabled state [ 427.850250][ T5887] Bluetooth: hci3: command tx timeout [ 427.939797][ T5887] Bluetooth: hci4: command tx timeout [ 428.410372][ T3480] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 428.509611][ T3480] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 428.561549][ T3480] bond0 (unregistering): Released all slaves [ 428.616811][ T8134] loop0: detected capacity change from 0 to 256 [ 428.745221][ T8134] FAT-fs (loop0): Directory bread(block 64) failed [ 428.752147][ T8134] FAT-fs (loop0): Directory bread(block 65) failed [ 428.758770][ T8134] FAT-fs (loop0): Directory bread(block 66) failed [ 428.765429][ T8134] FAT-fs (loop0): Directory bread(block 67) failed [ 428.772075][ T8134] FAT-fs (loop0): Directory bread(block 68) failed [ 428.778606][ T8134] FAT-fs (loop0): Directory bread(block 69) failed [ 428.785604][ T8134] FAT-fs (loop0): Directory bread(block 70) failed [ 428.792169][ T8134] FAT-fs (loop0): Directory bread(block 71) failed [ 428.798845][ T8134] FAT-fs (loop0): Directory bread(block 72) failed [ 428.805413][ T8134] FAT-fs (loop0): Directory bread(block 73) failed [ 429.851122][ T8144] netlink: 56 bytes leftover after parsing attributes in process `syz.3.441'. [ 430.100867][ T5887] Bluetooth: hci3: command tx timeout [ 430.106363][ T5887] Bluetooth: hci4: command tx timeout [ 430.345697][ T8146] loop1: detected capacity change from 0 to 1024 [ 430.366764][ T8146] EXT4-fs: Ignoring removed i_version option [ 430.396559][ T8146] EXT4-fs: inline encryption not supported [ 430.423144][ T8143] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12 [ 430.433041][ T8143] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12 [ 430.442867][ T8143] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 430.482061][ T8146] EXT4-fs (loop1): Test dummy encryption mode enabled [ 430.539198][ T8146] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 431.391051][ T3480] hsr_slave_0: left promiscuous mode [ 431.468653][ T3480] hsr_slave_1: left promiscuous mode [ 431.481666][ T3480] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 431.911311][ T3480] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 432.179747][ T5887] Bluetooth: hci4: command tx timeout [ 432.460370][ T3480] team0 (unregistering): Port device team_slave_1 removed [ 432.527919][ T3480] team0 (unregistering): Port device team_slave_0 removed [ 435.013683][ T8189] overlayfs: failed to resolve './file2': -2 [ 435.964821][ T8062] chnl_net:caif_netlink_parms(): no params data found [ 436.053934][ T8199] loop0: detected capacity change from 0 to 2048 [ 436.134707][ T6038] Alternate GPT is invalid, using primary GPT. [ 436.141808][ T6038] loop0: p1 p2 p3 [ 436.145587][ T6038] loop0: partition table partially beyond EOD, truncated [ 436.188667][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 436.253705][ T8199] Alternate GPT is invalid, using primary GPT. [ 436.298862][ T8199] loop0: p1 p2 p3 [ 436.303395][ T8199] loop0: partition table partially beyond EOD, truncated [ 436.659076][ T8207] loop1: detected capacity change from 0 to 2048 [ 436.883036][ T8207] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 437.888505][ T8210] EXT4-fs error (device loop1): ext4_validate_block_bitmap:440: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set [ 438.045074][ T6037] udevd[6037]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 438.160331][ T6193] udevd[6193]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 438.181364][ T6038] udevd[6038]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 438.353271][ T5925] udevd[5925]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 438.369368][ T6037] udevd[6037]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 438.389211][ T6038] udevd[6038]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 439.447682][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 439.893779][ T8062] bridge0: port 1(bridge_slave_0) entered blocking state [ 439.918952][ T8062] bridge0: port 1(bridge_slave_0) entered disabled state [ 439.942783][ T8062] bridge_slave_0: entered allmulticast mode [ 439.966160][ T8062] bridge_slave_0: entered promiscuous mode [ 440.001517][ T8062] bridge0: port 2(bridge_slave_1) entered blocking state [ 440.028140][ T8062] bridge0: port 2(bridge_slave_1) entered disabled state [ 440.048707][ T8062] bridge_slave_1: entered allmulticast mode [ 440.074397][ T8062] bridge_slave_1: entered promiscuous mode [ 440.104074][ T8086] chnl_net:caif_netlink_parms(): no params data found [ 441.818592][ T8062] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 443.108219][ T7950] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 443.282217][ T7950] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 443.298724][ T7950] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 443.322966][ T7950] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 443.354609][ T8062] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 443.916262][ T8062] team0: Port device team_slave_0 added [ 444.194253][ T8267] syz.3.460 uses obsolete (PF_INET,SOCK_PACKET) [ 444.922102][ T30] kauditd_printk_skb: 37 callbacks suppressed [ 444.922128][ T30] audit: type=1400 audit(1757761795.616:69): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=8268 comm="syz.0.461" [ 444.956791][ T8062] team0: Port device team_slave_1 added [ 445.259214][ T8086] bridge0: port 1(bridge_slave_0) entered blocking state [ 445.287999][ T8086] bridge0: port 1(bridge_slave_0) entered disabled state [ 445.314522][ T8086] bridge_slave_0: entered allmulticast mode [ 445.339375][ T8086] bridge_slave_0: entered promiscuous mode [ 445.371910][ T8086] bridge0: port 2(bridge_slave_1) entered blocking state [ 445.379540][ T8086] bridge0: port 2(bridge_slave_1) entered disabled state [ 445.405196][ T8086] bridge_slave_1: entered allmulticast mode [ 445.424775][ T8086] bridge_slave_1: entered promiscuous mode [ 445.479954][ T8062] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 445.486974][ T8062] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 445.525275][ T8062] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 445.650917][ T8062] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 445.657988][ T8062] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 445.730219][ T8062] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 445.778345][ T8086] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 445.805561][ T8086] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 445.874059][ T8269] loop0: detected capacity change from 0 to 40427 [ 445.924867][ T8269] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 445.958089][ T8272] loop1: detected capacity change from 0 to 40427 [ 445.981212][ T8272] F2FS-fs: heap/no_heap options were deprecated [ 445.988813][ T8269] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 445.999522][ T8272] F2FS-fs (loop1): journaled quota format not specified [ 446.019111][ T8269] F2FS-fs (loop0): invalid crc value [ 446.309122][ T8281] loop1: detected capacity change from 0 to 2048 [ 446.347451][ T8269] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 446.364945][ T8086] team0: Port device team_slave_0 added [ 446.390309][ T8269] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 446.397786][ T8269] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 446.419870][ T8086] team0: Port device team_slave_1 added [ 446.432904][ T8281] Alternate GPT is invalid, using primary GPT. [ 446.459942][ T8281] loop1: p1 p2 p3 [ 446.463787][ T8281] loop1: partition table partially beyond EOD, truncated [ 446.544648][ T5230] Alternate GPT is invalid, using primary GPT. [ 446.566063][ T5230] loop1: p1 p2 p3 [ 446.580027][ T5230] loop1: partition table partially beyond EOD, truncated [ 446.715704][ T5870] syz-executor: attempt to access beyond end of device [ 446.715704][ T5870] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 446.751886][ T5870] CPU: 1 UID: 0 PID: 5870 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 446.751936][ T5870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 446.751957][ T5870] Call Trace: [ 446.751969][ T5870] [ 446.751982][ T5870] dump_stack_lvl+0x16c/0x1f0 [ 446.752046][ T5870] f2fs_handle_critical_error+0x624/0x9f0 [ 446.752097][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.752141][ T5870] ? f2fs_build_fault_attr+0x53/0x1f0 [ 446.752193][ T5870] f2fs_write_end_io+0x958/0xcf0 [ 446.752250][ T5870] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 446.752307][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.752368][ T5870] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 446.752418][ T5870] bio_endio+0x713/0x860 [ 446.752482][ T5870] submit_bio_noacct+0x306/0x1ed0 [ 446.752542][ T5870] __submit_merged_bio+0x33c/0x770 [ 446.752601][ T5870] __submit_merged_write_cond+0x319/0x3f0 [ 446.752666][ T5870] f2fs_write_cache_pages+0x2067/0x2570 [ 446.752757][ T5870] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 446.752815][ T5870] ? unwind_next_frame+0x3fe/0x20a0 [ 446.752856][ T5870] ? exit_to_user_mode_loop+0xeb/0x110 [ 446.752899][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.752948][ T5870] ? devlink_nl_notify_filter_set_doit+0x172/0x620 [ 446.753019][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.753139][ T5870] ? _raw_spin_unlock+0x28/0x50 [ 446.753185][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.753229][ T5870] ? free_unref_folios+0x1107/0x16b0 [ 446.753291][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.753348][ T5870] f2fs_write_data_pages+0x4ad/0xd90 [ 446.753417][ T5870] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 446.753493][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.753536][ T5870] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 446.753598][ T5870] do_writepages+0x27a/0x600 [ 446.753653][ T5870] ? __pfx_do_writepages+0x10/0x10 [ 446.753698][ T5870] ? do_raw_spin_unlock+0x172/0x230 [ 446.753739][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.753781][ T5870] ? _raw_spin_unlock+0x28/0x50 [ 446.753835][ T5870] filemap_fdatawrite_wbc+0x104/0x160 [ 446.753888][ T5870] __filemap_fdatawrite_range+0xb9/0x100 [ 446.753948][ T5870] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 446.754075][ T5870] ? find_held_lock+0x2b/0x80 [ 446.754122][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.754166][ T5870] ? do_raw_spin_unlock+0x172/0x230 [ 446.754207][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.754258][ T5870] f2fs_sync_dirty_inodes+0x2a9/0x990 [ 446.754347][ T5870] block_operations+0x2b0/0xfe0 [ 446.754387][ T5870] ? __pfx___schedule+0x10/0x10 [ 446.754441][ T5870] ? __pfx_block_operations+0x10/0x10 [ 446.754562][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.754604][ T5870] ? down_write+0x14d/0x200 [ 446.754638][ T5870] ? __pfx_down_write+0x10/0x10 [ 446.754676][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.754719][ T5870] ? rcu_is_watching+0x12/0xc0 [ 446.754773][ T5870] f2fs_write_checkpoint+0x2b8/0x4c60 [ 446.754817][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.754860][ T5870] ? kfree+0x2b4/0x4d0 [ 446.754902][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.754950][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.754990][ T5870] ? rcu_is_watching+0x12/0xc0 [ 446.755033][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.755074][ T5870] ? kthread_stop+0x273/0x630 [ 446.755115][ T5870] kill_f2fs_super+0x3c2/0x470 [ 446.755152][ T5870] ? __pfx_kill_f2fs_super+0x10/0x10 [ 446.755185][ T5870] ? lockdep_hardirqs_on+0x7c/0x110 [ 446.755262][ T5870] deactivate_locked_super+0xc1/0x1a0 [ 446.755320][ T5870] deactivate_super+0xde/0x100 [ 446.755388][ T5870] cleanup_mnt+0x225/0x450 [ 446.755450][ T5870] task_work_run+0x150/0x240 [ 446.755494][ T5870] ? __pfx_task_work_run+0x10/0x10 [ 446.755536][ T5870] ? srso_alias_return_thunk+0x5/0xfbef5 [ 446.755583][ T5870] ? __pfx___x64_sys_umount+0x10/0x10 [ 446.755630][ T5870] exit_to_user_mode_loop+0xeb/0x110 [ 446.755671][ T5870] do_syscall_64+0x41c/0x4e0 [ 446.755735][ T5870] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.755771][ T5870] RIP: 0033:0x7fae0e38fed7 [ 446.755799][ T5870] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 446.755836][ T5870] RSP: 002b:00007ffcca91a278 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 446.755869][ T5870] RAX: 0000000000000000 RBX: 00007fae0e411c05 RCX: 00007fae0e38fed7 [ 446.755892][ T5870] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcca91a330 [ 446.755915][ T5870] RBP: 00007ffcca91a330 R08: 0000000000000000 R09: 0000000000000000 [ 446.755938][ T5870] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcca91b3c0 [ 446.755961][ T5870] R13: 00007fae0e411c05 R14: 000000000006d02b R15: 00007ffcca91b400 [ 446.756013][ T5870] [ 446.764891][ T5870] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 446.816318][ T8062] hsr_slave_0: entered promiscuous mode [ 447.265525][ T8062] hsr_slave_1: entered promiscuous mode [ 447.281507][ T8062] debugfs: 'hsr0' already exists in 'hsr' [ 447.287791][ T8062] Cannot create hsr debugfs directory [ 448.508998][ T5944] udevd[5944]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 448.514279][ T6037] udevd[6037]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 448.533874][ T6038] udevd[6038]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 448.607555][ T6038] udevd[6038]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 448.628250][ T5944] udevd[5944]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 448.647412][ T6037] udevd[6037]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 449.004017][ T8086] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 449.020304][ T8086] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 449.090018][ T8086] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 449.122343][ T8086] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 449.152698][ T8086] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 449.213315][ T8086] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 449.797710][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 449.804221][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 450.061312][ T8294] loop0: detected capacity change from 0 to 512 [ 450.175282][ T8294] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 450.335351][ T8294] EXT4-fs (loop0): 1 truncate cleaned up [ 450.368771][ T8294] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 452.397975][ T8086] hsr_slave_0: entered promiscuous mode [ 452.469062][ T8086] hsr_slave_1: entered promiscuous mode [ 452.486064][ T8086] debugfs: 'hsr0' already exists in 'hsr' [ 452.492249][ T8086] Cannot create hsr debugfs directory [ 452.561271][ T5870] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 453.310569][ T6051] bridge_slave_1: left allmulticast mode [ 453.336919][ T6051] bridge_slave_1: left promiscuous mode [ 453.367666][ T6051] bridge0: port 2(bridge_slave_1) entered disabled state [ 453.448255][ T6051] bridge_slave_0: left allmulticast mode [ 453.479898][ T6051] bridge_slave_0: left promiscuous mode [ 453.500073][ T6051] bridge0: port 1(bridge_slave_0) entered disabled state [ 453.664665][ T6051] bridge_slave_1: left allmulticast mode [ 453.725301][ T6051] bridge_slave_1: left promiscuous mode [ 453.741412][ T6051] bridge0: port 2(bridge_slave_1) entered disabled state [ 453.760768][ T6051] bridge_slave_0: left allmulticast mode [ 453.766494][ T6051] bridge_slave_0: left promiscuous mode [ 453.806609][ T6051] bridge0: port 1(bridge_slave_0) entered disabled state [ 454.703034][ T8329] loop0: detected capacity change from 0 to 4096 [ 454.710997][ T8329] EXT4-fs: Ignoring removed mblk_io_submit option [ 454.882768][ T8329] EXT4-fs (loop0): Test dummy encryption mode enabled [ 454.958942][ T8329] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 455.836910][ T8339] autofs: Unknown parameter 'fd0x0000000000000000' [ 457.018569][ T5870] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 457.114728][ T6051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 457.148452][ T6051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 457.177961][ T6051] bond0 (unregistering): Released all slaves [ 458.727222][ T6051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 458.781916][ T6051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 458.816920][ T6051] bond0 (unregistering): Released all slaves [ 459.069780][ T5988] usb 1-1: new full-speed USB device number 11 using dummy_hcd [ 459.120461][ T7950] 8021q: adding VLAN 0 to HW filter on device bond0 [ 459.277094][ T5988] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 459.330239][ T5988] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 459.344734][ T8365] loop1: detected capacity change from 0 to 2048 [ 459.355638][ T5988] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 459.393542][ T5988] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 459.407284][ T5988] usb 1-1: Product: syz [ 459.432708][ T5988] usb 1-1: Manufacturer: syz [ 459.437374][ T5988] usb 1-1: SerialNumber: syz [ 459.440683][ T8365] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 459.671158][ T30] audit: type=1800 audit(1757761810.376:70): pid=8365 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.485" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 459.778588][ T7950] 8021q: adding VLAN 0 to HW filter on device team0 [ 459.871681][ T6062] bridge0: port 1(bridge_slave_0) entered blocking state [ 459.878906][ T6062] bridge0: port 1(bridge_slave_0) entered forwarding state [ 459.883458][ T5988] usb 1-1: 0:2 : does not exist [ 459.979585][ T5988] usb 1-1: 5:0: failed to get current value for ch 0 (-22) [ 460.095575][ T6062] bridge0: port 2(bridge_slave_1) entered blocking state [ 460.102881][ T6062] bridge0: port 2(bridge_slave_1) entered forwarding state [ 460.126743][ T5988] usb 1-1: USB disconnect, device number 11 [ 460.462504][ T6038] udevd[6038]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 460.640250][ T6051] hsr_slave_0: left promiscuous mode [ 460.663866][ T6051] hsr_slave_1: left promiscuous mode [ 460.690355][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 460.713169][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 460.756677][ T6051] hsr_slave_0: left promiscuous mode [ 460.778412][ T6051] hsr_slave_1: left promiscuous mode [ 460.791949][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 460.830315][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 461.839956][ T8393] loop0: detected capacity change from 0 to 512 [ 461.880778][ T8393] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 461.919459][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 461.955622][ T8393] EXT4-fs error (device loop0): ext4_iget_extra_inode:5103: inode #15: comm syz.0.489: corrupted in-inode xattr: overlapping e_value [ 461.990685][ T6051] team0 (unregistering): Port device team_slave_1 removed [ 462.038309][ T8393] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.489: couldn't read orphan inode 15 (err -117) [ 462.087453][ T8393] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 462.137046][ T6051] team0 (unregistering): Port device team_slave_0 removed [ 462.516717][ T8401] loop1: detected capacity change from 0 to 2048 [ 462.734903][ T6038] Alternate GPT is invalid, using primary GPT. [ 463.719535][ T6038] loop1: p1 p2 p3 [ 463.737790][ T6038] loop1: partition table partially beyond EOD, truncated [ 464.240759][ T5180] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 464.251157][ T5180] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 464.260873][ T5180] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 464.270324][ T5180] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 464.278166][ T5180] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 464.365016][ T5925] udevd[5925]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 464.380828][ T5944] udevd[5944]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 464.391391][ T6038] udevd[6038]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 466.077001][ T8422] 9pnet_fd: Insufficient options for proto=fd [ 466.362202][ T5180] Bluetooth: hci6: command tx timeout [ 466.751789][ T8430] loop1: detected capacity change from 0 to 128 [ 466.768926][ T8430] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 466.807210][ T8430] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 468.410285][ T5180] Bluetooth: hci6: command tx timeout [ 468.693716][ T5870] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 469.220240][ T64] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 470.026351][ T6051] team0 (unregistering): Port device team_slave_1 removed [ 470.113819][ T6051] team0 (unregistering): Port device team_slave_0 removed [ 470.500307][ T5180] Bluetooth: hci6: command tx timeout [ 470.821788][ T8435] netlink: 'syz.0.496': attribute type 3 has an invalid length. [ 471.007037][ T8439] loop1: detected capacity change from 0 to 512 [ 471.137209][ T8439] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.498: casefold flag without casefold feature [ 471.205199][ T8439] EXT4-fs error (device loop1): ext4_orphan_get:1395: comm syz.1.498: couldn't read orphan inode 15 (err -117) [ 471.312632][ T8439] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 471.604323][ T8457] overlayfs: failed to resolve './file2': -2 [ 472.578199][ T5180] Bluetooth: hci6: command tx timeout [ 472.650762][ T8062] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 472.963634][ T8062] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 473.112652][ T8062] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 473.336095][ T8062] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 474.732936][ T8086] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 474.780458][ T8086] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 474.843584][ T8086] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 474.976399][ T8086] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 477.417287][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 477.894637][ T8062] 8021q: adding VLAN 0 to HW filter on device bond0 [ 477.973660][ T8412] chnl_net:caif_netlink_parms(): no params data found [ 478.122054][ T8509] random: crng reseeded on system resumption [ 479.671867][ T8516] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 480.880072][ T6051] bridge_slave_1: left allmulticast mode [ 480.885752][ T6051] bridge_slave_1: left promiscuous mode [ 480.931697][ T6051] bridge0: port 2(bridge_slave_1) entered disabled state [ 481.010748][ T6051] bridge_slave_0: left allmulticast mode [ 481.016435][ T6051] bridge_slave_0: left promiscuous mode [ 481.220997][ T8528] loop1: detected capacity change from 0 to 2048 [ 481.356703][ T8528] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 481.456400][ T6051] bridge0: port 1(bridge_slave_0) entered disabled state [ 483.352282][ T5887] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 483.363063][ T5887] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 483.372147][ T5887] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 483.390285][ T5887] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 483.414786][ T5887] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 483.522350][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 483.993965][ T8550] loop1: detected capacity change from 0 to 16 [ 484.062309][ T8550] erofs (device loop1): mounted with root inode @ nid 36. [ 484.152414][ T5180] erofs (device loop1): failed to decompress -26 in[46, 0] out[9000] [ 484.205178][ T8550] erofs (device loop1): failed to decompress -26 in[46, 4050] out[8192] [ 484.266978][ T8550] erofs (device loop1): read error -117 @ 1 of nid 89 [ 484.280854][ T30] audit: type=1800 audit(1757761834.996:71): pid=8550 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.511" name="file2" dev="loop1" ino=89 res=0 errno=0 [ 484.628773][ T5887] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 484.660328][ T5887] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 484.670845][ T5887] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 484.742138][ T5887] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 485.110999][ T5887] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 485.573720][ T5887] Bluetooth: hci1: command tx timeout [ 485.768032][ T6051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 485.795917][ T6051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 485.818578][ T6051] bond0 (unregistering): Released all slaves [ 486.607675][ T8572] overlayfs: failed to resolve './file2': -2 [ 487.098732][ T8412] bridge0: port 1(bridge_slave_0) entered blocking state [ 487.132574][ T8412] bridge0: port 1(bridge_slave_0) entered disabled state [ 487.164381][ T8412] bridge_slave_0: entered allmulticast mode [ 487.205868][ T8412] bridge_slave_0: entered promiscuous mode [ 487.218245][ T8412] bridge0: port 2(bridge_slave_1) entered blocking state [ 487.232763][ T8412] bridge0: port 2(bridge_slave_1) entered disabled state [ 487.245110][ T8412] bridge_slave_1: entered allmulticast mode [ 487.283223][ T8412] bridge_slave_1: entered promiscuous mode [ 487.533533][ T5887] Bluetooth: hci3: command tx timeout [ 487.609899][ T5887] Bluetooth: hci1: command tx timeout [ 488.602084][ T8585] loop0: detected capacity change from 0 to 2048 [ 488.720724][ T8585] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 489.589780][ T5870] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 489.610218][ T5887] Bluetooth: hci3: command tx timeout [ 489.693565][ T5887] Bluetooth: hci1: command tx timeout [ 489.777060][ T6051] hsr_slave_0: left promiscuous mode [ 489.829540][ T6051] hsr_slave_1: left promiscuous mode [ 489.920370][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 489.950732][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 490.675923][ T8606] loop1: detected capacity change from 0 to 256 [ 490.692200][ T8606] exfat: Unknown parameter 'smackfsroot' [ 491.685108][ T6051] team0 (unregistering): Port device team_slave_1 removed [ 491.689965][ T5887] Bluetooth: hci3: command tx timeout [ 491.770132][ T5887] Bluetooth: hci1: command tx timeout [ 491.826605][ T6051] team0 (unregistering): Port device team_slave_0 removed [ 493.043558][ T8412] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 493.125217][ T8412] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 493.162738][ T8628] overlayfs: failed to resolve './file2': -2 [ 493.304720][ T8412] team0: Port device team_slave_0 added [ 493.350010][ T8412] team0: Port device team_slave_1 added [ 493.792019][ T5887] Bluetooth: hci3: command tx timeout [ 493.807584][ T8640] netlink: 68 bytes leftover after parsing attributes in process `syz.1.530'. [ 494.725968][ T8412] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 494.753794][ T8412] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 494.805730][ T8412] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 494.817528][ T8647] loop1: detected capacity change from 0 to 128 [ 494.833537][ T8412] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 494.850601][ T8412] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 494.988941][ T8412] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 496.368709][ T8412] hsr_slave_0: entered promiscuous mode [ 496.389570][ T8412] hsr_slave_1: entered promiscuous mode [ 496.433433][ T8412] debugfs: 'hsr0' already exists in 'hsr' [ 496.458370][ T8412] Cannot create hsr debugfs directory [ 496.684254][ T8664] loop1: detected capacity change from 0 to 256 [ 496.729050][ T8664] exfat: Unknown parameter 'smackfsroot' [ 498.820136][ T8689] syz0: rxe_newlink: already configured on veth1_macvtap [ 498.854856][ T30] audit: type=1326 audit(1757761849.556:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8681 comm="syz.3.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896f18eba9 code=0x7ffc0000 [ 499.405483][ T30] audit: type=1326 audit(1757761849.556:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8681 comm="syz.3.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f896f18eba9 code=0x7ffc0000 [ 499.559795][ T30] audit: type=1326 audit(1757761849.556:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8681 comm="syz.3.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896f18eba9 code=0x7ffc0000 [ 499.845164][ T30] audit: type=1326 audit(1757761849.566:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8681 comm="syz.3.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896f18eba9 code=0x7ffc0000 [ 500.007425][ T8695] loop1: detected capacity change from 0 to 512 [ 500.081694][ T8695] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 503.039566][ T8695] EXT4-fs: error -4 creating inode table initialization thread [ 503.048061][ T8695] EXT4-fs (loop1): mount failed [ 504.009966][ T8716] overlayfs: failed to resolve './file2': -2 [ 505.495580][ T8559] chnl_net:caif_netlink_parms(): no params data found [ 506.131844][ T8739] netlink: 4 bytes leftover after parsing attributes in process `syz.3.549'. [ 506.406882][ T8542] chnl_net:caif_netlink_parms(): no params data found [ 506.859262][ T8559] bridge0: port 1(bridge_slave_0) entered blocking state [ 506.881695][ T8559] bridge0: port 1(bridge_slave_0) entered disabled state [ 506.909900][ T8559] bridge_slave_0: entered allmulticast mode [ 506.918343][ T8559] bridge_slave_0: entered promiscuous mode [ 507.172717][ T8559] bridge0: port 2(bridge_slave_1) entered blocking state [ 507.184388][ T8559] bridge0: port 2(bridge_slave_1) entered disabled state [ 507.192262][ T8559] bridge_slave_1: entered allmulticast mode [ 507.472456][ T8559] bridge_slave_1: entered promiscuous mode [ 507.816827][ T8767] rdma_rxe: rxe_newlink: failed to add veth1_macvtap [ 507.853456][ T30] audit: type=1326 audit(1757761858.556:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.1.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f460238eba9 code=0x7ffc0000 [ 507.886324][ T30] audit: type=1326 audit(1757761858.556:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.1.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f460238eba9 code=0x7ffc0000 [ 508.376518][ T30] audit: type=1326 audit(1757761858.566:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.1.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f460238eba9 code=0x7ffc0000 [ 508.427957][ T8559] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 508.468248][ T8766] loop0: detected capacity change from 0 to 2048 [ 508.473228][ T30] audit: type=1326 audit(1757761858.566:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.1.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f460238eba9 code=0x7ffc0000 [ 508.559246][ T8559] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 508.918660][ T8766] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 508.996395][ T30] audit: type=1800 audit(1757761859.696:80): pid=8766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.553" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 509.127644][ T8559] team0: Port device team_slave_0 added [ 509.146325][ T8542] bridge0: port 1(bridge_slave_0) entered blocking state [ 509.173785][ T8542] bridge0: port 1(bridge_slave_0) entered disabled state [ 509.182292][ T8542] bridge_slave_0: entered allmulticast mode [ 509.191293][ T8542] bridge_slave_0: entered promiscuous mode [ 509.217272][ T8559] team0: Port device team_slave_1 added [ 509.258067][ T8542] bridge0: port 2(bridge_slave_1) entered blocking state [ 509.267494][ T8542] bridge0: port 2(bridge_slave_1) entered disabled state [ 509.278729][ T8542] bridge_slave_1: entered allmulticast mode [ 509.293799][ T8542] bridge_slave_1: entered promiscuous mode [ 509.650437][ T8791] loop1: detected capacity change from 0 to 512 [ 509.731238][ T8791] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.556: casefold flag without casefold feature [ 509.752019][ T8542] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 509.818805][ T8791] EXT4-fs error (device loop1): ext4_orphan_get:1395: comm syz.1.556: couldn't read orphan inode 15 (err -117) [ 509.833766][ T8542] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 509.861485][ T8796] netlink: 16 bytes leftover after parsing attributes in process `syz.3.557'. [ 509.872221][ T8559] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 509.884116][ T8791] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 509.893093][ T8559] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 509.957374][ T8559] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 509.978542][ T8412] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 510.079434][ T8412] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 511.056588][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 511.160541][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 511.224504][ T8559] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 511.234542][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 511.239340][ T8559] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 511.269934][ T8559] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 511.321834][ T5870] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 511.409139][ T8412] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 511.434630][ T8412] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 511.470614][ T8542] team0: Port device team_slave_0 added [ 511.717612][ T8559] hsr_slave_0: entered promiscuous mode [ 511.741801][ T8559] hsr_slave_1: entered promiscuous mode [ 511.748263][ T8559] debugfs: 'hsr0' already exists in 'hsr' [ 511.783770][ T8818] netlink: 4 bytes leftover after parsing attributes in process `syz.0.560'. [ 511.805804][ T8559] Cannot create hsr debugfs directory [ 511.880446][ T8542] team0: Port device team_slave_1 added [ 512.892900][ T6051] bridge_slave_1: left allmulticast mode [ 512.898609][ T6051] bridge_slave_1: left promiscuous mode [ 512.920375][ T6051] bridge0: port 2(bridge_slave_1) entered disabled state [ 512.948659][ T6051] bridge_slave_0: left allmulticast mode [ 512.969675][ T6051] bridge_slave_0: left promiscuous mode [ 512.975538][ T6051] bridge0: port 1(bridge_slave_0) entered disabled state [ 513.063708][ T6051] bridge_slave_1: left allmulticast mode [ 513.069515][ T6051] bridge_slave_1: left promiscuous mode [ 513.109936][ T6051] bridge0: port 2(bridge_slave_1) entered disabled state [ 513.155015][ T6051] bridge_slave_0: left allmulticast mode [ 513.170045][ T6051] bridge_slave_0: left promiscuous mode [ 513.175904][ T6051] bridge0: port 1(bridge_slave_0) entered disabled state [ 513.676682][ T8842] rdma_rxe: rxe_newlink: failed to add veth1_macvtap [ 513.697794][ T30] audit: type=1326 audit(1757761864.396:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8836 comm="syz.0.564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 513.791624][ T30] audit: type=1326 audit(1757761864.396:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8836 comm="syz.0.564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 513.847750][ T30] audit: type=1326 audit(1757761864.396:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8836 comm="syz.0.564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 513.924703][ T30] audit: type=1326 audit(1757761864.396:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8836 comm="syz.0.564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 514.026624][ T30] audit: type=1326 audit(1757761864.396:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8836 comm="syz.0.564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 515.385240][ T6051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 515.418682][ T6051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 515.455345][ T6051] bond0 (unregistering): Released all slaves [ 516.011273][ T6051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 516.033255][ T6051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 516.053526][ T6051] bond0 (unregistering): Released all slaves [ 516.142277][ T8542] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 516.149301][ T8542] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 516.184087][ T8542] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 516.202503][ T8542] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 516.209503][ T8542] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 516.237238][ T8542] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 516.739940][ T8861] loop1: detected capacity change from 0 to 2048 [ 516.882232][ T8861] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 517.871602][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 518.466975][ T6051] hsr_slave_0: left promiscuous mode [ 518.478211][ T6051] hsr_slave_1: left promiscuous mode [ 518.498042][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 518.528798][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 518.570431][ T6051] hsr_slave_0: left promiscuous mode [ 518.579578][ T6051] hsr_slave_1: left promiscuous mode [ 518.637538][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 518.703812][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 520.163916][ T8896] netlink: 4 bytes leftover after parsing attributes in process `syz.3.573'. [ 520.503978][ T8903] loop0: detected capacity change from 0 to 2048 [ 520.565564][ T6038] Alternate GPT is invalid, using primary GPT. [ 520.584695][ T6038] loop0: p1 p2 p3 [ 520.588491][ T6038] loop0: partition table partially beyond EOD, truncated [ 520.673956][ T8903] Alternate GPT is invalid, using primary GPT. [ 520.680650][ T8903] loop0: p1 p2 p3 [ 520.684429][ T8903] loop0: partition table partially beyond EOD, truncated [ 520.707293][ T6051] team0 (unregistering): Port device team_slave_1 removed [ 520.773235][ T6051] team0 (unregistering): Port device team_slave_0 removed [ 521.272466][ T8909] loop1: detected capacity change from 0 to 256 [ 521.320602][ T8909] exfat: Deprecated parameter 'utf8' [ 521.326177][ T8909] exfat: Deprecated parameter 'namecase' [ 521.337648][ T8910] rdma_rxe: rxe_newlink: failed to add veth1_macvtap [ 521.400151][ T30] audit: type=1326 audit(1757761872.076:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8905 comm="syz.0.576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 521.568941][ T30] audit: type=1326 audit(1757761872.076:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8905 comm="syz.0.576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 521.694022][ T30] audit: type=1326 audit(1757761872.076:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8905 comm="syz.0.576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 521.765309][ T30] audit: type=1326 audit(1757761872.076:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8905 comm="syz.0.576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 522.049866][ T6037] udevd[6037]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 522.060195][ T5944] udevd[5944]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 522.073156][ T5925] udevd[5925]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 522.086216][ T8909] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 522.158763][ T5944] udevd[5944]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 522.175311][ T5925] udevd[5925]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 522.193728][ T6037] udevd[6037]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 522.537849][ T6051] team0 (unregistering): Port device team_slave_1 removed [ 522.577436][ T6051] team0 (unregistering): Port device team_slave_0 removed [ 522.978046][ T8542] hsr_slave_0: entered promiscuous mode [ 522.985179][ T8542] hsr_slave_1: entered promiscuous mode [ 522.992735][ T8542] debugfs: 'hsr0' already exists in 'hsr' [ 522.998567][ T8542] Cannot create hsr debugfs directory [ 525.174470][ T8917] loop0: detected capacity change from 0 to 40427 [ 525.207068][ T8917] F2FS-fs (loop0): build fault injection rate: 771 [ 525.265839][ T8917] F2FS-fs (loop0): invalid crc value [ 526.221985][ T5180] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 526.233735][ T5180] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 526.243150][ T5180] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 526.260365][ T5180] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 526.270225][ T8363] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 526.279215][ T5180] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 526.461089][ T8917] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 526.730207][ T8363] usb 2-1: Using ep0 maxpacket: 8 [ 527.036101][ T8363] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 527.223544][ T8363] usb 2-1: config 179 has no interface number 0 [ 527.271038][ T8363] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10 [ 527.364472][ T8363] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 527.439926][ T8363] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 527.473817][ T8363] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 527.524932][ T8363] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 527.589715][ T8363] usb 2-1: config 179 interface 65 has no altsetting 0 [ 527.622726][ T8363] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 527.660713][ T8363] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 527.712297][ T8943] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 527.766426][ T8363] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input10 [ 528.448908][ C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 528.457856][ T8363] usb 2-1: USB disconnect, device number 5 [ 528.569721][ T5180] Bluetooth: hci4: command tx timeout [ 528.671658][ T8559] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 528.883306][ T8559] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 529.569511][ T8559] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 529.820029][ T8978] loop1: detected capacity change from 0 to 512 [ 530.538530][ T8978] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 530.564489][ T8559] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 530.981866][ T5180] Bluetooth: hci4: command tx timeout [ 531.065595][ T8978] EXT4-fs (loop1): 1 truncate cleaned up [ 531.094500][ T8978] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 532.590567][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 533.001749][ T9002] netlink: 4 bytes leftover after parsing attributes in process `syz.1.589'. [ 533.068436][ T5180] Bluetooth: hci4: command tx timeout [ 534.592733][ T9010] loop1: detected capacity change from 0 to 512 [ 534.706722][ T9010] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.591: casefold flag without casefold feature [ 534.766595][ T9010] EXT4-fs error (device loop1): ext4_orphan_get:1395: comm syz.1.591: couldn't read orphan inode 15 (err -117) [ 534.859574][ T9010] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 535.067913][ T8542] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 535.423539][ T5180] Bluetooth: hci4: command tx timeout [ 535.535979][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 537.461666][ T8542] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 537.543293][ T9033] overlayfs: failed to resolve './file2': -2 [ 538.277449][ T8542] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 538.309116][ T8542] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 539.062181][ T9045] 9pnet_fd: Insufficient options for proto=fd [ 539.986114][ T8944] chnl_net:caif_netlink_parms(): no params data found [ 540.359160][ T8559] 8021q: adding VLAN 0 to HW filter on device bond0 [ 540.371886][ T36] bridge_slave_1: left allmulticast mode [ 540.383561][ T36] bridge_slave_1: left promiscuous mode [ 540.390180][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 540.618135][ T36] bridge_slave_0: left allmulticast mode [ 540.650269][ T36] bridge_slave_0: left promiscuous mode [ 540.656085][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 541.189733][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 541.365621][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 541.771180][ T36] bond0 (unregistering): Released all slaves [ 544.533468][ T9086] rdma_rxe: rxe_newlink: failed to add veth1_macvtap [ 544.568005][ T30] audit: type=1326 audit(1757761895.266:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9080 comm="syz.1.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f460238eba9 code=0x7ffc0000 [ 544.746224][ T30] audit: type=1326 audit(1757761895.276:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9080 comm="syz.1.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f460238eba9 code=0x7ffc0000 [ 545.089375][ T30] audit: type=1326 audit(1757761895.276:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9080 comm="syz.1.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f460238eba9 code=0x7ffc0000 [ 545.191423][ T9094] 9pnet_fd: Insufficient options for proto=fd [ 545.512701][ T30] audit: type=1326 audit(1757761895.276:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9080 comm="syz.1.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f460238eba9 code=0x7ffc0000 [ 545.806429][ T9101] netlink: 'syz.3.607': attribute type 4 has an invalid length. [ 546.230140][ T8944] bridge0: port 1(bridge_slave_0) entered blocking state [ 546.258212][ T8944] bridge0: port 1(bridge_slave_0) entered disabled state [ 546.288495][ T8944] bridge_slave_0: entered allmulticast mode [ 546.371594][ T8944] bridge_slave_0: entered promiscuous mode [ 546.386131][ T8944] bridge0: port 2(bridge_slave_1) entered blocking state [ 546.420146][ T8944] bridge0: port 2(bridge_slave_1) entered disabled state [ 546.460126][ T8944] bridge_slave_1: entered allmulticast mode [ 546.640320][ T5887] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 546.652209][ T5887] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 546.667966][ T5887] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 546.681529][ T5887] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 546.689464][ T5887] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 546.749789][ T8944] bridge_slave_1: entered promiscuous mode [ 547.031461][ T9109] loop1: detected capacity change from 0 to 128 [ 547.250636][ T9109] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 547.266856][ T9109] ext4 filesystem being mounted at /180/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 548.946282][ T5887] Bluetooth: hci6: command tx timeout [ 549.575411][ T36] hsr_slave_0: left promiscuous mode [ 549.642931][ T9120] netlink: 4 bytes leftover after parsing attributes in process `syz.3.612'. [ 549.676705][ T5180] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 549.687292][ T5180] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 549.696744][ T5180] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 549.705630][ T5180] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 549.716072][ T5180] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 549.985657][ T36] hsr_slave_1: left promiscuous mode [ 550.033475][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 550.044059][ T5869] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 550.055935][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 550.177239][ T9133] loop0: detected capacity change from 0 to 512 [ 550.193499][ T9133] journal_path: Lookup failure for './file0' [ 550.209166][ T9133] EXT4-fs: error: could not find journal device path [ 550.731117][ T36] team0 (unregistering): Port device team_slave_1 removed [ 550.776591][ T36] team0 (unregistering): Port device team_slave_0 removed [ 550.882431][ T9137] loop0: detected capacity change from 0 to 512 [ 550.946138][ T9137] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.616: casefold flag without casefold feature [ 550.992647][ T5887] Bluetooth: hci6: command tx timeout [ 551.004265][ T9137] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.616: couldn't read orphan inode 15 (err -117) [ 551.081497][ T9131] loop1: detected capacity change from 0 to 40427 [ 551.105306][ T9137] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 551.118709][ T9131] F2FS-fs: heap/no_heap options were deprecated [ 551.153283][ T9131] F2FS-fs (loop1): build fault injection rate: 19 [ 551.163285][ T9131] F2FS-fs (loop1): build fault injection type: 0x3bfe8c [ 551.183321][ T9131] F2FS-fs (loop1): invalid crc value [ 551.258679][ T9131] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_folio of __f2fs_build_free_nids+0x207/0xfe0 [ 551.536484][ T9131] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_get_node_info+0xd42/0x11e0 [ 551.732664][ T9131] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 551.768142][ T9131] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 551.769853][ T5887] Bluetooth: hci1: command tx timeout [ 551.785492][ T5870] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 551.811756][ T9131] F2FS-fs (loop1): inject no more block in inc_valid_block_count of f2fs_reserve_new_blocks+0x24d/0xc30 [ 551.944195][ T5869] syz-executor: attempt to access beyond end of device [ 551.944195][ T5869] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 551.979147][ T5869] CPU: 1 UID: 0 PID: 5869 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 551.979193][ T5869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 551.979214][ T5869] Call Trace: [ 551.979225][ T5869] [ 551.979238][ T5869] dump_stack_lvl+0x16c/0x1f0 [ 551.979297][ T5869] f2fs_handle_critical_error+0x624/0x9f0 [ 551.979347][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 551.979399][ T5869] ? f2fs_build_fault_attr+0x53/0x1f0 [ 551.979450][ T5869] f2fs_write_end_io+0x958/0xcf0 [ 551.979507][ T5869] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 551.979565][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 551.979623][ T5869] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 551.979673][ T5869] bio_endio+0x713/0x860 [ 551.979736][ T5869] submit_bio_noacct+0x306/0x1ed0 [ 551.979793][ T5869] __submit_merged_bio+0x33c/0x770 [ 551.979849][ T5869] __submit_merged_write_cond+0x319/0x3f0 [ 551.979911][ T5869] f2fs_sync_node_pages+0x1394/0x1620 [ 551.979963][ T5869] ? sync_inode_metadata+0xa4/0xe0 [ 551.980019][ T5869] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 551.980061][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 551.980102][ T5869] ? __lock_acquire+0xb97/0x1ce0 [ 551.980203][ T5869] ? down_write+0x14d/0x200 [ 551.980240][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 551.980285][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 551.980327][ T5869] ? up_write+0x1b2/0x520 [ 551.980370][ T5869] block_operations+0x952/0xfe0 [ 551.980424][ T5869] ? __pfx_block_operations+0x10/0x10 [ 551.980542][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 551.980584][ T5869] ? down_write+0x14d/0x200 [ 551.980618][ T5869] ? __pfx_down_write+0x10/0x10 [ 551.980656][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 551.980699][ T5869] ? rcu_is_watching+0x12/0xc0 [ 551.980752][ T5869] f2fs_write_checkpoint+0x2b8/0x4c60 [ 551.980795][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 551.980837][ T5869] ? kfree+0x2b4/0x4d0 [ 551.980881][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 551.980928][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 551.980970][ T5869] ? rcu_is_watching+0x12/0xc0 [ 551.981015][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 551.981058][ T5869] ? kthread_stop+0x273/0x630 [ 551.981097][ T5869] kill_f2fs_super+0x3c2/0x470 [ 551.981133][ T5869] ? __pfx_kill_f2fs_super+0x10/0x10 [ 551.981167][ T5869] ? lockdep_hardirqs_on+0x7c/0x110 [ 551.981242][ T5869] deactivate_locked_super+0xc1/0x1a0 [ 551.981299][ T5869] deactivate_super+0xde/0x100 [ 551.981355][ T5869] cleanup_mnt+0x225/0x450 [ 551.981420][ T5869] task_work_run+0x150/0x240 [ 551.981462][ T5869] ? __pfx_task_work_run+0x10/0x10 [ 551.981500][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 551.981546][ T5869] ? __pfx___x64_sys_umount+0x10/0x10 [ 551.981592][ T5869] exit_to_user_mode_loop+0xeb/0x110 [ 551.981633][ T5869] do_syscall_64+0x41c/0x4e0 [ 551.981694][ T5869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 551.981730][ T5869] RIP: 0033:0x7f460238fed7 [ 551.981758][ T5869] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 551.981793][ T5869] RSP: 002b:00007ffe3453d208 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 551.981826][ T5869] RAX: 0000000000000000 RBX: 00007f4602411c05 RCX: 00007f460238fed7 [ 551.981850][ T5869] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe3453d2c0 [ 551.981872][ T5869] RBP: 00007ffe3453d2c0 R08: 0000000000000000 R09: 0000000000000000 [ 551.981895][ T5869] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe3453e350 [ 551.981918][ T5869] R13: 00007f4602411c05 R14: 0000000000086bc4 R15: 00007ffe3453e390 [ 551.981967][ T5869] [ 552.391590][ T5869] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 552.399406][ T5869] CPU: 0 UID: 0 PID: 5869 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 552.399454][ T5869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 552.399477][ T5869] Call Trace: [ 552.399488][ T5869] [ 552.399502][ T5869] dump_stack_lvl+0x16c/0x1f0 [ 552.399566][ T5869] f2fs_handle_critical_error+0x624/0x9f0 [ 552.399622][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 552.399670][ T5869] ? f2fs_build_fault_attr+0x53/0x1f0 [ 552.399721][ T5869] f2fs_write_end_io+0x958/0xcf0 [ 552.399778][ T5869] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 552.399836][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 552.399892][ T5869] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 552.399943][ T5869] bio_endio+0x713/0x860 [ 552.400008][ T5869] submit_bio_noacct+0x306/0x1ed0 [ 552.400068][ T5869] __submit_merged_bio+0x33c/0x770 [ 552.400127][ T5869] __submit_merged_write_cond+0x319/0x3f0 [ 552.400192][ T5869] f2fs_sync_node_pages+0x1394/0x1620 [ 552.400248][ T5869] ? sync_inode_metadata+0xa4/0xe0 [ 552.400308][ T5869] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 552.400352][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 552.400396][ T5869] ? __lock_acquire+0xb97/0x1ce0 [ 552.400502][ T5869] ? down_write+0x14d/0x200 [ 552.400540][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 552.400587][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 552.400631][ T5869] ? up_write+0x1b2/0x520 [ 552.400679][ T5869] block_operations+0x952/0xfe0 [ 552.400727][ T5869] ? __pfx_block_operations+0x10/0x10 [ 552.400846][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 552.400890][ T5869] ? down_write+0x14d/0x200 [ 552.400926][ T5869] ? __pfx_down_write+0x10/0x10 [ 552.400965][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 552.401009][ T5869] ? rcu_is_watching+0x12/0xc0 [ 552.401064][ T5869] f2fs_write_checkpoint+0x2b8/0x4c60 [ 552.401108][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 552.401152][ T5869] ? kfree+0x2b4/0x4d0 [ 552.401197][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 552.401246][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 552.401290][ T5869] ? rcu_is_watching+0x12/0xc0 [ 552.401336][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 552.401380][ T5869] ? kthread_stop+0x273/0x630 [ 552.401420][ T5869] kill_f2fs_super+0x3c2/0x470 [ 552.401457][ T5869] ? __pfx_kill_f2fs_super+0x10/0x10 [ 552.401492][ T5869] ? lockdep_hardirqs_on+0x7c/0x110 [ 552.401569][ T5869] deactivate_locked_super+0xc1/0x1a0 [ 552.401628][ T5869] deactivate_super+0xde/0x100 [ 552.401691][ T5869] cleanup_mnt+0x225/0x450 [ 552.401754][ T5869] task_work_run+0x150/0x240 [ 552.401798][ T5869] ? __pfx_task_work_run+0x10/0x10 [ 552.401836][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 552.401884][ T5869] ? __pfx___x64_sys_umount+0x10/0x10 [ 552.401931][ T5869] exit_to_user_mode_loop+0xeb/0x110 [ 552.401973][ T5869] do_syscall_64+0x41c/0x4e0 [ 552.402037][ T5869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 552.402075][ T5869] RIP: 0033:0x7f460238fed7 [ 552.402103][ T5869] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 552.402140][ T5869] RSP: 002b:00007ffe3453d208 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 552.402175][ T5869] RAX: 0000000000000000 RBX: 00007f4602411c05 RCX: 00007f460238fed7 [ 552.402199][ T5869] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe3453d2c0 [ 552.402222][ T5869] RBP: 00007ffe3453d2c0 R08: 0000000000000000 R09: 0000000000000000 [ 552.402245][ T5869] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe3453e350 [ 552.402269][ T5869] R13: 00007f4602411c05 R14: 0000000000086bc4 R15: 00007ffe3453e390 [ 552.402319][ T5869] [ 552.831912][ T5869] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 553.130037][ T5887] Bluetooth: hci6: command tx timeout [ 553.623272][ T8944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 553.677920][ T9153] netem: change failed [ 553.852395][ T5887] Bluetooth: hci1: command tx timeout [ 554.031955][ T8944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 554.608402][ T9161] 9pnet_fd: Insufficient options for proto=fd [ 555.168540][ T8944] team0: Port device team_slave_0 added [ 555.216011][ T5887] Bluetooth: hci6: command tx timeout [ 555.483212][ T8944] team0: Port device team_slave_1 added [ 555.858999][ T8944] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 555.878768][ T8944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 555.940159][ T5887] Bluetooth: hci1: command tx timeout [ 556.131505][ T8944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 556.187508][ T8944] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 556.199657][ T8944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 557.219950][ T8944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 558.009699][ T5887] Bluetooth: hci1: command tx timeout [ 558.898890][ T9183] loop0: detected capacity change from 0 to 256 [ 558.906438][ T9183] exfat: Deprecated parameter 'namecase' [ 558.912265][ T9183] exfat: Deprecated parameter 'utf8' [ 559.103262][ T9183] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 559.638293][ T9186] loop1: detected capacity change from 0 to 512 [ 559.666708][ T8944] hsr_slave_0: entered promiscuous mode [ 559.723901][ T8944] hsr_slave_1: entered promiscuous mode [ 559.772254][ T8944] debugfs: 'hsr0' already exists in 'hsr' [ 559.778037][ T8944] Cannot create hsr debugfs directory [ 559.803382][ T9186] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.627: casefold flag without casefold feature [ 559.923207][ T9186] EXT4-fs error (device loop1): ext4_orphan_get:1395: comm syz.1.627: couldn't read orphan inode 15 (err -117) [ 560.046800][ T9186] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 560.302403][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 560.937538][ T9194] netlink: 4 bytes leftover after parsing attributes in process `syz.3.629'. [ 561.402547][ T9203] binder_alloc: 9202: pid 9202 spamming oneway? 1 buffers allocated for a total size of 4096 [ 561.577948][ T9105] chnl_net:caif_netlink_parms(): no params data found [ 561.849282][ T9209] 9pnet_fd: Insufficient options for proto=fd [ 562.660161][ T9213] netlink: 12 bytes leftover after parsing attributes in process `syz.0.633'. [ 563.314750][ T9221] loop0: detected capacity change from 0 to 256 [ 563.482071][ T9197] loop1: detected capacity change from 0 to 40427 [ 563.486142][ T9221] FAT-fs (loop0): Directory bread(block 64) failed [ 563.500519][ T9221] FAT-fs (loop0): Directory bread(block 65) failed [ 563.522729][ T9221] FAT-fs (loop0): Directory bread(block 66) failed [ 563.529484][ T9221] FAT-fs (loop0): Directory bread(block 67) failed [ 563.536905][ T9221] FAT-fs (loop0): Directory bread(block 68) failed [ 563.544971][ T9221] FAT-fs (loop0): Directory bread(block 69) failed [ 563.551915][ T9221] FAT-fs (loop0): Directory bread(block 70) failed [ 563.558487][ T9197] F2FS-fs (loop1): invalid crc value [ 563.577833][ T9221] FAT-fs (loop0): Directory bread(block 71) failed [ 563.590615][ T9221] FAT-fs (loop0): Directory bread(block 72) failed [ 563.597178][ T9221] FAT-fs (loop0): Directory bread(block 73) failed [ 563.777323][ T9197] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 563.818032][ T9197] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 563.944024][ T9197] syz.1.628: attempt to access beyond end of device [ 563.944024][ T9197] loop1: rw=2049, sector=77824, nr_sectors = 136 limit=40427 [ 564.025479][ T30] audit: type=1804 audit(1757761914.736:94): pid=9231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.628" name="/newroot/184/file0/bus" dev="loop1" ino=10 res=1 errno=0 [ 564.072223][ T9105] bridge0: port 1(bridge_slave_0) entered blocking state [ 564.080215][ T9105] bridge0: port 1(bridge_slave_0) entered disabled state [ 564.087600][ T9105] bridge_slave_0: entered allmulticast mode [ 564.103772][ T9105] bridge_slave_0: entered promiscuous mode [ 564.251190][ T9234] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 564.303591][ T9105] bridge0: port 2(bridge_slave_1) entered blocking state [ 564.341075][ T9105] bridge0: port 2(bridge_slave_1) entered disabled state [ 564.366786][ T9105] bridge_slave_1: entered allmulticast mode [ 564.378021][ T9105] bridge_slave_1: entered promiscuous mode [ 564.390046][ T9235] netlink: 4 bytes leftover after parsing attributes in process `syz.0.637'. [ 564.409263][ T5869] syz-executor: attempt to access beyond end of device [ 564.409263][ T5869] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 564.439550][ T5869] CPU: 1 UID: 0 PID: 5869 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 564.439603][ T5869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 564.439624][ T5869] Call Trace: [ 564.439636][ T5869] [ 564.439650][ T5869] dump_stack_lvl+0x16c/0x1f0 [ 564.439712][ T5869] f2fs_handle_critical_error+0x624/0x9f0 [ 564.439762][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.439808][ T5869] ? f2fs_build_fault_attr+0x53/0x1f0 [ 564.439861][ T5869] f2fs_write_end_io+0x958/0xcf0 [ 564.439920][ T5869] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 564.439979][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.440035][ T5869] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 564.440086][ T5869] bio_endio+0x713/0x860 [ 564.440151][ T5869] submit_bio_noacct+0x306/0x1ed0 [ 564.440214][ T5869] __submit_merged_bio+0x33c/0x770 [ 564.440274][ T5869] __submit_merged_write_cond+0x319/0x3f0 [ 564.440341][ T5869] f2fs_write_cache_pages+0x2067/0x2570 [ 564.440441][ T5869] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 564.440510][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.440554][ T5869] ? __lock_acquire+0x62e/0x1ce0 [ 564.440626][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.440669][ T5869] ? __lock_acquire+0x62e/0x1ce0 [ 564.440778][ T5869] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 564.440881][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.440925][ T5869] ? mod_memcg_lruvec_state+0x389/0x5f0 [ 564.440976][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.441019][ T5869] ? __mod_zone_page_state+0xcc/0x1a0 [ 564.441069][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.441123][ T5869] f2fs_write_data_pages+0x4ad/0xd90 [ 564.441194][ T5869] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 564.441271][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.441316][ T5869] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 564.441380][ T5869] do_writepages+0x27a/0x600 [ 564.441443][ T5869] ? __pfx_do_writepages+0x10/0x10 [ 564.441487][ T5869] ? do_raw_spin_unlock+0x172/0x230 [ 564.441529][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.441573][ T5869] ? _raw_spin_unlock+0x28/0x50 [ 564.441629][ T5869] filemap_fdatawrite_wbc+0x104/0x160 [ 564.441683][ T5869] __filemap_fdatawrite_range+0xb9/0x100 [ 564.441745][ T5869] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 564.441877][ T5869] ? find_held_lock+0x2b/0x80 [ 564.441926][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.441971][ T5869] ? do_raw_spin_unlock+0x172/0x230 [ 564.442013][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.442065][ T5869] f2fs_sync_dirty_inodes+0x2a9/0x990 [ 564.442153][ T5869] block_operations+0x2b0/0xfe0 [ 564.442195][ T5869] ? __pfx___schedule+0x10/0x10 [ 564.442251][ T5869] ? __pfx_block_operations+0x10/0x10 [ 564.442382][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.442432][ T5869] ? down_write+0x14d/0x200 [ 564.442468][ T5869] ? __pfx_down_write+0x10/0x10 [ 564.442507][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.442550][ T5869] ? rcu_is_watching+0x12/0xc0 [ 564.442606][ T5869] f2fs_write_checkpoint+0x2b8/0x4c60 [ 564.442652][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.442695][ T5869] ? kfree+0x2b4/0x4d0 [ 564.442740][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.442788][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.442831][ T5869] ? rcu_is_watching+0x12/0xc0 [ 564.442877][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.442919][ T5869] ? kthread_stop+0x273/0x630 [ 564.442961][ T5869] kill_f2fs_super+0x3c2/0x470 [ 564.442998][ T5869] ? __pfx_kill_f2fs_super+0x10/0x10 [ 564.443033][ T5869] ? lockdep_hardirqs_on+0x7c/0x110 [ 564.443113][ T5869] deactivate_locked_super+0xc1/0x1a0 [ 564.443172][ T5869] deactivate_super+0xde/0x100 [ 564.443230][ T5869] cleanup_mnt+0x225/0x450 [ 564.443293][ T5869] task_work_run+0x150/0x240 [ 564.443338][ T5869] ? __pfx_task_work_run+0x10/0x10 [ 564.443375][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.443433][ T5869] ? __pfx___x64_sys_umount+0x10/0x10 [ 564.443481][ T5869] exit_to_user_mode_loop+0xeb/0x110 [ 564.443524][ T5869] do_syscall_64+0x41c/0x4e0 [ 564.443589][ T5869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 564.443625][ T5869] RIP: 0033:0x7f460238fed7 [ 564.443654][ T5869] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 564.443690][ T5869] RSP: 002b:00007ffe3453d208 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 564.443724][ T5869] RAX: 0000000000000000 RBX: 00007f4602411c05 RCX: 00007f460238fed7 [ 564.443748][ T5869] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe3453d2c0 [ 564.443770][ T5869] RBP: 00007ffe3453d2c0 R08: 0000000000000000 R09: 0000000000000000 [ 564.443793][ T5869] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe3453e350 [ 564.443817][ T5869] R13: 00007f4602411c05 R14: 0000000000089bcd R15: 00007ffe3453e390 [ 564.443872][ T5869] [ 564.920217][ T5869] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 564.941680][ T5869] CPU: 0 UID: 0 PID: 5869 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 564.941728][ T5869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 564.941750][ T5869] Call Trace: [ 564.941763][ T5869] [ 564.941777][ T5869] dump_stack_lvl+0x16c/0x1f0 [ 564.941841][ T5869] f2fs_handle_critical_error+0x624/0x9f0 [ 564.941893][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.941937][ T5869] ? f2fs_build_fault_attr+0x53/0x1f0 [ 564.941991][ T5869] f2fs_write_end_io+0x958/0xcf0 [ 564.942049][ T5869] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 564.942107][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.942163][ T5869] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 564.942213][ T5869] bio_endio+0x713/0x860 [ 564.942277][ T5869] submit_bio_noacct+0x306/0x1ed0 [ 564.942340][ T5869] __submit_merged_bio+0x33c/0x770 [ 564.942408][ T5869] __submit_merged_write_cond+0x319/0x3f0 [ 564.942475][ T5869] f2fs_write_cache_pages+0x2067/0x2570 [ 564.942569][ T5869] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 564.942641][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.942684][ T5869] ? __lock_acquire+0x62e/0x1ce0 [ 564.942755][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.942798][ T5869] ? __lock_acquire+0x62e/0x1ce0 [ 564.942907][ T5869] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 564.943006][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.943049][ T5869] ? mod_memcg_lruvec_state+0x389/0x5f0 [ 564.943100][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.943141][ T5869] ? __mod_zone_page_state+0xcc/0x1a0 [ 564.943190][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.943243][ T5869] f2fs_write_data_pages+0x4ad/0xd90 [ 564.943312][ T5869] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 564.943397][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.943442][ T5869] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 564.943504][ T5869] do_writepages+0x27a/0x600 [ 564.943561][ T5869] ? __pfx_do_writepages+0x10/0x10 [ 564.943606][ T5869] ? do_raw_spin_unlock+0x172/0x230 [ 564.943648][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.943691][ T5869] ? _raw_spin_unlock+0x28/0x50 [ 564.943748][ T5869] filemap_fdatawrite_wbc+0x104/0x160 [ 564.943803][ T5869] __filemap_fdatawrite_range+0xb9/0x100 [ 564.943865][ T5869] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 564.943996][ T5869] ? find_held_lock+0x2b/0x80 [ 564.944046][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.944090][ T5869] ? do_raw_spin_unlock+0x172/0x230 [ 564.944132][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.944184][ T5869] f2fs_sync_dirty_inodes+0x2a9/0x990 [ 564.944271][ T5869] block_operations+0x2b0/0xfe0 [ 564.944312][ T5869] ? __pfx___schedule+0x10/0x10 [ 564.944371][ T5869] ? __pfx_block_operations+0x10/0x10 [ 564.944506][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.944551][ T5869] ? down_write+0x14d/0x200 [ 564.944587][ T5869] ? __pfx_down_write+0x10/0x10 [ 564.944626][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.944668][ T5869] ? rcu_is_watching+0x12/0xc0 [ 564.944723][ T5869] f2fs_write_checkpoint+0x2b8/0x4c60 [ 564.944768][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.944811][ T5869] ? kfree+0x2b4/0x4d0 [ 564.944855][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.944904][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.944948][ T5869] ? rcu_is_watching+0x12/0xc0 [ 564.944993][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.945035][ T5869] ? kthread_stop+0x273/0x630 [ 564.945076][ T5869] kill_f2fs_super+0x3c2/0x470 [ 564.945113][ T5869] ? __pfx_kill_f2fs_super+0x10/0x10 [ 564.945147][ T5869] ? lockdep_hardirqs_on+0x7c/0x110 [ 564.945226][ T5869] deactivate_locked_super+0xc1/0x1a0 [ 564.945284][ T5869] deactivate_super+0xde/0x100 [ 564.945341][ T5869] cleanup_mnt+0x225/0x450 [ 564.945409][ T5869] task_work_run+0x150/0x240 [ 564.945454][ T5869] ? __pfx_task_work_run+0x10/0x10 [ 564.945491][ T5869] ? srso_alias_return_thunk+0x5/0xfbef5 [ 564.945538][ T5869] ? __pfx___x64_sys_umount+0x10/0x10 [ 564.945588][ T5869] exit_to_user_mode_loop+0xeb/0x110 [ 564.945629][ T5869] do_syscall_64+0x41c/0x4e0 [ 564.945694][ T5869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 564.945730][ T5869] RIP: 0033:0x7f460238fed7 [ 564.945758][ T5869] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 564.945794][ T5869] RSP: 002b:00007ffe3453d208 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 564.945828][ T5869] RAX: 0000000000000000 RBX: 00007f4602411c05 RCX: 00007f460238fed7 [ 564.945852][ T5869] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe3453d2c0 [ 564.945874][ T5869] RBP: 00007ffe3453d2c0 R08: 0000000000000000 R09: 0000000000000000 [ 564.945897][ T5869] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe3453e350 [ 564.945921][ T5869] R13: 00007f4602411c05 R14: 0000000000089bcd R15: 00007ffe3453e390 [ 564.945975][ T5869] [ 565.438596][ T9234] veth0: entered promiscuous mode [ 565.446779][ T5869] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 565.507205][ T9122] chnl_net:caif_netlink_parms(): no params data found [ 565.660074][ T9105] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 565.748838][ T9105] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 566.065000][ T9105] team0: Port device team_slave_0 added [ 566.454826][ T9105] team0: Port device team_slave_1 added [ 567.465744][ T9105] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 567.473313][ T9105] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 567.500188][ T9105] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 567.514122][ T9105] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 567.521416][ T9105] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 567.570045][ T9105] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 567.899295][ T9122] bridge0: port 1(bridge_slave_0) entered blocking state [ 567.908720][ T9122] bridge0: port 1(bridge_slave_0) entered disabled state [ 567.916096][ T9122] bridge_slave_0: entered allmulticast mode [ 567.926194][ T9122] bridge_slave_0: entered promiscuous mode [ 567.948515][ T9122] bridge0: port 2(bridge_slave_1) entered blocking state [ 567.972028][ T9122] bridge0: port 2(bridge_slave_1) entered disabled state [ 567.979349][ T9122] bridge_slave_1: entered allmulticast mode [ 568.051583][ T9122] bridge_slave_1: entered promiscuous mode [ 568.418436][ T9257] loop1: detected capacity change from 0 to 256 [ 568.436743][ T9257] exfat: Unknown parameter 'smackfsroot' [ 568.599382][ T9122] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 568.618446][ T9257] loop1: detected capacity change from 0 to 2048 [ 568.681189][ T9105] hsr_slave_0: entered promiscuous mode [ 568.682809][ T9257] EXT4-fs (loop1): failed to initialize system zone (-117) [ 568.695750][ T9105] hsr_slave_1: entered promiscuous mode [ 568.705284][ T9105] debugfs: 'hsr0' already exists in 'hsr' [ 568.713190][ T9105] Cannot create hsr debugfs directory [ 568.722036][ T9122] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 568.730010][ T9257] EXT4-fs (loop1): mount failed [ 569.288635][ T9266] netlink: 12 bytes leftover after parsing attributes in process `syz.0.645'. [ 569.649742][ T8944] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 569.879567][ T9122] team0: Port device team_slave_0 added [ 569.917788][ T9122] team0: Port device team_slave_1 added [ 569.978631][ T8944] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 570.024892][ T8944] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 570.126675][ T8944] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 570.167908][ T9122] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 570.177054][ T9122] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 570.213747][ T9122] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 570.229865][ T6057] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 570.286735][ T9122] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 570.294043][ T9122] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 570.322336][ T9122] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 570.353571][ T36] bridge_slave_1: left allmulticast mode [ 570.359350][ T36] bridge_slave_1: left promiscuous mode [ 570.369362][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 570.384287][ T36] bridge_slave_0: left allmulticast mode [ 570.390398][ T36] bridge_slave_0: left promiscuous mode [ 570.396434][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 570.404209][ T6057] usb 1-1: Using ep0 maxpacket: 16 [ 570.412560][ T6057] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 570.427212][ T6057] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 570.442288][ T36] bridge_slave_1: left allmulticast mode [ 570.448097][ T36] bridge_slave_1: left promiscuous mode [ 570.455558][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 570.465926][ T6057] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 570.476298][ T6057] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 570.488010][ T36] bridge_slave_0: left allmulticast mode [ 570.495283][ T6057] usb 1-1: Product: syz [ 570.500310][ T6057] usb 1-1: Manufacturer: syz [ 570.504990][ T36] bridge_slave_0: left promiscuous mode [ 570.511819][ T6057] usb 1-1: SerialNumber: syz [ 570.516869][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 571.210216][ T9283] loop0: detected capacity change from 0 to 1024 [ 571.359795][ T9283] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 571.400953][ T9283] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: inode #11: comm syz.0.647: missing EA_INODE flag [ 571.414612][ T9283] EXT4-fs (loop0): Remounting filesystem read-only [ 572.497324][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 572.504068][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 572.732575][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 572.886697][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 572.995581][ T36] bond0 (unregistering): Released all slaves [ 573.689299][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 573.717546][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 573.740095][ T36] bond0 (unregistering): Released all slaves [ 574.162065][ T9122] hsr_slave_0: entered promiscuous mode [ 574.181242][ T6057] usb 1-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 574.202285][ T9122] hsr_slave_1: entered promiscuous mode [ 574.212391][ T9122] debugfs: 'hsr0' already exists in 'hsr' [ 574.229188][ T5870] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 574.239049][ T9122] Cannot create hsr debugfs directory [ 574.255617][ T6057] usb 1-1: USB disconnect, device number 12 [ 574.710038][ T9298] syz0: rxe_newlink: already configured on veth1_macvtap [ 574.750234][ T30] audit: type=1326 audit(1757761925.446:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9291 comm="syz.3.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896f18eba9 code=0x7ffc0000 [ 575.003147][ T30] audit: type=1326 audit(1757761925.446:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9291 comm="syz.3.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f896f18eba9 code=0x7ffc0000 [ 575.288985][ T30] audit: type=1326 audit(1757761925.446:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9291 comm="syz.3.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896f18eba9 code=0x7ffc0000 [ 575.382044][ T9300] loop0: detected capacity change from 0 to 256 [ 575.390726][ T9300] exfat: Unknown parameter 'smackfsroot' [ 575.397209][ T30] audit: type=1326 audit(1757761925.446:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9291 comm="syz.3.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896f18eba9 code=0x7ffc0000 [ 575.528056][ T9300] loop0: detected capacity change from 0 to 2048 [ 575.613827][ T9300] EXT4-fs (loop0): failed to initialize system zone (-117) [ 575.640099][ T9300] EXT4-fs (loop0): mount failed [ 576.977023][ T9311] netlink: 12 bytes leftover after parsing attributes in process `syz.3.656'. [ 577.768040][ T8944] 8021q: adding VLAN 0 to HW filter on device bond0 [ 578.282013][ T36] hsr_slave_0: left promiscuous mode [ 578.307748][ T36] hsr_slave_1: left promiscuous mode [ 578.366994][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 578.401244][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 578.508834][ T36] hsr_slave_0: left promiscuous mode [ 578.546588][ T36] hsr_slave_1: left promiscuous mode [ 578.577188][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 578.650370][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 578.898015][ T9320] loop0: detected capacity change from 0 to 256 [ 578.937171][ T9320] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 579.009914][ T30] audit: type=1800 audit(1757761929.716:99): pid=9320 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.658" name="file1" dev="loop0" ino=1048665 res=0 errno=0 [ 579.092283][ T36] team0 (unregistering): Port device team_slave_1 removed [ 579.198243][ T36] team0 (unregistering): Port device team_slave_0 removed [ 579.200225][ T9322] loop0: detected capacity change from 0 to 2048 [ 579.273388][ T9322] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 579.351133][ T30] audit: type=1800 audit(1757761930.066:100): pid=9322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.659" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 579.734733][ T36] team0 (unregistering): Port device team_slave_1 removed [ 579.767619][ T36] team0 (unregistering): Port device team_slave_0 removed [ 580.079000][ T9105] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 580.185398][ T9105] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 580.200344][ T9328] futex_wake_op: syz.3.660 tries to shift op by 36; fix this program [ 580.203829][ T9105] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 580.266919][ T8944] 8021q: adding VLAN 0 to HW filter on device team0 [ 580.298752][ T9328] netlink: 4 bytes leftover after parsing attributes in process `syz.3.660'. [ 580.317498][ T5870] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 580.383509][ T9105] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 580.433500][ T6556] bridge0: port 1(bridge_slave_0) entered blocking state [ 580.440858][ T6556] bridge0: port 1(bridge_slave_0) entered forwarding state [ 580.645213][ T6556] bridge0: port 2(bridge_slave_1) entered blocking state [ 580.652398][ T6556] bridge0: port 2(bridge_slave_1) entered forwarding state [ 581.217241][ T9344] loop1: detected capacity change from 0 to 256 [ 581.300511][ T9344] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 581.582970][ T9105] 8021q: adding VLAN 0 to HW filter on device bond0 [ 581.704416][ T9122] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 581.835061][ T9122] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 581.907183][ T9353] loop1: detected capacity change from 0 to 256 [ 581.927416][ T9122] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 581.937459][ T9353] exfat: Unknown parameter 'smackfsroot' [ 581.989312][ T9105] 8021q: adding VLAN 0 to HW filter on device team0 [ 582.106846][ T9122] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 582.267964][ T6556] bridge0: port 1(bridge_slave_0) entered blocking state [ 582.275178][ T6556] bridge0: port 1(bridge_slave_0) entered forwarding state [ 582.348499][ T9362] loop1: detected capacity change from 0 to 1024 [ 582.380821][ T9362] EXT4-fs: Ignoring removed nomblk_io_submit option [ 582.494564][ T9362] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 582.500356][ T6556] bridge0: port 2(bridge_slave_1) entered blocking state [ 582.513860][ T6556] bridge0: port 2(bridge_slave_1) entered forwarding state [ 583.268712][ T9373] overlay: ./file1 is not a directory [ 584.821767][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 585.244075][ T9378] netlink: 12 bytes leftover after parsing attributes in process `syz.1.666'. [ 585.947931][ T9122] 8021q: adding VLAN 0 to HW filter on device bond0 [ 586.095461][ T9122] 8021q: adding VLAN 0 to HW filter on device team0 [ 586.245855][ T6556] bridge0: port 1(bridge_slave_0) entered blocking state [ 586.253051][ T6556] bridge0: port 1(bridge_slave_0) entered forwarding state [ 586.327222][ T6556] bridge0: port 2(bridge_slave_1) entered blocking state [ 586.334489][ T6556] bridge0: port 2(bridge_slave_1) entered forwarding state [ 586.587797][ T9391] loop1: detected capacity change from 0 to 256 [ 586.806275][ T9391] FAT-fs (loop1): Directory bread(block 64) failed [ 586.878245][ T9391] FAT-fs (loop1): Directory bread(block 65) failed [ 586.939814][ T9391] FAT-fs (loop1): Directory bread(block 66) failed [ 586.970668][ T9391] FAT-fs (loop1): Directory bread(block 67) failed [ 586.977340][ T9391] FAT-fs (loop1): Directory bread(block 68) failed [ 587.079747][ T9391] FAT-fs (loop1): Directory bread(block 69) failed [ 587.108598][ T9391] FAT-fs (loop1): Directory bread(block 70) failed [ 587.141716][ T9391] FAT-fs (loop1): Directory bread(block 71) failed [ 587.169932][ T9391] FAT-fs (loop1): Directory bread(block 72) failed [ 587.176552][ T9391] FAT-fs (loop1): Directory bread(block 73) failed [ 587.661077][ T5180] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 587.675916][ T5180] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 587.695479][ T5180] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 587.708612][ T5180] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 587.742431][ T5180] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 587.924738][ T9105] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 588.905402][ T9419] loop1: detected capacity change from 0 to 512 [ 589.707452][ T9419] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 591.720225][ T5887] Bluetooth: hci3: command tx timeout [ 591.733612][ T9419] EXT4-fs (loop1): 1 truncate cleaned up [ 591.741500][ T9419] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 591.900006][ T9122] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 592.027648][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 592.590463][ T5988] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 592.626440][ T9432] loop0: detected capacity change from 0 to 256 [ 592.715695][ T9432] exfat: Unknown parameter 'smackfsroot' [ 592.799757][ T5988] usb 2-1: Using ep0 maxpacket: 8 [ 592.837090][ T5988] usb 2-1: config 1 interface 0 altsetting 127 bulk endpoint 0x82 has invalid maxpacket 8 [ 592.923791][ T5988] usb 2-1: config 1 interface 0 altsetting 127 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 592.988257][ T5988] usb 2-1: config 1 interface 0 has no altsetting 0 [ 593.015525][ T5988] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 593.042814][ T5988] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 593.068549][ T5988] usb 2-1: Product: 鵅Ḝ군챲剌슸ᖁ뵊牭祫궅ꦽ≻쬛幷頻뀫勛؏巻竏귺歔㊥鲌㉌腚䷫畤葬㡴⛇擔᝘豞祍ꃊ阫蚼擬墪ꉐၧ䃤ꖰ큓Ҥ膶牖⯒뇀て侕턟㥠釃ॼࡣ棢蹽䓉懨鹁 [ 593.158472][ T6051] bridge_slave_1: left allmulticast mode [ 593.174640][ T5988] usb 2-1: Manufacturer: 㠁 [ 593.179268][ T5988] usb 2-1: SerialNumber: ည [ 593.189631][ T6051] bridge_slave_1: left promiscuous mode [ 593.205672][ T6051] bridge0: port 2(bridge_slave_1) entered disabled state [ 593.252732][ T9428] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 593.269799][ T9428] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 593.301811][ T6051] bridge_slave_0: left allmulticast mode [ 593.327860][ T6051] bridge_slave_0: left promiscuous mode [ 593.415795][ T9441] 9pnet_fd: Insufficient options for proto=fd [ 593.769845][ T5887] Bluetooth: hci3: command tx timeout [ 594.017803][ T6051] bridge0: port 1(bridge_slave_0) entered disabled state [ 594.027455][ T5988] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22 [ 594.051027][ T5988] usb 2-1: USB disconnect, device number 6 [ 594.542206][ T6051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 594.585205][ T6051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 594.605123][ T6051] bond0 (unregistering): Released all slaves [ 594.637954][ T9448] loop1: detected capacity change from 0 to 2048 [ 594.702091][ T9448] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 594.801784][ T9105] veth0_vlan: entered promiscuous mode [ 594.815139][ T9105] veth1_vlan: entered promiscuous mode [ 594.846608][ T9105] veth0_macvtap: entered promiscuous mode [ 594.857443][ T9105] veth1_macvtap: entered promiscuous mode [ 594.952145][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 595.122644][ T9105] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 595.291775][ T9105] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 596.577313][ T5887] Bluetooth: hci3: command tx timeout [ 597.350057][ T3480] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 597.380228][ T12] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 597.389010][ T12] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 597.596226][ T9122] veth0_vlan: entered promiscuous mode [ 597.737527][ T12] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 598.017357][ T9473] loop1: detected capacity change from 0 to 2048 [ 598.094811][ T6051] hsr_slave_0: left promiscuous mode [ 598.108816][ T6051] hsr_slave_1: left promiscuous mode [ 598.119248][ T6038] Alternate GPT is invalid, using primary GPT. [ 598.145518][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 598.154149][ T6038] loop1: p1 p2 p3 [ 598.157905][ T6038] loop1: partition table partially beyond EOD, truncated [ 598.172772][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 598.229530][ T9473] Alternate GPT is invalid, using primary GPT. [ 598.263873][ T9473] loop1: p1 p2 p3 [ 598.267865][ T9473] loop1: partition table partially beyond EOD, truncated [ 598.650273][ T5180] Bluetooth: hci3: command tx timeout [ 598.830657][ T6038] udevd[6038]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 598.843487][ T6037] udevd[6037]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 598.853611][ T5944] udevd[5944]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 598.926725][ T5944] udevd[5944]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 598.939489][ T6038] udevd[6038]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 598.989286][ T6038] udevd[6038]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 600.121943][ T6051] team0 (unregistering): Port device team_slave_1 removed [ 600.176957][ T9490] loop1: detected capacity change from 0 to 512 [ 600.218619][ T6051] team0 (unregistering): Port device team_slave_0 removed [ 600.244242][ T9490] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.683: casefold flag without casefold feature [ 600.298876][ T9490] EXT4-fs error (device loop1): ext4_orphan_get:1395: comm syz.1.683: couldn't read orphan inode 15 (err -117) [ 600.326640][ T9490] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 601.371664][ T9122] veth1_vlan: entered promiscuous mode [ 602.234226][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 602.312417][ T9122] veth0_macvtap: entered promiscuous mode [ 602.388263][ T9122] veth1_macvtap: entered promiscuous mode [ 602.561348][ T9510] loop1: detected capacity change from 0 to 256 [ 602.744488][ T9122] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 602.798564][ T9122] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 602.830357][ T9513] syz.1.685: attempt to access beyond end of device [ 602.830357][ T9513] loop1: rw=524288, sector=256, nr_sectors = 20 limit=256 [ 602.905539][ T9513] syz.1.685: attempt to access beyond end of device [ 602.905539][ T9513] loop1: rw=0, sector=256, nr_sectors = 8 limit=256 [ 602.921283][ T9403] chnl_net:caif_netlink_parms(): no params data found [ 603.075135][ T36] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 603.119710][ T36] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 603.213180][ T30] audit: type=1800 audit(1757761953.926:101): pid=9513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.685" name="file2" dev="loop1" ino=1048667 res=0 errno=0 [ 603.246330][ T3480] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 604.919143][ T3480] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 605.163112][ T9523] loop0: detected capacity change from 0 to 2048 [ 605.248206][ T9523] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 605.569412][ T5870] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 605.896911][ T5887] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 605.910192][ T5887] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 605.916976][ T9534] overlayfs: missing 'lowerdir' [ 605.918905][ T5887] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 605.935493][ T5887] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 605.955488][ T5887] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 607.619463][ T9549] loop0: detected capacity change from 0 to 128 [ 607.895888][ T5180] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 607.905012][ T5180] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 607.913390][ T5180] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 607.922489][ T5180] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 607.935955][ T6051] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 607.960268][ T5180] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 608.010069][ T5887] Bluetooth: hci4: command tx timeout [ 608.361513][ T9403] bridge0: port 1(bridge_slave_0) entered blocking state [ 608.373111][ T9403] bridge0: port 1(bridge_slave_0) entered disabled state [ 608.385094][ T9403] bridge_slave_0: entered allmulticast mode [ 608.558114][ T9403] bridge_slave_0: entered promiscuous mode [ 609.285369][ T6051] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 609.316419][ T9403] bridge0: port 2(bridge_slave_1) entered blocking state [ 609.332753][ T9403] bridge0: port 2(bridge_slave_1) entered disabled state [ 609.347026][ T9403] bridge_slave_1: entered allmulticast mode [ 609.365734][ T9403] bridge_slave_1: entered promiscuous mode [ 609.366294][ T9562] loop0: detected capacity change from 0 to 512 [ 609.421098][ T9562] journal_path: Lookup failure for './file0' [ 609.427180][ T9562] EXT4-fs: error: could not find journal device path [ 609.768448][ T9568] overlayfs: failed to resolve './file2': -2 [ 610.028151][ T5887] Bluetooth: hci1: command tx timeout [ 610.100005][ T5887] Bluetooth: hci4: command tx timeout [ 610.472867][ T6051] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 610.915464][ T9573] loop1: detected capacity change from 0 to 256 [ 611.006397][ T9573] exfat: Unknown parameter 'smackfsroot' [ 611.042545][ T6051] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 611.157920][ T9573] loop1: detected capacity change from 0 to 2048 [ 611.262808][ T9573] EXT4-fs (loop1): failed to initialize system zone (-117) [ 611.306581][ T9573] EXT4-fs (loop1): mount failed [ 611.494362][ T9403] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 611.616966][ T9403] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 611.950987][ T9403] team0: Port device team_slave_0 added [ 612.099687][ T5887] Bluetooth: hci1: command tx timeout [ 612.141810][ T9403] team0: Port device team_slave_1 added [ 612.170779][ T5887] Bluetooth: hci4: command tx timeout [ 612.271723][ T9590] overlayfs: missing 'lowerdir' [ 612.871480][ T9403] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 612.878463][ T9403] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 613.617918][ T9403] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 613.647204][ T9403] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 613.654277][ T9403] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 613.680436][ T9403] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 614.169691][ T5887] Bluetooth: hci1: command tx timeout [ 614.250216][ T5887] Bluetooth: hci4: command tx timeout [ 614.262848][ T9403] hsr_slave_0: entered promiscuous mode [ 614.989255][ T9403] hsr_slave_1: entered promiscuous mode [ 615.042092][ T9403] debugfs: 'hsr0' already exists in 'hsr' [ 615.047877][ T9403] Cannot create hsr debugfs directory [ 615.336027][ T6051] bridge_slave_1: left allmulticast mode [ 615.352882][ T6051] bridge_slave_1: left promiscuous mode [ 615.359551][ T6051] bridge0: port 2(bridge_slave_1) entered disabled state [ 615.481250][ T6051] bridge_slave_0: left allmulticast mode [ 615.486966][ T6051] bridge_slave_0: left promiscuous mode [ 615.504452][ T6051] bridge0: port 1(bridge_slave_0) entered disabled state [ 616.250427][ T5887] Bluetooth: hci1: command tx timeout [ 617.808843][ T9630] rdma_rxe: rxe_newlink: failed to add veth1_macvtap [ 617.839779][ T30] audit: type=1326 audit(1757761968.546:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9626 comm="syz.0.707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 618.093177][ T30] audit: type=1326 audit(1757761968.546:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9626 comm="syz.0.707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 618.429768][ T30] audit: type=1326 audit(1757761968.546:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9626 comm="syz.0.707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 618.538369][ T30] audit: type=1326 audit(1757761968.546:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9626 comm="syz.0.707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae0e38eba9 code=0x7ffc0000 [ 619.110440][ T6051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 619.149845][ T6051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 619.236754][ T6051] bond0 (unregistering): Released all slaves [ 620.843028][ T6051] hsr_slave_0: left promiscuous mode [ 620.851272][ T6051] hsr_slave_1: left promiscuous mode [ 620.857987][ T6051] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 620.892442][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 620.932195][ T6051] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 620.979639][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 621.126787][ T6051] veth1_macvtap: left promiscuous mode [ 621.169931][ T6051] veth0_macvtap: left promiscuous mode [ 621.175703][ T6051] veth1_vlan: left promiscuous mode [ 621.214651][ T6051] veth0_vlan: left promiscuous mode [ 622.497670][ T9675] loop1: detected capacity change from 0 to 512 [ 622.550142][ T9675] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 622.727680][ T9675] EXT4-fs (loop1): 1 truncate cleaned up [ 622.760011][ T9675] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 625.288864][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 627.247023][ T30] audit: type=1107 audit(1757761977.946:106): pid=9700 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 628.134882][ T6051] team0 (unregistering): Port device team_slave_1 removed [ 628.389052][ T6051] team0 (unregistering): Port device team_slave_0 removed [ 629.766899][ T9719] loop0: detected capacity change from 0 to 2048 [ 629.872732][ T9719] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 630.110116][ T30] audit: type=1800 audit(1757761980.806:107): pid=9719 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.728" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 630.582519][ T9531] chnl_net:caif_netlink_parms(): no params data found [ 630.680458][ T5870] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 631.987619][ T9550] chnl_net:caif_netlink_parms(): no params data found [ 633.450204][ T9531] bridge0: port 1(bridge_slave_0) entered blocking state [ 633.457402][ T9531] bridge0: port 1(bridge_slave_0) entered disabled state [ 633.505771][ T9531] bridge_slave_0: entered allmulticast mode [ 633.530621][ T9531] bridge_slave_0: entered promiscuous mode [ 633.553799][ T9797] loop0: detected capacity change from 0 to 1024 [ 633.565833][ T9531] bridge0: port 2(bridge_slave_1) entered blocking state [ 633.581525][ T9797] EXT4-fs: Ignoring removed nobh option [ 633.587551][ T9797] EXT4-fs: inline encryption not supported [ 633.597257][ T9531] bridge0: port 2(bridge_slave_1) entered disabled state [ 633.635296][ T9531] bridge_slave_1: entered allmulticast mode [ 633.640002][ T9797] EXT4-fs: Ignoring removed bh option [ 633.658581][ T9531] bridge_slave_1: entered promiscuous mode [ 633.714319][ T9797] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 633.735542][ T9752] loop1: detected capacity change from 0 to 40427 [ 633.800882][ T9752] F2FS-fs (loop1): Small segment_count (9 < 1 * 24) [ 633.807554][ T9752] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 633.950931][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 633.957313][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 633.989263][ T9550] bridge0: port 1(bridge_slave_0) entered blocking state [ 634.017136][ T9550] bridge0: port 1(bridge_slave_0) entered disabled state [ 634.057774][ T9550] bridge_slave_0: entered allmulticast mode [ 634.098659][ T9550] bridge_slave_0: entered promiscuous mode [ 634.126625][ T9550] bridge0: port 2(bridge_slave_1) entered blocking state [ 634.134679][ T9550] bridge0: port 2(bridge_slave_1) entered disabled state [ 634.141992][ T9550] bridge_slave_1: entered allmulticast mode [ 634.149973][ T9550] bridge_slave_1: entered promiscuous mode [ 634.471526][ T9531] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 634.543897][ T9531] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 634.770378][ T9752] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 634.801822][ T9752] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 634.808888][ T9752] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 634.947846][ T5870] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 635.422034][ T9531] team0: Port device team_slave_0 added [ 635.866181][ T6051] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 635.969875][ T9531] team0: Port device team_slave_1 added [ 636.072073][ T9550] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 636.413679][ T6051] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 636.628933][ T9826] 9pnet_fd: Insufficient options for proto=fd [ 637.137956][ T9550] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 637.188590][ T9531] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 637.195747][ T9531] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 637.222041][ T9531] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 637.235414][ T9531] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 637.242452][ T9531] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 637.268593][ T9531] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 637.492685][ T6051] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 638.899721][ T6051] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 638.976187][ T9550] team0: Port device team_slave_0 added [ 639.085922][ T9531] hsr_slave_0: entered promiscuous mode [ 639.113612][ T9531] hsr_slave_1: entered promiscuous mode [ 639.137249][ T9531] debugfs: 'hsr0' already exists in 'hsr' [ 639.144859][ T9531] Cannot create hsr debugfs directory [ 639.304061][ T9403] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 639.420740][ T9550] team0: Port device team_slave_1 added [ 639.717595][ T9842] loop1: detected capacity change from 0 to 512 [ 639.910384][ T9842] EXT4-fs (loop1): blocks per group (95) and clusters per group (32768) inconsistent [ 640.199090][ T9842] loop1: detected capacity change from 0 to 256 [ 640.215227][ T9842] vfat: Bad value for 'fmask' [ 641.362210][ T9403] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 643.277791][ T9867] 9pnet_fd: Insufficient options for proto=fd [ 643.629935][ T9403] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 643.788758][ T9403] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 643.890459][ T9550] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 643.916224][ T9550] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 644.000012][ T9550] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 644.031482][ T9550] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 644.038456][ T9550] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 644.070528][ T9550] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 645.881835][ T6051] bridge_slave_1: left allmulticast mode [ 645.896449][ T6051] bridge_slave_1: left promiscuous mode [ 645.912369][ T6051] bridge0: port 2(bridge_slave_1) entered disabled state [ 646.002926][ T6051] bridge_slave_0: left allmulticast mode [ 646.023600][ T6051] bridge_slave_0: left promiscuous mode [ 646.037232][ T6051] bridge0: port 1(bridge_slave_0) entered disabled state [ 647.505596][ T9901] overlayfs: failed to clone upperpath [ 648.644448][ T9907] loop0: detected capacity change from 0 to 256 [ 648.654005][ T9907] exfat: Deprecated parameter 'utf8' [ 648.659396][ T9907] exfat: Deprecated parameter 'namecase' [ 648.689917][ T9907] exfat: Bad value for 'namecase' [ 648.926081][ T5180] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 648.939864][ T5180] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 648.949108][ T5180] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 648.960622][ T5180] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 648.968551][ T5180] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 649.493771][ T9916] loop1: detected capacity change from 0 to 512 [ 650.284812][ T9916] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 651.021467][ T9916] EXT4-fs (loop1): 1 truncate cleaned up [ 651.053028][ T9916] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 651.176342][ T5180] Bluetooth: hci3: command tx timeout [ 651.693605][ T9926] netlink: 340 bytes leftover after parsing attributes in process `syz.0.762'. [ 652.088031][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 652.487248][ T6051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 653.379805][ T5180] Bluetooth: hci3: command tx timeout [ 653.390398][ T6051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 653.465654][ T6051] bond0 (unregistering): Released all slaves [ 655.343197][ T9550] hsr_slave_0: entered promiscuous mode [ 655.350784][ T9550] hsr_slave_1: entered promiscuous mode [ 655.357342][ T9550] debugfs: 'hsr0' already exists in 'hsr' [ 655.363851][ T9550] Cannot create hsr debugfs directory [ 655.986863][ T5180] Bluetooth: hci3: command tx timeout [ 657.452294][ T9958] [ 657.455055][ T9958] ============================= [ 657.460128][ T9958] WARNING: suspicious RCU usage [ 657.465124][ T9958] syzkaller #0 Not tainted [ 657.469912][ T9958] ----------------------------- [ 657.474852][ T9958] kernel/events/callchain.c:163 suspicious rcu_dereference_check() usage! [ 657.483755][ T9958] [ 657.483755][ T9958] other info that might help us debug this: [ 657.483755][ T9958] [ 657.494160][ T9958] [ 657.494160][ T9958] rcu_scheduler_active = 2, debug_locks = 1 [ 657.502357][ T9958] 1 lock held by syz.0.772/9958: [ 657.507566][ T9958] #0: ffffffff8e5c0c20 (rcu_read_lock_trace){....}-{0:0}, at: bpf_prog_test_run_syscall+0x344/0x780 [ 657.518795][ T9958] [ 657.518795][ T9958] stack backtrace: [ 657.524762][ T9958] CPU: 0 UID: 0 PID: 9958 Comm: syz.0.772 Not tainted syzkaller #0 PREEMPT(full) [ 657.524809][ T9958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 657.524832][ T9958] Call Trace: [ 657.524844][ T9958] [ 657.524861][ T9958] dump_stack_lvl+0x16c/0x1f0 [ 657.524935][ T9958] lockdep_rcu_suspicious+0x166/0x260 [ 657.525001][ T9958] get_callchain_entry+0x278/0x3f0 [ 657.525063][ T9958] get_perf_callchain+0xdb/0x760 [ 657.525148][ T9958] ? __pfx_get_perf_callchain+0x10/0x10 [ 657.525236][ T9958] ? __pfx___schedule+0x10/0x10 [ 657.525287][ T9958] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.525352][ T9958] ? trace_sched_set_need_resched_tp+0xf3/0x150 [ 657.525410][ T9958] __bpf_get_stack+0x4f5/0xa10 [ 657.525494][ T9958] ? __pfx___bpf_get_stack+0x10/0x10 [ 657.525551][ T9958] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.525604][ T9958] bpf_get_stack+0x32/0x40 [ 657.525658][ T9958] bpf_get_stack_raw_tp+0x1dd/0x280 [ 657.525708][ T9958] bpf_prog_b8a90dd1efcc4ad9+0x46/0x4e [ 657.525743][ T9958] bpf_prog_test_run_syscall+0x5b3/0x780 [ 657.525808][ T9958] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 657.525869][ T9958] ? fput+0x9b/0xd0 [ 657.525911][ T9958] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.525955][ T9958] ? __bpf_prog_get+0x97/0x2a0 [ 657.526013][ T9958] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 657.526073][ T9958] __sys_bpf+0x1050/0x4de0 [ 657.526113][ T9958] ? __pfx_futex_wake+0x10/0x10 [ 657.526150][ T9958] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.526201][ T9958] ? __pfx___sys_bpf+0x10/0x10 [ 657.526245][ T9958] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.526299][ T9958] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.526342][ T9958] ? do_futex+0x122/0x350 [ 657.526403][ T9958] ? __pfx_do_futex+0x10/0x10 [ 657.526487][ T9958] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.526532][ T9958] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.526580][ T9958] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.526624][ T9958] ? xfd_validate_state+0x61/0x180 [ 657.526695][ T9958] __x64_sys_bpf+0x78/0xc0 [ 657.526738][ T9958] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.526781][ T9958] ? lockdep_hardirqs_on+0x7c/0x110 [ 657.526838][ T9958] do_syscall_64+0xcd/0x4e0 [ 657.526901][ T9958] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 657.526938][ T9958] RIP: 0033:0x7fae0e38eba9 [ 657.526967][ T9958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 657.527004][ T9958] RSP: 002b:00007fae0f26b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 657.527039][ T9958] RAX: ffffffffffffffda RBX: 00007fae0e5d5fa0 RCX: 00007fae0e38eba9 [ 657.527064][ T9958] RDX: 000000000000000c RSI: 00002000000004c0 RDI: 000000000000000a [ 657.527087][ T9958] RBP: 00007fae0e411e19 R08: 0000000000000000 R09: 0000000000000000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 657.527110][ T9958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 657.527132][ T9958] R13: 00007fae0e5d6038 R14: 00007fae0e5d5fa0 R15: 00007ffcca91afe8 [ 657.527180][ T9958] [ 658.065296][ T5887] Bluetooth: hci3: command tx timeout [ 658.989925][ T6051] hsr_slave_0: left promiscuous mode [ 659.109673][ T6051] hsr_slave_1: left promiscuous mode [ 659.116025][ T6051] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 659.142391][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 659.163602][ T6051] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 659.189746][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 659.299528][ T6051] veth1_macvtap: left promiscuous mode [ 659.360993][ T6051] veth0_macvtap: left promiscuous mode [ 659.366680][ T6051] veth1_vlan: left promiscuous mode [ 659.406233][ T6051] veth0_vlan: left promiscuous mode [ 660.301870][ T6051] team0 (unregistering): Port device team_slave_1 removed [ 660.336408][ T6051] team0 (unregistering): Port device team_slave_0 removed [ 662.002960][ T6051] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 662.134110][ T6051] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 662.226896][ T6051] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 662.332530][ T6051] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 663.750606][ T6051] bridge_slave_1: left allmulticast mode [ 663.756390][ T6051] bridge_slave_1: left promiscuous mode [ 663.769955][ T6051] bridge0: port 2(bridge_slave_1) entered disabled state [ 663.783992][ T6051] bridge_slave_0: left allmulticast mode [ 663.797662][ T6051] bridge_slave_0: left promiscuous mode [ 663.804855][ T6051] bridge0: port 1(bridge_slave_0) entered disabled state [ 663.826576][ T6051] bridge_slave_1: left allmulticast mode [ 663.832954][ T6051] bridge_slave_1: left promiscuous mode [ 663.838681][ T6051] bridge0: port 2(bridge_slave_1) entered disabled state [ 663.848012][ T6051] bridge_slave_0: left allmulticast mode [ 663.857244][ T6051] bridge_slave_0: left promiscuous mode [ 663.863397][ T6051] bridge0: port 1(bridge_slave_0) entered disabled state [ 664.172353][ T6051] bond0 (unregistering): Released all slaves [ 664.286406][ T6051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 664.298443][ T6051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 664.310612][ T6051] bond0 (unregistering): Released all slaves [ 664.603402][ T6051] bond0 (unregistering): Released all slaves [ 664.881823][ T6051] bond0 (unregistering): Released all slaves [ 665.007652][ T6051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 665.020568][ T6051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 665.033763][ T6051] bond0 (unregistering): Released all slaves [ 667.178978][ T6051] hsr_slave_0: left promiscuous mode [ 667.198911][ T6051] hsr_slave_1: left promiscuous mode [ 667.218982][ T6051] hsr_slave_0: left promiscuous mode [ 667.229061][ T6051] hsr_slave_1: left promiscuous mode [ 667.241765][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 667.255314][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 667.276108][ T6051] hsr_slave_0: left promiscuous mode [ 667.284966][ T6051] hsr_slave_1: left promiscuous mode [ 667.306752][ T6051] hsr_slave_0: left promiscuous mode [ 667.318337][ T6051] hsr_slave_1: left promiscuous mode [ 667.336902][ T6051] hsr_slave_0: left promiscuous mode [ 667.345427][ T6051] hsr_slave_1: left promiscuous mode [ 667.357194][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 667.366402][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 667.415934][ T6051] veth1_macvtap: left promiscuous mode [ 667.425247][ T6051] veth0_macvtap: left promiscuous mode [ 667.434119][ T6051] veth1_vlan: left promiscuous mode [ 667.439458][ T6051] veth0_vlan: left promiscuous mode [ 667.452155][ T6051] veth0_vlan: left promiscuous mode