last executing test programs: 21.89566575s ago: executing program 3 (id=848): syz_open_dev$tty1(0xc, 0x4, 0x1) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x18, 0x2000000000000013, &(0x7f0000000840)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x6b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) socket$can_raw(0x1d, 0x3, 0x1) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000005000000fd0900008500000041000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000180)="ff5fb99772024dca4128654351fb3280df65", 0x800, r4}, 0x38) bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000680), &(0x7f0000000540), 0x6c, r4}, 0x38) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{0x1, 0xffffffffffffffff}, &(0x7f0000000040), &(0x7f00000000c0)=r0}, 0x1c) r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20) r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0300000004000000040000000a0000", @ANYRES32=0x1, @ANYBLOB="04000000000000ffffffff565e8e1abb0f74ff0000379c7f02d2c909000000000000", @ANYRES32, @ANYBLOB="030000000800"/28], 0x50) r8 = openat$dlm_monitor(0xffffff9c, &(0x7f00000006c0), 0x4900, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x1e, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x400}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @btf_id={0x18, 0xd, 0x3, 0x0, 0x2}, @ringbuf_query], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000480)='syzkaller\x00', 0x2, 0xda, &(0x7f00000004c0)=""/218, 0x41000, 0x6, '\x00', 0x0, 0x0, r6, 0x8, &(0x7f00000005c0)={0x6, 0x3}, 0x8, 0x10, &(0x7f0000000600)={0x1, 0x10, 0xa5e, 0x4}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000700)=[0x1, r7, r8], 0x0, 0x10, 0x8}, 0x94) 18.953324539s ago: executing program 3 (id=854): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0) pselect6(0x40, &(0x7f0000001740)={0x1, 0x6, 0xf, 0x2, 0x28178de5, 0xa, 0x400, 0x4}, &(0x7f0000001780)={0xe, 0xffffffffffffffa1, 0x8, 0x9, 0xffff, 0x9, 0x5, 0x4}, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x380000c, &(0x7f0000000340)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@debug}, {@data_journal}]}, 0x1, 0x437, &(0x7f0000000900)="$eJzs289PHFUcAPDv7EKR/hBs6o/Sqmg1En9AobX24EWjiQdNTPRQjwi0wW6LKZjYhigaU4+miXfj0cS/wJNejHoy8ap306QxXFo9rZndGdhddrdAF7a6n08y8N7MW9777szbfW8eE0DPGk1/JBH7I+L3iBiqZusLjFZ/3Vpdnvl7dXkmiXL5rb+SSrmbq8szedH8dfvyTF9E4bMkjjSpd/HylfPTpdLcpSw/sXTh/YnFy1eem78wfW7u3NzFqdOnT56YfOHU1PMdiTON6+bIRwtHD7/2zrU3Zs5ce/fnb5M8/oY4OmS03cEny+UOV9ddB2rSSV8XG8KWFKvdNPor/X8oirF+8obi1U+72jhgR5XL5fIDrQ+vlIH/sSS63QKgO/Iv+nT+m2+7NPS4K9x4qToBSuO+lW3VI31RyMr0N8xvO2k0Is6s/PNVusXO3IcAAKjzfTr+ebbZ+K8QtfeF7s3WUIYj4r6IOBgRpyLiUETcH1Ep+2BEPNSskqR1/Y2LJBvHP4Xr2w5uE9Lx34vZ2lb9+C8f/cVwMcsdqMTfn5ydL80dz96TsegfSPOTber44ZXfvmh1rHb8l25p/flYMGvH9b6B+tfMTi9N30nMtW58EjHS1yz+ZG0lID19hyNiZJt1zD/9zdFWx24ffxsdWGcqfx3xVPX8r0RD/Lmk/frkxD1Rmjs+kV8VG/3y69U3W9V/R/F3QHr+9za9/tfiH05q12sXt17H1T8+bzmn2e71vyd5u27fh9NLS5cmI/Ykr1cbXbt/qqHc1Hr5NP6xY837/8FYfyeORER6ET8cEY9ExKNZ2x+LiMcj4lib+H96+Yn3thf/QJu/2hlp/LNbOv/riT3RuKd5onj+x+/qKh3ebPyRnf+TldRYtmczn3+badf2rmYAAAD47ylExP5ICuNr6UJhfLz6P/yHYm+htLC49MzZhQ8uzlafERiO/kJ+p2uo5n7oZDatz/NTDfkT2X3jL4uDlfz4zEJpttvBQ4/b16L/p/4sdrt1wI7zvBb0Lv0fepf+D71L/4fe1aT/D3ajHcDua/b9/3EX2gHsvob+b9kPeoj5P/Qu/R96l/4PPWlxMG7/kLyExIZEFO6KZkjsUKLbn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//zpS5t0=") openat(0xffffffffffffff9c, 0x0, 0x42, 0x80) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x10042, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[], 0x0, 0x4d, 0x0, 0x1}, 0x28) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000700)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f0000000480), 0x400034f, 0x2, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x14b302, 0x8c) r7 = syz_open_dev$ndb(&(0x7f0000000400), 0x0, 0x0) ioctl$NBD_SET_SOCK(r7, 0x80081280, 0xffffffffffffffff) pwritev2(r6, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0) sendfile(r2, r2, 0x0, 0x1000000000007) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) ioctl$XFS_IOC_OPEN_BY_HANDLE(r0, 0xc038586b, &(0x7f0000000100)={r1, 0x0, 0x20000, &(0x7f0000000040)={@align, {0x9, 0x80, 0x4b4, 0x401}}, 0x0, &(0x7f0000000080), 0x0}) 14.554047311s ago: executing program 3 (id=860): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) bind$netlink(r1, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc) getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r0, &(0x7f0000024c80)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000024d40)=ANY=[@ANYBLOB="4400000010000d042abd7000077bf70000000000", @ANYRES32=r2, @ANYBLOB="01000000000000002400128009000100626f6e64000000001400028005000100060000"], 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x0) socket(0x10, 0x3, 0x0) 14.450697595s ago: executing program 3 (id=862): r0 = openat$tun(0xffffffffffffff9c, 0x0, 0xc0100, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) open$dir(&(0x7f0000000040)='./file0\x00', 0x100, 0x20) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xfc}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0) r4 = socket$netlink(0x10, 0x3, 0x15) writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)="39000000130003470fbb65e1c3e4ffff060060001600000056000000250000001900b3c0b6d20300070a0000000084db26b9e4e20000000000", 0x39}], 0x1) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x1f8, 0x0, 0x720d, 0x148, 0xd0, 0x148, 0x188, 0x240, 0x240, 0x188, 0x240, 0x7fffffe, 0x0, {[{{@ip={@multicast1, @rand_addr=0x64010100, 0xff, 0xff000000, 'veth1_to_hsr\x00', 'dvmrp1\x00', {0xff}, {}, 0xff, 0x3, 0x30}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x1, 0x1e04, 0x2, 0x3, 0x300], 0x0, 0x2}, {0xffffffffffffffff, [0x7, 0xb2cc575b459b5b36, 0x4, 0x1, 0x3], 0x6, 0x7}}}}, {{@ip={@broadcast, @multicast1, 0xff000000, 0xffffffff, 'sit0\x00', 'vlan1\x00', {0xff}, {0xff}, 0x1, 0x3, 0x40}, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x258) write$FUSE_INIT(r5, 0x0, 0x0) 13.110721935s ago: executing program 3 (id=868): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000024c80)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000024d40)=ANY=[@ANYBLOB="4400000010000d042abd7000077bf7", @ANYBLOB="010000000000000024001280090001"], 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x0) 10.95881868s ago: executing program 3 (id=870): socket$pppl2tp(0x18, 0x1, 0x1) socket$inet6_udp(0xa, 0x2, 0x0) openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0) pselect6(0x40, &(0x7f0000001740)={0x1, 0x6, 0xf, 0x2, 0x28178de5, 0xa, 0x400, 0x4}, &(0x7f0000001780)={0xe, 0xffffffffffffffa1, 0x8, 0x9, 0xffff, 0x9, 0x5, 0x4}, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x380000c, &(0x7f0000000340)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@debug}, {@data_journal}]}, 0x1, 0x437, &(0x7f0000000900)="$eJzs289PHFUcAPDv7EKR/hBs6o/Sqmg1En9AobX24EWjiQdNTPRQjwi0wW6LKZjYhigaU4+miXfj0cS/wJNejHoy8ap306QxXFo9rZndGdhddrdAF7a6n08y8N7MW9777szbfW8eE0DPGk1/JBH7I+L3iBiqZusLjFZ/3Vpdnvl7dXkmiXL5rb+SSrmbq8szedH8dfvyTF9E4bMkjjSpd/HylfPTpdLcpSw/sXTh/YnFy1eem78wfW7u3NzFqdOnT56YfOHU1PMdiTON6+bIRwtHD7/2zrU3Zs5ce/fnb5M8/oY4OmS03cEny+UOV9ddB2rSSV8XG8KWFKvdNPor/X8oirF+8obi1U+72jhgR5XL5fIDrQ+vlIH/sSS63QKgO/Iv+nT+m2+7NPS4K9x4qToBSuO+lW3VI31RyMr0N8xvO2k0Is6s/PNVusXO3IcAAKjzfTr+ebbZ+K8QtfeF7s3WUIYj4r6IOBgRpyLiUETcH1Ep+2BEPNSskqR1/Y2LJBvHP4Xr2w5uE9Lx34vZ2lb9+C8f/cVwMcsdqMTfn5ydL80dz96TsegfSPOTber44ZXfvmh1rHb8l25p/flYMGvH9b6B+tfMTi9N30nMtW58EjHS1yz+ZG0lID19hyNiZJt1zD/9zdFWx24ffxsdWGcqfx3xVPX8r0RD/Lmk/frkxD1Rmjs+kV8VG/3y69U3W9V/R/F3QHr+9za9/tfiH05q12sXt17H1T8+bzmn2e71vyd5u27fh9NLS5cmI/Ykr1cbXbt/qqHc1Hr5NP6xY837/8FYfyeORER6ET8cEY9ExKNZ2x+LiMcj4lib+H96+Yn3thf/QJu/2hlp/LNbOv/riT3RuKd5onj+x+/qKh3ebPyRnf+TldRYtmczn3+badf2rmYAAAD47ylExP5ICuNr6UJhfLz6P/yHYm+htLC49MzZhQ8uzlafERiO/kJ+p2uo5n7oZDatz/NTDfkT2X3jL4uDlfz4zEJpttvBQ4/b16L/p/4sdrt1wI7zvBb0Lv0fepf+D71L/4fe1aT/D3ajHcDua/b9/3EX2gHsvob+b9kPeoj5P/Qu/R96l/4PPWlxMG7/kLyExIZEFO6KZkjsUKLbn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//zpS5t0=") openat(0xffffffffffffff9c, 0x0, 0x42, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x10042, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0, 0x4d, 0x0, 0x1}, 0x28) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000700)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x5, 0x9, 0x7, 0x9, 0x102, 0x1}, 0x50) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x14b302, 0x8c) syz_open_dev$ndb(&(0x7f0000000400), 0x0, 0x0) pwritev2(r4, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0) sendfile(r0, r0, 0x0, 0x1000000000007) 9.722005987s ago: executing program 1 (id=873): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xe, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0xc) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000140)={'#! ', './file0', [{0x20, '\x00'}, {0x20, '%1'}, {0x20, '\x00'}], 0xa, "ad779290dc72dd4cac5bcb152bc6d08acbe7631a0bf57bbf833e891e09fdbaadaa2b93785ad5f0b70fbf5c1a77fb6669712c237cea9f69ad22088d513a3f198eb9bd1c71a5a98bdb01e8a8b4881e7f31751fe76801feff227a2091d05922d637e45e8d"}, 0x75) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x0, 0x32, 0x1, 0x20, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0xd0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}) ioctl$FBIOGETCMAP(r0, 0x4604, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE_CTL(r0, 0x40049421, 0x2) 8.779708855s ago: executing program 1 (id=878): sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)={0x84, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0x64, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8e}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xff}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x17a0000}]}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8827}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x4008840}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB='L\x00\x00\x00!'], 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) 8.678576299s ago: executing program 1 (id=880): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r2}]}, 0x20}}, 0x0) 6.130740995s ago: executing program 1 (id=883): socket$inet_sctp(0x2, 0x1, 0x84) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) syz_emit_ethernet(0x86, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f81fcb", 0x50, 0x3a, 0x0, @private0, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "4aa198", 0x0, 0x3c, 0x0, @ipv4, @ipv4={'\x00', '\xff\xff', @loopback}, [@srh={0x2f, 0x2, 0x4, 0x1, 0x0, 0x0, 0x0, [@private0]}, @fragment]}}}}}}}, 0x0) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = socket(0x2, 0x3, 0xf8) sendto$unix(r2, 0x0, 0xffffffffffffff84, 0x48850, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e20}, 0x6e) connect$pppl2tp(r2, &(0x7f00000005c0)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x0, 0x5, 0x3, 0x4, {0xa, 0x4e24, 0x5, @remote, 0xff000000}}}, 0x32) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) r3 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000200)={0x6, {{0xa, 0x3, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0xfffd, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000010000100f7000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc08000340000000144c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000200003801c0000800c00018006000100d10300000c000440000000000000000114000000110001"], 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@ipv6_newrule={0x2c, 0x20, 0x2d2c6d60ea1da725, 0x70bd2b, 0x25dfdbf9, {0xa, 0x0, 0x0, 0xcd, 0xff, 0x0, 0x0, 0x1}, [@FIB_RULE_POLICY=@FRA_PRIORITY={0x8}, @FIB_RULE_POLICY=@FRA_FWMARK={0x8, 0xa, 0xe}]}, 0x2c}, 0x1, 0x0, 0x0, 0x845}, 0x4008004) sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002f40)=ANY=[@ANYBLOB="40000000210a010900000000000000000a0000010900020073797a31000000000900010073797a31"], 0x40}}, 0x8000) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c0000000206050000000000000000000000000005000400000000000900020073797a30000000001400078008000840000028590800064000000000050005000000400005000100060000000d000300686173683a6d6163"], 0x5c}}, 0x0) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4000080) 6.082207186s ago: executing program 4 (id=884): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8d40, 0x0) ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220) unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200) close(0x3) 5.999582859s ago: executing program 0 (id=885): syz_mount_image$fuse(0x0, 0x0, 0xe9fb82144ec686d2, 0x0, 0x0, 0x0, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() socket$nl_generic(0x10, 0x3, 0x10) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000003900), 0x34aa945a513d639, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000003c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@block_validity}, {@errors_remount}, {@noinit_itable}]}, 0x1, 0x44f, &(0x7f0000000640)="$eJzs28tvG8UfAPDvrpP219cvoSqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSoUIbVwMlp7N7Ed23nUiaH+fKRtZ3bXnfl6drwzO90A+tZI9kcSsTcifo2IoVq28YSR2l+3lxam/lpamEqiUnnjj6R63q2lhani1OJze4rMQET6SRKHW5Q7d+XqhclyeeZynh+bv/ju2NyVq8+cvzh5bubczKWJ06dPnhh/7tTEs12JM4vr1qEPZo8cfOWt669Nnbn+9o9fJ0X8TXF0yUing49XKl0urrf21aWTgR5WhA0p1bppDFb7/1CUYqXxhuLlj3taOWBLVSqVyn3tDy9WgLtYEr2uAdAbxY0+m//mW3Hr34bRR+/dfKE2Acpiv51vtSMDkebnDDbNb7tpJCLOLP79RbbFRp9DpFtUKQDgrvZtNv55umH8l48/0qh/LvT/fA1lOCLuiYj9EXEqIg5ExL0R1XPvj4gHWhWStC+/eZFk9fgnvbHp4NYhG/89n69tNY7/lgdXw6U8t68a/2By9nx55nj+nRyLwZ1ZfrxDGd+99Mtn7Y7Vj/+yLSu/GAvm9bgxsLPxM9OT85N3EnO9mx9FHBpoFX+yvBKQNd/BiDi0yTLOP/nVkSJ9uNR4bO34O+jCOlPly4gnau2/GE3xF5LO65Nj/4vyzPGx4qpY7aefr73ervw7ir8Lsvbf3fL6X45/OKlfr53beBnXfvu07Zxms9f/juTNhn3vT87PXx6P2JG8Wqt0/f6JpvMmVs7P4j92tHX/3x8r38Th7PpPIx6MiIci4uG87o9ExKMRcbRD/D+8+Ng7HeP/s138Ozv8q92RxT/d0P7FD1+79l9J7IjmPa0TpQvff9NQ6HBT/Gu2/8lq6li+Zz2/f+up1+auZgAAAPjvySb7eyNJR5fTaTo6Wvs//Adid1qenZt/6uzse5ema+8IDMdgWjzpGqp7HjqeT+uL/ERT/kT+3Pjz0q5qfnRqtjzd6+Chz+1p0/8zv5d6XTtgy3lfC/qX/g99q/49AKDPuP9D/2rR/3f1oh7A9mt1//+wB/UAtl9T/7fsB33E/B/6l/4P/Uv/h740tyvWfkleQmJVItJ/RTUktijR618mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7vgnAAD//wW66qg=") r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pwritev2(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0) clock_nanosleep(0x2, 0x0, &(0x7f0000000040), 0x0) 4.66751626s ago: executing program 4 (id=887): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) write$tun(r0, &(0x7f0000000580)={@val={0x1c, 0xf5}, @val, @mpls={[{}], @ipv6=@icmpv6={0x0, 0x6, '\x00', 0x32, 0x3a, 0x0, @mcast2, @private1, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, [{0x0, 0x1, "b0dcc4a3616748a1"}]}}}}}, 0x6c) 4.491624685s ago: executing program 4 (id=888): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)) openat$comedi(0xffffffffffffff9c, 0x0, 0x400, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x4, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f0000000140)) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) ioctl$OCFS2_IOC_GROUP_EXTEND(r0, 0x40046f01, &(0x7f0000000280)=0x8) recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) socket$kcm(0x10, 0x2, 0x4) r4 = socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x7, 0x4, 0x100, 0x10004, 0x2c}, 0x50) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r5, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30) 4.344184219s ago: executing program 0 (id=889): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002080)=@delchain={0x138, 0x65, 0x300, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0xd}}, [@TCA_RATE={0x6, 0x5, {0xb, 0x40}}, @filter_kind_options=@f_basic={{0xa}, {0x100, 0x2, [@TCA_BASIC_EMATCHES={0x20, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x401, 0x7, 0xf}, {{0x4, 0x0, 0x1}, {0x0, 0x1}}}}]}, @TCA_EMATCH_TREE_LIST={0x4}]}, @TCA_BASIC_EMATCHES={0xdc, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0xd8, 0x2, 0x0, 0x1, [@TCF_EM_META={0x34, 0x2, 0x0, 0x0, {{0x9, 0x4, 0x200}, [@TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x9]}, @TCA_EM_META_LVALUE={0x4}, @TCA_EM_META_RVALUE={0x1a, 0x3, [@TCF_META_TYPE_VAR="df504b", @TCF_META_TYPE_VAR="9c", @TCF_META_TYPE_VAR, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_VAR="4f65f6c06d4b55b3f0da"]}]}}, @TCF_EM_IPT={0x14, 0x3, 0x0, 0x0, {{0x6, 0x9, 0x7}, [@TCA_EM_IPT_HOOK={0x8}]}}, @TCF_EM_META={0x28, 0x2, 0x0, 0x0, {{0x8, 0x4, 0x6}, [@TCA_EM_META_LVALUE={0x9, 0x2, [@TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR=';']}, @TCA_EM_META_HDR={0xc, 0x1, {{0x4, 0x9, 0x2188e8564924fac6}, {0x8, 0x5}}}, @TCA_EM_META_RVALUE={0x4}]}}, @TCF_EM_META={0x64, 0x1, 0x0, 0x0, {{0x8001, 0x4, 0x5}, [@TCA_EM_META_LVALUE={0x4}, @TCA_EM_META_LVALUE={0x22, 0x2, [@TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="3d7fed9d34", @TCF_META_TYPE_VAR="3b9aa19a5093e4d1c834", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_VAR="ae2eca", @TCF_META_TYPE_INT=0x9]}, @TCA_EM_META_LVALUE={0xc, 0x2, [@TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT=0xa]}, @TCA_EM_META_LVALUE={0x23, 0x2, [@TCF_META_TYPE_VAR='\t', @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_VAR="14", @TCF_META_TYPE_VAR="ccbcd1cc4e2b", @TCF_META_TYPE_VAR="92d134", @TCF_META_TYPE_INT, @TCF_META_TYPE_VAR="dc03f5473ce1", @TCF_META_TYPE_VAR="ea0290", @TCF_META_TYPE_VAR="4ed11b"]}]}}]}]}]}}]}, 0x138}, 0x1, 0x0, 0x0, 0x40008c5}, 0x20000080) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff2}}}, 0x24}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400}) 3.33900904s ago: executing program 0 (id=890): sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4000080) 3.274529901s ago: executing program 2 (id=891): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001, 0x2400}, 0xa5, 0x4, 0x10100000}}, @TCA_TBF_BURST={0x8, 0x6, 0x3ff}]}}]}, 0x60}}, 0x44080) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x30, 0x24, 0xd0f, 0x70bd26, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xfff2, 0xa}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x5}, 0x800) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r5, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 3.218846123s ago: executing program 0 (id=892): syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/time\x00') socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) socket$kcm(0x21, 0x2, 0x2) socket$packet(0x11, 0x2, 0x300) r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) ioctl$NBD_DO_IT(r0, 0xab03) landlock_restrict_self(0xffffffffffffffff, 0xc) socket$nl_route(0x10, 0x3, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_route(0x10, 0x3, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000180), 0x4) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001400000008000200fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES32=r2], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 3.077873857s ago: executing program 4 (id=893): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000300)='devtmpfs\x00', 0x1214040, 0x0) sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, 0x0, 0x4008014) socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200001004000b"], 0x24}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000) mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={[], [], 0x2f}) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) getdents64(0xffffffffffffffff, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) 2.621974141s ago: executing program 1 (id=894): syz_mount_image$fuse(0x0, 0x0, 0xe9fb82144ec686d2, 0x0, 0x0, 0x0, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() socket$nl_generic(0x10, 0x3, 0x10) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000003900), 0x34aa945a513d639, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000003c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@block_validity}, {@errors_remount}, {@noinit_itable}]}, 0x1, 0x44f, &(0x7f0000000640)="$eJzs28tvG8UfAPDvrpP219cvoSqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSoUIbVwMlp7N7Ed23nUiaH+fKRtZ3bXnfl6drwzO90A+tZI9kcSsTcifo2IoVq28YSR2l+3lxam/lpamEqiUnnjj6R63q2lhani1OJze4rMQET6SRKHW5Q7d+XqhclyeeZynh+bv/ju2NyVq8+cvzh5bubczKWJ06dPnhh/7tTEs12JM4vr1qEPZo8cfOWt669Nnbn+9o9fJ0X8TXF0yUing49XKl0urrf21aWTgR5WhA0p1bppDFb7/1CUYqXxhuLlj3taOWBLVSqVyn3tDy9WgLtYEr2uAdAbxY0+m//mW3Hr34bRR+/dfKE2Acpiv51vtSMDkebnDDbNb7tpJCLOLP79RbbFRp9DpFtUKQDgrvZtNv55umH8l48/0qh/LvT/fA1lOCLuiYj9EXEqIg5ExL0R1XPvj4gHWhWStC+/eZFk9fgnvbHp4NYhG/89n69tNY7/lgdXw6U8t68a/2By9nx55nj+nRyLwZ1ZfrxDGd+99Mtn7Y7Vj/+yLSu/GAvm9bgxsLPxM9OT85N3EnO9mx9FHBpoFX+yvBKQNd/BiDi0yTLOP/nVkSJ9uNR4bO34O+jCOlPly4gnau2/GE3xF5LO65Nj/4vyzPGx4qpY7aefr73ervw7ir8Lsvbf3fL6X45/OKlfr53beBnXfvu07Zxms9f/juTNhn3vT87PXx6P2JG8Wqt0/f6JpvMmVs7P4j92tHX/3x8r38Th7PpPIx6MiIci4uG87o9ExKMRcbRD/D+8+Ng7HeP/s138Ozv8q92RxT/d0P7FD1+79l9J7IjmPa0TpQvff9NQ6HBT/Gu2/8lq6li+Zz2/f+up1+auZgAAAPjvySb7eyNJR5fTaTo6Wvs//Adid1qenZt/6uzse5ema+8IDMdgWjzpGqp7HjqeT+uL/ERT/kT+3Pjz0q5qfnRqtjzd6+Chz+1p0/8zv5d6XTtgy3lfC/qX/g99q/49AKDPuP9D/2rR/3f1oh7A9mt1//+wB/UAtl9T/7fsB33E/B/6l/4P/Uv/h740tyvWfkleQmJVItJ/RTUktijR618mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7vgnAAD//wW66qg=") r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pwritev2(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0) clock_nanosleep(0x2, 0x0, &(0x7f0000000040), 0x0) 1.360166519s ago: executing program 2 (id=895): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c) sendto$inet6(r0, &(0x7f0000000180)="b8", 0x1, 0x2404c8d5, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, 0x0, 0x0) 1.32881395s ago: executing program 0 (id=896): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x380000c, &(0x7f0000000340)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@debug}, {@data_journal}]}, 0x1, 0x437, &(0x7f0000000900)="$eJzs289PHFUcAPDv7EKR/hBs6o/Sqmg1En9AobX24EWjiQdNTPRQjwi0wW6LKZjYhigaU4+miXfj0cS/wJNejHoy8ap306QxXFo9rZndGdhddrdAF7a6n08y8N7MW9777szbfW8eE0DPGk1/JBH7I+L3iBiqZusLjFZ/3Vpdnvl7dXkmiXL5rb+SSrmbq8szedH8dfvyTF9E4bMkjjSpd/HylfPTpdLcpSw/sXTh/YnFy1eem78wfW7u3NzFqdOnT56YfOHU1PMdiTON6+bIRwtHD7/2zrU3Zs5ce/fnb5M8/oY4OmS03cEny+UOV9ddB2rSSV8XG8KWFKvdNPor/X8oirF+8obi1U+72jhgR5XL5fIDrQ+vlIH/sSS63QKgO/Iv+nT+m2+7NPS4K9x4qToBSuO+lW3VI31RyMr0N8xvO2k0Is6s/PNVusXO3IcAAKjzfTr+ebbZ+K8QtfeF7s3WUIYj4r6IOBgRpyLiUETcH1Ep+2BEPNSskqR1/Y2LJBvHP4Xr2w5uE9Lx34vZ2lb9+C8f/cVwMcsdqMTfn5ydL80dz96TsegfSPOTber44ZXfvmh1rHb8l25p/flYMGvH9b6B+tfMTi9N30nMtW58EjHS1yz+ZG0lID19hyNiZJt1zD/9zdFWx24ffxsdWGcqfx3xVPX8r0RD/Lmk/frkxD1Rmjs+kV8VG/3y69U3W9V/R/F3QHr+9za9/tfiH05q12sXt17H1T8+bzmn2e71vyd5u27fh9NLS5cmI/Ykr1cbXbt/qqHc1Hr5NP6xY837/8FYfyeORER6ET8cEY9ExKNZ2x+LiMcj4lib+H96+Yn3thf/QJu/2hlp/LNbOv/riT3RuKd5onj+x+/qKh3ebPyRnf+TldRYtmczn3+badf2rmYAAAD47ylExP5ICuNr6UJhfLz6P/yHYm+htLC49MzZhQ8uzlafERiO/kJ+p2uo5n7oZDatz/NTDfkT2X3jL4uDlfz4zEJpttvBQ4/b16L/p/4sdrt1wI7zvBb0Lv0fepf+D71L/4fe1aT/D3ajHcDua/b9/3EX2gHsvob+b9kPeoj5P/Qu/R96l/4PPWlxMG7/kLyExIZEFO6KZkjsUKLbn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//zpS5t0=") openat(0xffffffffffffff9c, 0x0, 0x42, 0x80) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x10042, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000700)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) bpf$MAP_CREATE(0x0, 0x0, 0x0) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f0000000480), 0x400034f, 0x2, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) syz_mount_image$fuse(0x0, 0x0, 0x3004049, 0x0, 0x1, 0x0, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x14b302, 0x8c) syz_open_dev$ndb(&(0x7f0000000400), 0x0, 0x0) pwritev2(r6, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0) sendfile(r2, r2, 0x0, 0x1000000000007) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) ioctl$XFS_IOC_OPEN_BY_HANDLE(r0, 0xc038586b, &(0x7f0000000100)={r1, 0x0, 0x20000, &(0x7f0000000040)={@align, {0x9, 0x80, 0x4b4, 0x401}}, 0x0, &(0x7f0000000080), 0x0}) 1.283476182s ago: executing program 2 (id=897): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts-cbc-aes-neon\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$nl_route_sched_retired(r1, &(0x7f0000006900)={0x0, 0x0, &(0x7f00000068c0)={&(0x7f0000006940)=@newtaction={0xc4, 0x30, 0x200, 0x70bd28, 0x25dfdbfd, {}, [{0xb0, 0x1, [@m_ipt={0xac, 0x15, 0x0, 0x0, {{0x8}, {0x28, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'security\x00'}]}, {0x5d, 0x6, "9a4326af200699d8dd14a2de58a3461bb931763cf0257419593dee5c05631b555410b5d5c24294a8305aea1086efd52d19b967c67066f1d2641971ace57b808c40152cf98bb5ce23efae3cdecac36cf051abaf5e0e1c59d818"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x40000}, 0xc044) sendmmsg$alg(r1, &(0x7f0000000800)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4800}], 0x1, 0x4ad660ee03514e5c) recvmsg$unix(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000003c0)=""/212, 0xd4}], 0x1}, 0x0) 1.136662786s ago: executing program 1 (id=898): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) syz_init_net_socket$llc(0x1a, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$rfkill(0xffffffffffffff9c, &(0x7f00000002c0), 0x80080, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a051d4dca7d2647bec1fc89398d2b9000f224891060017c4700de60beac671e8e8f00cb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c59005cff414ed55b0d18a9d446935fb332bb593ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4ac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a0000000000002248950b000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={0xffffffffffffffff, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r3}, 0x20) recvmmsg(r3, &(0x7f0000000b80)=[{{0x0, 0xffffffffffffff6c, 0x0, 0x0, 0x0, 0x52}, 0xa}], 0x360, 0x120, 0x0) 1.136266316s ago: executing program 4 (id=899): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000300)="5c00000014006b05c84e21000ab16d6e230675f802000000440002000000000000000000b556a705251e6182149a08c23d3b48dfd8cdbf9367b098fa51f60a64c9f408000000e786a6d0bdd70000b6c1504bb918689d9193e9bd1c1b", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20000800) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) socket$kcm(0x2, 0xa, 0x2) write$tun(r0, &(0x7f0000000580)={@val={0x1c, 0xf5}, @val, @mpls={[{}], @ipv6=@icmpv6={0x0, 0x6, '\x00', 0x32, 0x3a, 0x0, @mcast2, @private1, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, [{0x0, 0x1, "b0dcc4a3616748a1"}]}}}}}, 0x6c) 340.54568ms ago: executing program 2 (id=900): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f00000002c0)=0x9, 0x4) 245.775523ms ago: executing program 4 (id=901): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000001a80), r0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) r1 = socket(0x40000000015, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0xa, 0x85}, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) getsockname$packet(r1, 0x0, &(0x7f00000001c0)) write(0xffffffffffffffff, &(0x7f0000000340)="1c0000005e001f3814584707f9f4ffffff000000230000001ff80000", 0x1c) ioctl$NILFS_IOCTL_DELETE_CHECKPOINT(0xffffffffffffffff, 0x40086e81, &(0x7f0000000080)=0xd51) capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7}) r5 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2) ioctl$FE_SET_PROPERTY(r5, 0x40106f52, &(0x7f0000000140)={0x18, &(0x7f00000000c0)}) socket$nl_generic(0x10, 0x3, 0x10) 130.639916ms ago: executing program 2 (id=902): sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4000080) 71.402368ms ago: executing program 0 (id=903): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x7, @empty}, 0x20) recvfrom$l2tp6(r0, 0x0, 0xffffffffffffff94, 0x0, 0x0, 0x56) syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff02000000000000000000000000000100000000ff"], 0x0) 0s ago: executing program 2 (id=904): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000300)='devtmpfs\x00', 0x1214040, 0x0) sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, 0x0, 0x4008014) socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200001004000b"], 0x24}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000) mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={[], [], 0x2f}) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) getdents64(0xffffffffffffffff, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) kernel console output (not intermixed with test programs): 0: link becomes ready [ 33.045549][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 33.046989][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 33.048404][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 33.054291][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 33.057348][ T4324] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 33.060759][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 33.062282][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 33.063756][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 33.065769][ T4335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 33.067605][ T4335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.069729][ T4335] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 33.072205][ T4324] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 33.074605][ T4324] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.076069][ T4324] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.077628][ T4324] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.079103][ T4324] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.082796][ T4329] device veth1_macvtap entered promiscuous mode [ 33.086708][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 33.088224][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 33.089875][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 33.093168][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 33.094979][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 33.097369][ T4335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 33.099065][ T4335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.101589][ T4335] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 33.106617][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 33.108157][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 33.113039][ T4329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 33.114764][ T4329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.116331][ T4329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 33.118014][ T4329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.120549][ T4329] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 33.123290][ T4335] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.124767][ T4335] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.126190][ T4335] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.127624][ T4335] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.129920][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 33.131676][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 33.136640][ T4334] device veth0_macvtap entered promiscuous mode [ 33.138382][ T4329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 33.140921][ T4329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.142549][ T4329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 33.144283][ T4329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.146276][ T4329] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 33.148023][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 33.149539][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 33.152059][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 33.153640][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 33.155749][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 33.179479][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 33.181369][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 33.182956][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 33.184462][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 33.186070][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 33.187564][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 33.191854][ T4329] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.193428][ T4329] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.194909][ T4329] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.196364][ T4329] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.203233][ T4334] device veth1_macvtap entered promiscuous mode [ 33.208245][ T4325] device veth0_vlan entered promiscuous mode [ 33.226133][ T4325] device veth1_vlan entered promiscuous mode [ 33.238725][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 33.240192][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 33.249854][ T4334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 33.250524][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 33.252479][ T4334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.252646][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 33.254205][ T4334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 33.257254][ T4334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.258761][ T4334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 33.262333][ T4334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.264783][ T4334] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 33.267067][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 33.268744][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 33.271386][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 33.272917][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 33.274317][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 33.275814][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 33.277395][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 33.297257][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 33.297515][ T4334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 33.298613][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 33.300847][ T4334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.303060][ T4334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 33.304696][ T4334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.306210][ T4334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 33.307849][ T4334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.310190][ T4334] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 33.315332][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 33.316911][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 33.318452][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 33.321669][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 33.323198][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 33.326732][ T4325] device veth0_macvtap entered promiscuous mode [ 33.328951][ T4334] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.331049][ T4334] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.332448][ T4334] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.333795][ T4334] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.338457][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 33.338878][ T4325] device veth1_macvtap entered promiscuous mode [ 33.339663][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 33.345559][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 33.347092][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 33.348602][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 33.358982][ T55] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 33.360541][ T55] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 33.362462][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 33.372035][ T55] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 33.373809][ T55] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 33.375086][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 33.391950][ T55] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 33.393436][ T55] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 33.394688][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 33.409476][ T55] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 33.411239][ T55] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 33.412791][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 33.432810][ T4325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 33.434604][ T4325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.445228][ T4325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 33.446897][ T4325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.459970][ T4325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 33.461828][ T4325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.463442][ T4325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 33.465254][ T4325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.467698][ T4325] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 33.473878][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 33.475570][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 33.488367][ T4325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 33.493899][ T4325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.497513][ T4325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 33.499266][ T4325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.503524][ T4325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 33.505272][ T4325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.507091][ T4325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 33.508898][ T4325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 33.577971][ T4410] loop1: detected capacity change from 0 to 128 [ 33.791102][ T4325] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 33.797944][ T4325] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.799530][ T4325] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.801438][ T4325] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.803095][ T4325] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.805352][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 33.807160][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 33.808997][ T4408] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1'. [ 33.828871][ T4408] netlink: 'syz.0.1': attribute type 10 has an invalid length. [ 33.847391][ T4408] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.848890][ T4408] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.889092][ T4408] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.890539][ T4408] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.892016][ T4408] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.893093][ T4408] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.913236][ T4408] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 33.933005][ T4412] loop2: detected capacity change from 0 to 32768 [ 33.943362][ T4412] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.3 (4412) [ 33.963365][ T4412] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 33.965144][ T4412] BTRFS info (device loop2): using crc32c (crc32c-generic) checksum algorithm [ 33.967967][ T4412] BTRFS info (device loop2): setting nodatacow, compression disabled [ 33.969319][ T4412] BTRFS info (device loop2): disabling tree log [ 33.973558][ T4412] BTRFS info (device loop2): max_inline at 0 [ 33.974518][ T4412] BTRFS info (device loop2): using free space tree [ 33.986347][ T4378] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 33.987791][ T4378] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 33.989361][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 34.024931][ T55] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 34.026463][ T55] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 34.027781][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 34.107951][ T4435] loop4: detected capacity change from 0 to 2048 [ 34.134603][ T4435] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 34.176624][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 34.210291][ T4438] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 34.267140][ T4442] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 34.269363][ T4442] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 34.290895][ T4442] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7'. [ 34.333889][ T4331] Bluetooth: hci1: command 0x041b tx timeout [ 34.334903][ T4331] Bluetooth: hci0: command 0x041b tx timeout [ 34.335909][ T4331] Bluetooth: hci2: command 0x041b tx timeout [ 34.336982][ T4373] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 34.344904][ T4334] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 34.355736][ T4445] fuse: Bad value for 'user_id' [ 34.410300][ T47] Bluetooth: hci4: command 0x041b tx timeout [ 34.411357][ T47] Bluetooth: hci3: command 0x041b tx timeout [ 34.510008][ T4373] usb 1-1: Using ep0 maxpacket: 16 [ 34.518168][ T4373] usb 1-1: config index 0 descriptor too short (expected 65535, got 36) [ 34.519706][ T4373] usb 1-1: config 255 has too many interfaces: 255, using maximum allowed: 32 [ 34.522269][ T4373] usb 1-1: config 255 has an invalid descriptor of length 52, skipping remainder of the config [ 34.523917][ T4373] usb 1-1: config 255 has 0 interfaces, different from the descriptor's value: 255 [ 34.527884][ T4373] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 34.529391][ T4373] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 34.546864][ T4373] usb 1-1: Product: syz [ 34.547527][ T4373] usb 1-1: Manufacturer: syz [ 34.548299][ T4373] usb 1-1: SerialNumber: syz [ 35.004164][ T4462] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 35.005781][ T4462] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 35.329670][ T4459] loop4: detected capacity change from 0 to 32768 [ 35.333272][ T4459] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.11 (4459) [ 35.338630][ T4459] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 35.340710][ T4459] BTRFS info (device loop4): using crc32c (crc32c-generic) checksum algorithm [ 35.342488][ T4459] BTRFS info (device loop4): setting nodatacow, compression disabled [ 35.343977][ T4459] BTRFS info (device loop4): disabling tree log [ 35.345131][ T4459] BTRFS info (device loop4): max_inline at 0 [ 35.346073][ T4459] BTRFS info (device loop4): using free space tree [ 36.410362][ T4331] Bluetooth: hci2: command 0x040f tx timeout [ 36.411733][ T47] Bluetooth: hci0: command 0x040f tx timeout [ 36.413036][ T4331] Bluetooth: hci1: command 0x040f tx timeout [ 36.490663][ T4332] Bluetooth: hci3: command 0x040f tx timeout [ 36.492225][ T47] Bluetooth: hci4: command 0x040f tx timeout [ 36.815323][ T4505] BTRFS info (device loop4): balance: start -d -m [ 36.826322][ T4505] BTRFS info (device loop4): relocating block group 6881280 flags data|metadata [ 36.851955][ T4497] loop2: detected capacity change from 0 to 32768 [ 36.853274][ T4497] ======================================================= [ 36.853274][ T4497] WARNING: The mand mount option has been deprecated and [ 36.853274][ T4497] and is ignored by this kernel. Remove the mand [ 36.853274][ T4497] option from the mount to silence this warning. [ 36.853274][ T4497] ======================================================= [ 36.863047][ T4507] Zero length message leads to an empty skb [ 36.867674][ T4497] JBD2: Ignoring recovery information on journal [ 36.888170][ T4505] BTRFS info (device loop4): relocating block group 5242880 flags data|metadata [ 36.892258][ T4497] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 36.930480][ T4505] BTRFS info (device loop4): found 10 extents, stage: move data extents [ 36.951580][ T4505] BTRFS info (device loop4): found 1 extents, stage: update data pointers [ 36.966832][ T4505] BTRFS info (device loop4): balance: ended with status: 0 [ 37.084048][ T4373] usb 1-1: USB disconnect, device number 2 [ 37.558251][ T4334] ocfs2: Unmounting device (7,2) on (node local) [ 37.627104][ T4325] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 37.722005][ T4523] loop3: detected capacity change from 0 to 128 [ 37.971251][ T4525] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 37.978201][ T4525] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 38.001026][ T4527] loop0: detected capacity change from 0 to 512 [ 38.004205][ T4527] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 38.006233][ T4527] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 38.016262][ T4527] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 38.017546][ T4527] System zones: 1-12 [ 38.042300][ T4527] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2800: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 38.047815][ T4527] EXT4-fs (loop0): 1 truncate cleaned up [ 38.048759][ T4527] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 38.490380][ T4332] Bluetooth: hci2: command 0x0419 tx timeout [ 38.490406][ T4331] Bluetooth: hci1: command 0x0419 tx timeout [ 38.490425][ T47] Bluetooth: hci0: command 0x0419 tx timeout [ 38.570348][ T4328] Bluetooth: hci4: command 0x0419 tx timeout [ 38.571426][ T4328] Bluetooth: hci3: command 0x0419 tx timeout [ 39.005142][ T4546] loop3: detected capacity change from 0 to 512 [ 39.033048][ T4546] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 39.048150][ T4546] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 39.049493][ T4546] System zones: 1-12 [ 39.078120][ T4546] EXT4-fs (loop3): 1 truncate cleaned up [ 39.079036][ T4546] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 39.144958][ T4538] loop4: detected capacity change from 0 to 32768 [ 39.158885][ T4538] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.20 (4538) [ 39.265125][ T4551] loop2: detected capacity change from 0 to 128 [ 39.417967][ T4549] sched: RT throttling activated [ 39.518989][ T4538] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 39.520907][ T4538] BTRFS info (device loop4): using crc32c (crc32c-generic) checksum algorithm [ 39.522413][ T4538] BTRFS info (device loop4): setting nodatacow, compression disabled [ 39.523706][ T4538] BTRFS info (device loop4): disabling tree log [ 39.524128][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 39.524758][ T4538] BTRFS info (device loop4): max_inline at 0 [ 39.526753][ T4538] BTRFS info (device loop4): using free space tree [ 39.671348][ T4325] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 39.880577][ T7] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 40.609111][ T7] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 40.611220][ T7] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 40.612822][ T7] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 40.615068][ T7] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 40.618795][ T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 40.624374][ T7] usb 1-1: config 0 descriptor?? [ 40.696896][ T4511] Set syz1 is full, maxelem 65536 reached [ 40.918255][ T4590] loop1: detected capacity change from 0 to 128 [ 41.197331][ T4594] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 41.198876][ T4594] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 41.360825][ T4596] loop2: detected capacity change from 0 to 32768 [ 41.383906][ T4596] JBD2: Ignoring recovery information on journal [ 41.401677][ T7] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 41.408482][ T7] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 41.419802][ T4596] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 41.702849][ T4353] usb 1-1: USB disconnect, device number 3 [ 41.780370][ T4603] loop1: detected capacity change from 0 to 128 [ 42.064805][ T4605] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 42.069134][ T4605] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 42.077618][ T4334] ocfs2: Unmounting device (7,2) on (node local) [ 42.157773][ T4607] netlink: 'syz.2.33': attribute type 2 has an invalid length. [ 42.358151][ T4607] loop2: detected capacity change from 0 to 32768 [ 42.373842][ T4607] (syz.2.33,4607,1):ocfs2_parse_options:1446 ERROR: Unrecognized mount option "dir_rðlv_level=000000N000000000000™\:Fherency=full" or missing value [ 42.391711][ T4607] (syz.2.33,4607,1):ocfs2_fill_super:1176 ERROR: status = -22 [ 42.680098][ T1514] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 42.869521][ T4642] loop2: detected capacity change from 0 to 128 [ 42.914399][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 43.008656][ T4658] netlink: 'syz.3.38': attribute type 2 has an invalid length. [ 43.070227][ T1514] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 43.072361][ T1514] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 43.074916][ T1514] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 43.078352][ T1514] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 43.080104][ T1514] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 43.083905][ T1514] usb 1-1: config 0 descriptor?? [ 43.342767][ T4668] loop3: detected capacity change from 0 to 32768 [ 43.352601][ T4668] (syz.3.38,4668,1):ocfs2_parse_options:1446 ERROR: Unrecognized mount option "dir_rðlv_level=000000N000000000000™\:Fherency=full" or missing value [ 43.358482][ T4668] (syz.3.38,4668,1):ocfs2_fill_super:1176 ERROR: status = -22 [ 43.500164][ T1514] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 43.504552][ T1514] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 43.543692][ T4695] netlink: 'syz.1.39': attribute type 2 has an invalid length. [ 43.808732][ T4706] loop1: detected capacity change from 0 to 32768 [ 43.827965][ T4706] (syz.1.39,4706,0):ocfs2_parse_options:1446 ERROR: Unrecognized mount option "dir_rðlv_level=000000N000000000000™\:Fherency=full" or missing value [ 43.829502][ T1514] usb 1-1: USB disconnect, device number 4 [ 43.833964][ T4706] (syz.1.39,4706,0):ocfs2_fill_super:1176 ERROR: status = -22 [ 44.157498][ T4649] Set syz1 is full, maxelem 65536 reached [ 44.202295][ T4739] netlink: 8 bytes leftover after parsing attributes in process `syz.3.42'. [ 44.203943][ T4739] netlink: 4 bytes leftover after parsing attributes in process `syz.3.42'. [ 44.223118][ T4740] loop4: detected capacity change from 0 to 2048 [ 44.256389][ T4740] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 44.294076][ T4740] overlayfs: Failed to create volatile/dirty file. [ 44.297518][ T4746] loop3: detected capacity change from 0 to 2048 [ 44.342129][ T4746] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 44.355633][ T4740] overlayfs: missing 'lowerdir' [ 44.381600][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 44.405832][ T4746] overlayfs: Failed to create volatile/dirty file. [ 44.430091][ T4746] overlayfs: missing 'lowerdir' [ 44.448599][ T4761] loop1: detected capacity change from 0 to 512 [ 44.459111][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 44.460590][ T4761] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 44.704188][ T4768] loop0: detected capacity change from 0 to 128 [ 44.713401][ T4769] loop4: detected capacity change from 0 to 128 [ 44.747118][ T4761] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 44.748562][ T4761] System zones: 1-12 [ 44.783346][ T4779] netlink: 'syz.2.51': attribute type 2 has an invalid length. [ 44.794411][ T4761] EXT4-fs (loop1): 1 truncate cleaned up [ 44.800295][ T4761] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 45.794859][ T4812] netlink: 36 bytes leftover after parsing attributes in process `syz.0.55'. [ 45.800473][ T4812] netlink: 'syz.0.55': attribute type 10 has an invalid length. [ 45.803682][ T4812] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.805218][ T4812] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.867268][ T4817] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 45.880205][ T4817] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 45.995486][ T4824] loop0: detected capacity change from 0 to 256 [ 46.424071][ T4824] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 47.041380][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 47.216299][ T4810] loop3: detected capacity change from 0 to 32768 [ 47.217985][ T4810] (syz.3.54,4810,0):ocfs2_parse_options:1446 ERROR: Unrecognized mount option "dir_rðlv_level=000000N000000000000™\:Fherency=full" or missing value [ 47.220340][ T4810] (syz.3.54,4810,0):ocfs2_fill_super:1176 ERROR: status = -22 [ 47.300659][ T4839] device syzkaller0 entered promiscuous mode [ 47.428480][ T4849] loop2: detected capacity change from 0 to 256 [ 47.448743][ T4849] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 48.448198][ T4858] loop0: detected capacity change from 0 to 512 [ 48.480288][ T4858] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 48.485920][ T4858] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 48.487255][ T4858] System zones: 1-12 [ 48.501117][ T4858] EXT4-fs (loop0): 1 truncate cleaned up [ 48.502141][ T4858] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 48.594576][ T4863] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.609209][ T4863] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.793195][ T4871] binder: 4866:4871 ioctl c0306201 0 returned -14 [ 49.305213][ T4846] loop1: detected capacity change from 0 to 32768 [ 49.313265][ T4846] (syz.1.59,4846,1):ocfs2_parse_options:1446 ERROR: Unrecognized mount option "dir_rðlv_level=000000N000000000000™\:Fherency=full" or missing value [ 49.341940][ T4846] (syz.1.59,4846,1):ocfs2_fill_super:1176 ERROR: status = -22 [ 49.523268][ T4879] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 49.524787][ T4879] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 49.656022][ T4854] loop4: detected capacity change from 0 to 32768 [ 50.175051][ T4854] XFS (loop4): Mounting V5 Filesystem [ 50.214066][ T4854] XFS (loop4): Ending clean mount [ 50.238699][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 50.413731][ T4854] XFS (loop4): Quotacheck needed: Please wait. [ 50.431833][ T4854] XFS (loop4): Quotacheck: Done. [ 51.224926][ T4911] loop0: detected capacity change from 0 to 256 [ 51.229188][ T4911] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 51.901301][ T4325] XFS (loop4): Unmounting Filesystem [ 51.998516][ T4922] loop1: detected capacity change from 0 to 32768 [ 52.006426][ T4922] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.73 (4922) [ 52.016687][ T4922] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 52.018891][ T4922] BTRFS info (device loop1): using crc32c (crc32c-generic) checksum algorithm [ 52.021379][ T4922] BTRFS info (device loop1): setting nodatacow, compression disabled [ 52.024019][ T4922] BTRFS info (device loop1): disabling tree log [ 52.028318][ T4922] BTRFS info (device loop1): max_inline at 0 [ 52.030723][ T4922] BTRFS info (device loop1): using free space tree [ 52.080441][ T4922] BTRFS error (device loop1): balance: mixed groups data and metadata options must be the same [ 52.229251][ T4949] device syzkaller0 entered promiscuous mode [ 52.237430][ T4953] loop4: detected capacity change from 0 to 1024 [ 52.242163][ T4953] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 52.247822][ T4953] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 52.637346][ T4960] binder: 4956:4960 ioctl c0306201 0 returned -14 [ 52.895125][ T4324] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 53.098117][ T4970] loop2: detected capacity change from 0 to 1024 [ 53.099774][ T4970] EXT4-fs: Ignoring removed i_version option [ 53.100928][ T4970] EXT4-fs: inline encryption not supported [ 53.107527][ T4970] EXT4-fs (loop2): Test dummy encryption mode enabled [ 53.481063][ T4970] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 53.829430][ T4924] Set syz1 is full, maxelem 65536 reached [ 53.832266][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 54.165945][ T4983] loop3: detected capacity change from 0 to 256 [ 55.730851][ T4984] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.734851][ T4984] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.048618][ T4983] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 56.096570][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 56.331881][ T4993] loop0: detected capacity change from 0 to 256 [ 58.753494][ T4996] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.757934][ T4996] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.237519][ T4993] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 59.303800][ T4995] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.333719][ T4995] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.847690][ T5005] netlink: 20 bytes leftover after parsing attributes in process `syz.0.91'. [ 59.869811][ T5005] 8021q: adding VLAN 0 to HW filter on device bond1 [ 60.452243][ T5005] netlink: 8 bytes leftover after parsing attributes in process `syz.0.91'. [ 60.455801][ T5005] netlink: 4 bytes leftover after parsing attributes in process `syz.0.91'. [ 60.470364][ T5005] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.475303][ T5005] bond1: (slave bond0): Enslaving as an active interface with an up link [ 60.476949][ T4874] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 60.534415][ T5022] binder: 5011:5022 ioctl c0306201 0 returned -14 [ 60.949430][ T5027] loop1: detected capacity change from 0 to 1024 [ 60.951736][ T5027] EXT4-fs: Ignoring removed i_version option [ 60.951843][ T5027] EXT4-fs: inline encryption not supported [ 61.063806][ T5027] EXT4-fs (loop1): Test dummy encryption mode enabled [ 62.236612][ T5027] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 62.406390][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 62.483525][ T5040] loop3: detected capacity change from 0 to 256 [ 62.498316][ T5040] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 63.644464][ T5055] loop1: detected capacity change from 0 to 256 [ 63.684587][ T5055] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 64.492907][ T2061] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.494129][ T2061] ieee802154 phy1 wpan1: encryption failed: -22 [ 64.761420][ T5066] loop4: detected capacity change from 0 to 256 [ 64.822839][ T5066] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 65.433965][ T5070] loop3: detected capacity change from 0 to 1024 [ 65.438141][ T5072] loop1: detected capacity change from 0 to 512 [ 65.438691][ T5070] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 65.448895][ T5072] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 65.512961][ T5070] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 66.917156][ T5072] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 66.918564][ T5072] System zones: 1-12 [ 66.925023][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 66.937546][ T5072] EXT4-fs (loop1): 1 truncate cleaned up [ 66.938512][ T5072] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 67.025026][ T5085] loop5: detected capacity change from 0 to 7 [ 67.079353][ T5088] loop2: detected capacity change from 0 to 1024 [ 67.080864][ T5088] EXT4-fs: Ignoring removed i_version option [ 67.081794][ T5088] EXT4-fs: inline encryption not supported [ 67.085486][ T5088] EXT4-fs (loop2): Test dummy encryption mode enabled [ 67.424090][ T5088] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 67.431588][ T5085] Dev loop5: unable to read RDB block 7 [ 67.432719][ T5085] loop5: AHDI p1 p2 p3 [ 67.433442][ T5085] loop5: partition table partially beyond EOD, truncated [ 67.434827][ T5085] loop5: p1 start 1818582900 is beyond EOD, truncated [ 67.435939][ T5085] loop5: p3 start 335544320 is beyond EOD, truncated [ 67.962420][ T5104] bond1: option mode: unable to set because the bond device has slaves [ 68.359041][ T5120] loop3: detected capacity change from 0 to 1024 [ 68.422985][ T5122] loop4: detected capacity change from 0 to 256 [ 68.441255][ T5122] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 68.670076][ T1514] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 68.860184][ T1514] usb 1-1: Using ep0 maxpacket: 16 [ 68.868436][ T1514] usb 1-1: config index 0 descriptor too short (expected 65535, got 36) [ 68.870535][ T1514] usb 1-1: config 255 has too many interfaces: 255, using maximum allowed: 32 [ 68.872236][ T1514] usb 1-1: config 255 has an invalid descriptor of length 52, skipping remainder of the config [ 68.907734][ T1514] usb 1-1: config 255 has 0 interfaces, different from the descriptor's value: 255 [ 69.008617][ T1514] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 69.067281][ T1514] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 69.111062][ T1514] usb 1-1: Product: syz [ 69.263549][ T1514] usb 1-1: Manufacturer: syz [ 69.265723][ T1514] usb 1-1: SerialNumber: syz [ 69.410512][ T5120] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 69.414357][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 69.422415][ T5120] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 70.400886][ T14] cfg80211: failed to load regulatory.db [ 70.633634][ T5131] loop1: detected capacity change from 0 to 256 [ 70.674440][ T5131] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 71.431084][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 73.307101][ T1514] usb 1-1: USB disconnect, device number 5 [ 73.413415][ T5144] loop5: detected capacity change from 0 to 7 [ 73.470140][ T5144] Dev loop5: unable to read RDB block 7 [ 73.471124][ T5144] loop5: AHDI p1 p2 p3 [ 73.471895][ T5144] loop5: partition table partially beyond EOD, truncated [ 73.473146][ T5144] loop5: p1 start 1818582900 is beyond EOD, truncated [ 73.477609][ T5144] loop5: p3 start 335544320 is beyond EOD, truncated [ 73.947052][ T5154] 8021q: adding VLAN 0 to HW filter on device bond1 [ 74.539724][ T5176] netlink: 4 bytes leftover after parsing attributes in process `syz.3.139'. [ 74.661258][ T5179] loop4: detected capacity change from 0 to 256 [ 76.130422][ T5179] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 76.256632][ T5191] loop3: detected capacity change from 0 to 512 [ 76.283236][ T5191] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 76.293599][ T5191] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 76.295141][ T5191] System zones: 1-12 [ 76.310937][ T5191] EXT4-fs (loop3): 1 truncate cleaned up [ 76.311917][ T5191] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 76.426275][ T5185] loop0: detected capacity change from 0 to 32768 [ 77.116179][ T5185] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.141 (5185) [ 77.305785][ T5206] loop1: detected capacity change from 0 to 1024 [ 77.310374][ T5206] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 77.337137][ T5206] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 77.348563][ T5209] loop4: detected capacity change from 0 to 512 [ 77.413846][ T5185] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 77.415465][ T5185] BTRFS info (device loop0): using crc32c (crc32c-generic) checksum algorithm [ 77.416963][ T5185] BTRFS info (device loop0): setting nodatacow, compression disabled [ 77.436075][ T5185] BTRFS info (device loop0): disabling tree log [ 77.437665][ T5185] BTRFS info (device loop0): max_inline at 0 [ 77.438817][ T5209] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 77.441227][ T5185] BTRFS info (device loop0): using free space tree [ 77.446780][ T5209] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 77.448115][ T5209] System zones: 1-12 [ 77.453864][ T5209] EXT4-fs (loop4): 1 truncate cleaned up [ 77.454771][ T5209] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 77.497311][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 79.056223][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 79.212499][ T5185] BTRFS error (device loop0): open_ctree failed: -12 [ 79.224443][ T5241] loop5: detected capacity change from 0 to 7 [ 79.226250][ T5241] Dev loop5: unable to read RDB block 7 [ 79.229547][ T5241] loop5: AHDI p1 p2 p3 [ 79.233025][ T5241] loop5: partition table partially beyond EOD, truncated [ 79.237788][ T5241] loop5: p1 start 1818582900 is beyond EOD, truncated [ 79.245840][ T5241] loop5: p3 start 335544320 is beyond EOD, truncated [ 79.795434][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 79.943934][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 80.022229][ T5267] loop1: detected capacity change from 0 to 1024 [ 80.029397][ T5267] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 80.043190][ T5267] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 80.105080][ T5263] loop2: detected capacity change from 0 to 32768 [ 80.114417][ T5263] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.157 (5263) [ 80.119750][ T5263] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 80.122908][ T5263] BTRFS info (device loop2): using crc32c (crc32c-generic) checksum algorithm [ 80.126693][ T5263] BTRFS info (device loop2): setting nodatacow, compression disabled [ 80.130627][ T5263] BTRFS info (device loop2): disabling tree log [ 80.134105][ T5263] BTRFS info (device loop2): max_inline at 0 [ 80.136728][ T5263] BTRFS info (device loop2): using free space tree [ 81.078624][ T5281] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 81.096391][ T5281] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 81.219877][ T5287] loop5: detected capacity change from 0 to 7 [ 81.225652][ T5287] Dev loop5: unable to read RDB block 7 [ 81.228840][ T5287] loop5: AHDI p1 p2 p3 [ 81.229525][ T5287] loop5: partition table partially beyond EOD, truncated [ 81.236157][ T5287] loop5: p1 start 1818582900 is beyond EOD, truncated [ 81.237246][ T5287] loop5: p3 start 335544320 is beyond EOD, truncated [ 81.633345][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 81.693610][ T5298] loop4: detected capacity change from 0 to 512 [ 81.698149][ T4334] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 81.708323][ T5298] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 81.744253][ T5273] loop0: detected capacity change from 0 to 32768 [ 81.746468][ T5273] BTRFS warning: duplicate device /dev/loop0 devid 1 generation 8 scanned by syz.0.161 (5273) [ 81.758556][ T5298] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 81.766999][ T5298] System zones: 1-12 [ 81.783839][ T5298] EXT4-fs (loop4): 1 truncate cleaned up [ 81.784938][ T5298] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 82.072622][ T5316] loop1: detected capacity change from 0 to 1024 [ 82.077199][ T5316] EXT4-fs: Ignoring removed i_version option [ 82.078524][ T5316] EXT4-fs: inline encryption not supported [ 82.184216][ T5316] EXT4-fs (loop1): Test dummy encryption mode enabled [ 83.961447][ T5316] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 84.125829][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 84.735339][ T5338] loop3: detected capacity change from 0 to 256 [ 85.093732][ T5335] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 86.164749][ T5338] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 86.194084][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 86.224537][ T5342] loop1: detected capacity change from 0 to 1024 [ 86.228580][ T5344] loop2: detected capacity change from 0 to 512 [ 86.230446][ T5342] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 86.233941][ T5344] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 86.242932][ T5344] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 86.246582][ T5348] loop5: detected capacity change from 0 to 7 [ 86.257095][ T5342] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 86.260941][ T5344] System zones: 1-12 [ 86.270176][ T5348] Dev loop5: unable to read RDB block 7 [ 86.271079][ T5348] loop5: AHDI p1 p2 p3 [ 86.271712][ T5348] loop5: partition table partially beyond EOD, truncated [ 86.272920][ T5348] loop5: p1 start 1818582900 is beyond EOD, truncated [ 86.273991][ T5348] loop5: p3 start 335544320 is beyond EOD, truncated [ 86.278609][ T5344] EXT4-fs (loop2): 1 truncate cleaned up [ 86.279511][ T5344] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 86.334211][ T5346] loop0: detected capacity change from 0 to 32768 [ 86.349811][ T5346] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.178 (5346) [ 87.560475][ T5346] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 88.266779][ T5346] BTRFS info (device loop0): using crc32c (crc32c-generic) checksum algorithm [ 88.387404][ T5346] BTRFS info (device loop0): setting nodatacow, compression disabled [ 88.421932][ T5346] BTRFS info (device loop0): disabling tree log [ 88.425957][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 88.448834][ T5346] BTRFS info (device loop0): max_inline at 0 [ 88.449837][ T5346] BTRFS info (device loop0): using free space tree [ 88.481430][ T5354] loop4: detected capacity change from 0 to 32768 [ 88.513698][ T5354] BTRFS warning: duplicate device /dev/loop4 devid 1 generation 8 scanned by syz.4.180 (5354) [ 88.628093][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 88.739669][ T5376] loop3: detected capacity change from 0 to 1024 [ 88.743222][ T5376] EXT4-fs: Ignoring removed i_version option [ 88.744331][ T5376] EXT4-fs: inline encryption not supported [ 88.856426][ T5376] EXT4-fs (loop3): Test dummy encryption mode enabled [ 89.133573][ T5376] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 89.565541][ T5392] loop2: detected capacity change from 0 to 512 [ 89.584740][ T5392] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 89.604951][ T5392] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 89.606292][ T5392] System zones: 1-12 [ 89.612386][ T5392] EXT4-fs (loop2): 1 truncate cleaned up [ 89.615476][ T5392] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 89.701863][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 89.704600][ T5346] BTRFS error (device loop0): open_ctree failed: -12 [ 90.405235][ T4572] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by udevd (4572) [ 90.656995][ T5414] Bluetooth: MGMT ver 1.22 [ 91.287909][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 91.320138][ T5423] 8021q: adding VLAN 0 to HW filter on device bond1 [ 91.418046][ T5430] loop4: detected capacity change from 0 to 512 [ 91.429715][ T5430] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 91.439366][ T5430] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 91.445958][ T5430] System zones: 1-12 [ 91.455183][ T5430] EXT4-fs (loop4): 1 truncate cleaned up [ 91.476927][ T5430] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 92.769037][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 92.784770][ T5446] loop0: detected capacity change from 0 to 512 [ 92.800038][ T5446] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 92.807131][ T5448] loop4: detected capacity change from 0 to 1024 [ 92.811329][ T5446] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 92.812660][ T5446] System zones: 1-12 [ 92.818762][ T5446] EXT4-fs (loop0): 1 truncate cleaned up [ 92.819650][ T5446] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 92.863967][ T5448] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 93.096570][ T5458] loop3: detected capacity change from 0 to 1024 [ 93.101245][ T5458] EXT4-fs: Ignoring removed i_version option [ 93.102428][ T5458] EXT4-fs: inline encryption not supported [ 93.947583][ T5458] EXT4-fs (loop3): Test dummy encryption mode enabled [ 95.813005][ T5448] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 95.825244][ T5458] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 95.896943][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 95.967464][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 96.272609][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 96.322828][ T5466] loop3: detected capacity change from 0 to 512 [ 96.325442][ T5466] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 96.336058][ T5466] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 96.337367][ T5466] System zones: 1-12 [ 96.356435][ T5466] EXT4-fs (loop3): 1 truncate cleaned up [ 96.357618][ T5466] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 96.465955][ T5472] loop5: detected capacity change from 0 to 7 [ 96.469849][ T5472] Dev loop5: unable to read RDB block 7 [ 96.471223][ T5472] loop5: AHDI p1 p2 p3 [ 96.471900][ T5472] loop5: partition table partially beyond EOD, truncated [ 96.473008][ T5472] loop5: p1 start 1818582900 is beyond EOD, truncated [ 96.486389][ T5472] loop5: p3 start 335544320 is beyond EOD, truncated [ 97.652539][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 97.693157][ T5484] loop4: detected capacity change from 0 to 512 [ 97.694834][ T5484] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 97.718920][ T5484] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 97.727012][ T5484] System zones: 1-12 [ 97.728663][ T5484] EXT4-fs (loop4): 1 truncate cleaned up [ 97.729529][ T5484] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 99.359143][ T5496] loop1: detected capacity change from 0 to 1024 [ 99.386878][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 99.406507][ T5496] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 99.432753][ T5496] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 100.742776][ T5506] loop3: detected capacity change from 0 to 1024 [ 100.744270][ T5506] EXT4-fs: Ignoring removed i_version option [ 100.745227][ T5506] EXT4-fs: inline encryption not supported [ 100.838404][ T5506] EXT4-fs (loop3): Test dummy encryption mode enabled [ 101.223288][ T5506] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 101.441367][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 102.305789][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 102.381319][ T5428] Set syz1 is full, maxelem 65536 reached [ 102.545589][ T5522] loop0: detected capacity change from 0 to 512 [ 102.556657][ T5522] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 102.576468][ T5522] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 102.578009][ T5522] System zones: 1-12 [ 102.586558][ T5522] EXT4-fs (loop0): 1 truncate cleaned up [ 102.587574][ T5522] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 103.688464][ T5544] loop2: detected capacity change from 0 to 2048 [ 105.034264][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 105.059473][ T5544] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 105.069136][ T5544] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 105.073533][ T5544] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 105.184871][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 105.284657][ T5560] loop0: detected capacity change from 0 to 1024 [ 105.286198][ T5560] EXT4-fs: Ignoring removed i_version option [ 105.287195][ T5560] EXT4-fs: inline encryption not supported [ 106.272802][ T5560] EXT4-fs (loop0): Test dummy encryption mode enabled [ 106.312156][ T5560] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 106.354103][ T5565] loop5: detected capacity change from 0 to 7 [ 106.366480][ T5565] Dev loop5: unable to read RDB block 7 [ 106.367400][ T5565] loop5: AHDI p1 p2 p3 [ 106.368203][ T5565] loop5: partition table partially beyond EOD, truncated [ 106.369713][ T5565] loop5: p1 start 1818582900 is beyond EOD, truncated [ 106.374381][ T5565] loop5: p3 start 335544320 is beyond EOD, truncated [ 106.465502][ T5558] loop4: detected capacity change from 0 to 32768 [ 106.470785][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 106.479838][ T5558] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 106.495701][ T5558] BTRFS info (device loop4): using crc32c (crc32c-generic) checksum algorithm [ 106.497141][ T5558] BTRFS info (device loop4): setting nodatacow, compression disabled [ 106.503703][ T5558] BTRFS info (device loop4): disabling tree log [ 106.504653][ T5558] BTRFS info (device loop4): max_inline at 0 [ 106.525556][ T5558] BTRFS info (device loop4): using free space tree [ 106.699922][ T5589] fuse: Bad value for 'fd' [ 107.098301][ T5603] loop3: detected capacity change from 0 to 512 [ 107.103281][ T5603] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 107.111105][ T5603] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 107.112632][ T5603] System zones: 1-12 [ 107.116132][ T5603] EXT4-fs (loop3): 1 truncate cleaned up [ 107.117242][ T5603] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 111.988960][ T4325] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 111.998258][ T5616] loop5: detected capacity change from 0 to 7 [ 112.003500][ T5616] Dev loop5: unable to read RDB block 7 [ 112.006414][ T5616] loop5: AHDI p1 p2 p3 [ 112.007091][ T5616] loop5: partition table partially beyond EOD, truncated [ 112.008346][ T5616] loop5: p1 start 1818582900 is beyond EOD, truncated [ 112.009444][ T5616] loop5: p3 start 335544320 is beyond EOD, truncated [ 112.083417][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 112.393875][ T5639] loop4: detected capacity change from 0 to 1024 [ 112.395401][ T5639] EXT4-fs: Ignoring removed i_version option [ 112.396547][ T5639] EXT4-fs: inline encryption not supported [ 112.404569][ T5639] EXT4-fs (loop4): Test dummy encryption mode enabled [ 112.532170][ T5639] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 113.035130][ T5636] loop0: detected capacity change from 0 to 2048 [ 113.057488][ T5636] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 113.088118][ T5636] overlayfs: missing 'lowerdir' [ 113.178200][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 113.818474][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 114.585118][ T5664] loop3: detected capacity change from 0 to 512 [ 114.586774][ T5664] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 114.682673][ T5664] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 114.684157][ T5664] System zones: 1-12 [ 114.685639][ T5664] EXT4-fs (loop3): 1 truncate cleaned up [ 114.686553][ T5664] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 115.369617][ T5657] loop2: detected capacity change from 0 to 32768 [ 115.444255][ T5657] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.261 (5657) [ 115.675551][ T5657] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 115.679458][ T5657] BTRFS info (device loop2): using crc32c (crc32c-generic) checksum algorithm [ 115.684215][ T5657] BTRFS info (device loop2): setting nodatacow, compression disabled [ 115.685583][ T5657] BTRFS info (device loop2): disabling tree log [ 115.723518][ T5657] BTRFS info (device loop2): max_inline at 0 [ 115.725734][ T5657] BTRFS info (device loop2): using free space tree [ 115.734189][ T5658] loop4: detected capacity change from 0 to 32768 [ 115.739323][ T5658] BTRFS warning: duplicate device /dev/loop4 devid 1 generation 8 scanned by syz.4.260 (5658) [ 115.796710][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 115.818540][ T4316] I/O error, dev loop4, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 115.984801][ T4334] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 116.177859][ T4572] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 9 /dev/loop2 scanned by udevd (4572) [ 117.492407][ T5711] 8021q: adding VLAN 0 to HW filter on device bond2 [ 117.611957][ T5725] loop1: detected capacity change from 0 to 512 [ 117.616009][ T5725] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 117.625501][ T5725] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 117.626988][ T5727] loop4: detected capacity change from 0 to 512 [ 117.627018][ T5725] System zones: 1-12 [ 117.635844][ T5727] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 117.639795][ T5725] EXT4-fs (loop1): 1 truncate cleaned up [ 117.643069][ T5725] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 117.676985][ T5727] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 117.678567][ T5727] System zones: 1-12 [ 117.680725][ T5727] EXT4-fs (loop4): 1 truncate cleaned up [ 117.681667][ T5727] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 117.709550][ T5732] bond1: option mode: unable to set because the bond device has slaves [ 122.712074][ T5734] device syzkaller0 entered promiscuous mode [ 122.723716][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 122.745414][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 122.765809][ T5747] loop2: detected capacity change from 0 to 2048 [ 122.793210][ T5747] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 122.868151][ T5747] overlayfs: missing 'lowerdir' [ 122.885429][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 123.014551][ T5758] loop4: detected capacity change from 0 to 1024 [ 123.016194][ T5758] EXT4-fs: Ignoring removed i_version option [ 123.017331][ T5758] EXT4-fs: inline encryption not supported [ 123.101298][ T5758] EXT4-fs (loop4): Test dummy encryption mode enabled [ 123.360505][ T5758] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 123.468038][ T5759] loop1: detected capacity change from 0 to 512 [ 123.489605][ T5759] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 123.663516][ T5759] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 123.664997][ T5759] System zones: 1-12 [ 123.666461][ T5759] EXT4-fs (loop1): 1 truncate cleaned up [ 123.667442][ T5759] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 125.185242][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 125.200051][ T5763] 8021q: adding VLAN 0 to HW filter on device bond1 [ 125.278206][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 125.384845][ T5774] loop0: detected capacity change from 0 to 32768 [ 125.930686][ T2061] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.931961][ T2061] ieee802154 phy1 wpan1: encryption failed: -22 [ 126.159409][ T5774] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 126.259769][ T5794] loop1: detected capacity change from 0 to 512 [ 126.267885][ T5794] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 126.268465][ T5796] loop3: detected capacity change from 0 to 512 [ 126.278585][ T5796] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 126.281284][ T5794] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 126.283810][ T5794] System zones: 1-12 [ 126.293494][ T5794] EXT4-fs (loop1): 1 truncate cleaned up [ 126.297099][ T5794] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 126.300455][ T5796] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 126.301955][ T5796] System zones: 1-12 [ 126.315139][ T5796] EXT4-fs (loop3): 1 truncate cleaned up [ 126.396480][ T5796] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 130.544401][ T4572] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 130.694397][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 130.740016][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 130.812052][ T5831] 8021q: adding VLAN 0 to HW filter on device bond3 [ 130.842531][ T5836] device syzkaller0 entered promiscuous mode [ 130.947849][ T5843] 8021q: adding VLAN 0 to HW filter on device bond2 [ 131.085815][ T5858] loop4: detected capacity change from 0 to 1024 [ 131.088999][ T5858] EXT4-fs: Ignoring removed i_version option [ 131.090235][ T5858] EXT4-fs: inline encryption not supported [ 131.098240][ T5858] EXT4-fs (loop4): Test dummy encryption mode enabled [ 131.511645][ T5858] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 132.785029][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 133.908257][ T5902] 8021q: adding VLAN 0 to HW filter on device bond1 [ 134.068169][ T5909] device syzkaller0 entered promiscuous mode [ 134.119795][ T5881] loop1: detected capacity change from 0 to 32768 [ 134.133102][ T5881] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 134.208958][ T5922] 8021q: adding VLAN 0 to HW filter on device bond2 [ 134.277768][ T4572] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 134.436255][ T5933] loop4: detected capacity change from 0 to 1024 [ 134.439581][ T5933] EXT4-fs: Ignoring removed i_version option [ 134.440711][ T5933] EXT4-fs: inline encryption not supported [ 134.777627][ T5933] EXT4-fs (loop4): Test dummy encryption mode enabled [ 135.088803][ T5933] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 136.070633][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 136.085099][ T5951] loop5: detected capacity change from 0 to 7 [ 136.095762][ T5951] Dev loop5: unable to read RDB block 7 [ 136.099116][ T5951] loop5: unable to read partition table [ 136.107161][ T5951] loop5: partition table beyond EOD, truncated [ 136.117128][ T5951] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5) [ 136.186547][ T5958] 8021q: adding VLAN 0 to HW filter on device bond3 [ 136.211945][ T5962] loop1: detected capacity change from 0 to 512 [ 136.213805][ T5962] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 136.219307][ T5962] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 136.221338][ T5962] System zones: 1-12 [ 136.229109][ T5962] EXT4-fs (loop1): 1 truncate cleaned up [ 136.230547][ T5962] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 136.294969][ T5968] device syzkaller0 entered promiscuous mode [ 136.305782][ T5971] loop4: detected capacity change from 0 to 512 [ 136.307837][ T5971] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 136.328359][ T5971] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 136.329691][ T5971] System zones: 1-12 [ 136.331738][ T5971] EXT4-fs (loop4): 1 truncate cleaned up [ 136.332657][ T5971] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 141.521210][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 141.613377][ T5997] loop3: detected capacity change from 0 to 1024 [ 141.616526][ T5997] EXT4-fs: Ignoring removed i_version option [ 141.617637][ T5997] EXT4-fs: inline encryption not supported [ 141.730715][ T5997] EXT4-fs (loop3): Test dummy encryption mode enabled [ 142.043235][ T5997] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 142.437503][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 142.604670][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 142.704071][ T6017] loop2: detected capacity change from 0 to 256 [ 142.818476][ T6017] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 143.717097][ T6021] loop5: detected capacity change from 0 to 7 [ 143.742791][ T6021] Dev loop5: unable to read RDB block 7 [ 143.743724][ T6021] loop5: unable to read partition table [ 143.744749][ T6021] loop5: partition table beyond EOD, truncated [ 143.745775][ T6021] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5) [ 144.188546][ T6031] loop1: detected capacity change from 0 to 512 [ 144.203943][ T6031] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 144.214386][ T6031] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 144.215760][ T6031] System zones: 1-12 [ 144.228915][ T6031] EXT4-fs (loop1): 1 truncate cleaned up [ 144.229830][ T6031] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 144.231259][ T6033] 8021q: adding VLAN 0 to HW filter on device bond2 [ 144.259198][ T6038] loop2: detected capacity change from 0 to 512 [ 144.269883][ T6038] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 144.307238][ T6038] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 144.308774][ T6038] System zones: 1-12 [ 144.311668][ T6038] EXT4-fs (loop2): 1 truncate cleaned up [ 144.312719][ T6038] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 149.117075][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 149.146541][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 149.409043][ T6069] loop4: detected capacity change from 0 to 256 [ 149.529336][ T6069] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 150.442058][ T6059] loop1: detected capacity change from 0 to 32768 [ 150.547456][ T6079] loop3: detected capacity change from 0 to 512 [ 150.563015][ T6082] loop2: detected capacity change from 0 to 512 [ 150.565139][ T6079] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 150.567811][ T6082] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 150.572146][ T6079] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 150.573458][ T6079] System zones: 1-12 [ 150.581046][ T6059] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 150.880391][ T6082] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 150.886457][ T6082] System zones: 1-12 [ 150.888585][ T6079] EXT4-fs (loop3): 1 truncate cleaned up [ 150.903265][ T6079] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 150.906868][ T6082] EXT4-fs (loop2): 1 truncate cleaned up [ 150.908980][ T6082] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 151.439070][ T4318] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 152.016111][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 153.460488][ T6144] loop4: detected capacity change from 0 to 512 [ 153.462256][ T6144] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 153.478054][ T6144] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 153.479648][ T6144] System zones: 1-12 [ 153.483652][ T6144] EXT4-fs (loop4): 1 truncate cleaned up [ 153.485811][ T6144] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 153.577769][ T6132] loop0: detected capacity change from 0 to 32768 [ 153.589219][ T6132] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 153.611427][ T47] Bluetooth: hci0: command 0x0406 tx timeout [ 153.611459][ T4328] Bluetooth: hci1: command 0x0406 tx timeout [ 153.613607][ T4328] Bluetooth: hci4: command 0x0406 tx timeout [ 153.614698][ T4328] Bluetooth: hci2: command 0x0406 tx timeout [ 153.615804][ T4328] Bluetooth: hci3: command 0x0406 tx timeout [ 154.818919][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 154.888103][ T4572] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 155.161528][ T6166] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 156.216857][ T6184] loop1: detected capacity change from 0 to 256 [ 156.255545][ T6184] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 157.302582][ T6190] loop4: detected capacity change from 0 to 512 [ 157.603934][ T6190] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 157.625810][ T6190] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 157.625857][ T6190] System zones: 1-12 [ 157.635196][ T6190] EXT4-fs (loop4): 1 truncate cleaned up [ 157.636222][ T6190] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 158.282230][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 159.031672][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 159.253338][ T6243] loop3: detected capacity change from 0 to 512 [ 159.284451][ T6243] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 159.287194][ T6243] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 159.288611][ T6243] System zones: 1-12 [ 159.600687][ T6243] EXT4-fs (loop3): 1 truncate cleaned up [ 159.601803][ T6243] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 160.239169][ T6262] loop0: detected capacity change from 0 to 512 [ 160.263013][ T6262] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 160.319774][ T6262] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 160.321288][ T6262] System zones: 1-12 [ 160.325211][ T6262] EXT4-fs (loop0): 1 truncate cleaned up [ 160.326312][ T6262] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 161.096851][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 162.145240][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 162.236083][ T6307] loop1: detected capacity change from 0 to 512 [ 162.237914][ T6307] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 162.249319][ T6307] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 162.258609][ T6307] System zones: 1-12 [ 162.261721][ T6307] EXT4-fs (loop1): 1 truncate cleaned up [ 162.263799][ T6307] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 163.346614][ T6332] netlink: 4 bytes leftover after parsing attributes in process `syz.0.448'. [ 163.761970][ T6337] loop4: detected capacity change from 0 to 512 [ 163.779474][ T6337] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 163.808074][ T6337] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 163.809517][ T6337] System zones: 1-12 [ 163.813104][ T6337] EXT4-fs (loop4): 1 truncate cleaned up [ 163.814117][ T6337] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 164.613643][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 165.367545][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 165.907189][ T6372] loop3: detected capacity change from 0 to 512 [ 165.909063][ T6372] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 165.959013][ T6372] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 165.960728][ T6372] System zones: 1-12 [ 165.967007][ T6372] EXT4-fs (loop3): 1 truncate cleaned up [ 165.968050][ T6372] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 166.144988][ T6380] loop2: detected capacity change from 0 to 512 [ 168.096669][ T6380] EXT4-fs (loop2): 1 truncate cleaned up [ 168.097659][ T6380] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 168.144742][ T6396] loop0: detected capacity change from 0 to 512 [ 168.153169][ T6396] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 168.192292][ T6396] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 168.193807][ T6396] System zones: 1-12 [ 168.195567][ T6396] EXT4-fs (loop0): 1 truncate cleaned up [ 168.196631][ T6396] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 168.523497][ T6400] loop1: detected capacity change from 0 to 512 [ 172.214355][ T6377] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 465: padding at end of block bitmap is not set [ 172.300530][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 172.313428][ T6400] EXT4-fs (loop1): 1 truncate cleaned up [ 172.314412][ T6400] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 172.406563][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 172.408275][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 172.497675][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 173.848846][ T6438] loop2: detected capacity change from 0 to 512 [ 173.855988][ T6438] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 173.878422][ T6438] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 173.882055][ T6438] System zones: 1-12 [ 173.895558][ T6438] EXT4-fs (loop2): 1 truncate cleaned up [ 173.896683][ T6438] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 173.924172][ T6444] loop4: detected capacity change from 0 to 512 [ 173.927516][ T6444] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 176.546639][ T6444] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 176.548092][ T6444] System zones: 1-12 [ 176.566374][ T6444] EXT4-fs (loop4): 1 truncate cleaned up [ 176.567333][ T6444] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 176.653716][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 177.295191][ T6464] loop0: detected capacity change from 0 to 8192 [ 177.556877][ T6464] loop0: p1 p2 p3 p4 [ 177.557665][ T6464] loop0: p1 size 51456 extends beyond EOD, truncated [ 177.559589][ T6464] loop0: p2 size 815620 extends beyond EOD, truncated [ 177.625411][ T6464] loop0: p3 start 36132 is beyond EOD, truncated [ 177.626412][ T6464] loop0: p4 start 167772160 is beyond EOD, truncated [ 178.243106][ T4318] udevd[4318]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 178.247595][ T4572] udevd[4572]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 178.945864][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 178.975428][ T6495] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 178.977768][ T6495] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 179.493890][ T6503] loop0: detected capacity change from 0 to 512 [ 180.460083][ T6503] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 180.470772][ T6503] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 180.472143][ T6503] System zones: 1-12 [ 180.483305][ T6503] EXT4-fs (loop0): 1 truncate cleaned up [ 180.484247][ T6503] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 180.844883][ T6515] loop2: detected capacity change from 0 to 512 [ 183.449988][ T6515] EXT4-fs (loop2): 1 truncate cleaned up [ 183.450994][ T6515] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 183.617641][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 183.638532][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 183.676778][ T6532] netlink: 36 bytes leftover after parsing attributes in process `syz.2.505'. [ 183.893441][ T6538] loop4: detected capacity change from 0 to 8192 [ 184.101336][ T6538] loop4: p1 p2 p3 p4 [ 184.102148][ T6538] loop4: p1 size 51456 extends beyond EOD, truncated [ 184.104898][ T6538] loop4: p2 size 815620 extends beyond EOD, truncated [ 184.106328][ T6538] loop4: p3 start 36132 is beyond EOD, truncated [ 184.107281][ T6538] loop4: p4 start 167772160 is beyond EOD, truncated [ 184.281318][ T6544] loop2: detected capacity change from 0 to 8192 [ 184.621658][ T6544] loop2: p1 p2 p3 p4 [ 184.622544][ T6544] loop2: p1 size 51456 extends beyond EOD, truncated [ 184.628552][ T6544] loop2: p2 size 815620 extends beyond EOD, truncated [ 184.630308][ T6544] loop2: p3 start 36132 is beyond EOD, truncated [ 184.631311][ T6544] loop2: p4 start 167772160 is beyond EOD, truncated [ 184.805931][ T3935] loop2: p1 p2 p3 p4 [ 184.808890][ T3935] loop2: p1 size 51456 extends beyond EOD, truncated [ 184.812592][ T3935] loop2: p2 size 815620 extends beyond EOD, truncated [ 184.870227][ T3935] loop2: p3 start 36132 is beyond EOD, truncated [ 184.871344][ T3935] loop2: p4 start 167772160 is beyond EOD, truncated [ 184.948600][ T6557] loop1: detected capacity change from 0 to 256 [ 184.954736][ T6557] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 185.393107][ T6563] loop2: detected capacity change from 0 to 8192 [ 185.431164][ T6563] loop2: p1 p2 p3 p4 [ 185.431924][ T6563] loop2: p1 size 51456 extends beyond EOD, truncated [ 185.433431][ T6563] loop2: p2 size 815620 extends beyond EOD, truncated [ 185.434894][ T6563] loop2: p3 start 36132 is beyond EOD, truncated [ 185.435985][ T6563] loop2: p4 start 167772160 is beyond EOD, truncated [ 185.848863][ T6572] loop0: detected capacity change from 0 to 512 [ 185.870628][ T6572] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 185.957155][ T4572] udevd[4572]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 185.983769][ T4316] udevd[4316]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 186.010957][ T6572] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 186.012340][ T6572] System zones: 1-12 [ 186.025529][ T6572] EXT4-fs (loop0): 1 truncate cleaned up [ 186.026615][ T6572] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 187.272896][ T6589] loop4: detected capacity change from 0 to 512 [ 187.287185][ T6589] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 187.292990][ T6589] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 187.294459][ T6589] System zones: 1-12 [ 187.295955][ T6589] EXT4-fs (loop4): 1 truncate cleaned up [ 187.296857][ T6589] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 187.370387][ T2061] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.371523][ T2061] ieee802154 phy1 wpan1: encryption failed: -22 [ 187.927107][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 188.056444][ T4316] udevd[4316]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 188.065578][ T4318] udevd[4318]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 188.199474][ T4318] udevd[4318]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 188.223069][ T4572] udevd[4572]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 188.244091][ T6603] netlink: 36 bytes leftover after parsing attributes in process `syz.1.526'. [ 188.302119][ T6599] loop0: detected capacity change from 0 to 32768 [ 188.315622][ T6599] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 188.370182][ T4314] I/O error, dev loop0, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 188.455030][ T4572] udevd[4572]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 188.513498][ T4316] udevd[4316]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 188.548457][ T4314] udevd[4314]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 188.557175][ T4316] udevd[4316]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 188.738854][ T6625] loop2: detected capacity change from 0 to 512 [ 188.744336][ T6625] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 188.839835][ T6625] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 188.841454][ T6625] System zones: 1-12 [ 188.842985][ T6625] EXT4-fs (loop2): 1 truncate cleaned up [ 188.844001][ T6625] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 189.636568][ T6638] netlink: 36 bytes leftover after parsing attributes in process `syz.0.538'. [ 189.797586][ T6642] loop3: detected capacity change from 0 to 256 [ 191.180949][ T6642] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 191.374326][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 191.496311][ T6651] loop1: detected capacity change from 0 to 512 [ 191.580166][ T6651] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 192.404744][ T6651] EXT4-fs (loop1): 1 truncate cleaned up [ 192.405708][ T6651] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 192.826606][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 193.427515][ T6661] loop2: detected capacity change from 0 to 32768 [ 193.774520][ T6661] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 193.776752][ T6661] BTRFS info (device loop2): using crc32c (crc32c-generic) checksum algorithm [ 193.780763][ T6661] BTRFS info (device loop2): setting nodatacow, compression disabled [ 193.785264][ T6661] BTRFS info (device loop2): disabling tree log [ 193.788506][ T6661] BTRFS info (device loop2): max_inline at 0 [ 193.789442][ T6661] BTRFS info (device loop2): using free space tree [ 193.805991][ T6678] netlink: 24 bytes leftover after parsing attributes in process `syz.0.551'. [ 193.903584][ T6694] loop0: detected capacity change from 0 to 512 [ 193.905280][ T6694] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 193.920934][ T6694] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 193.922290][ T6694] System zones: 1-12 [ 193.953115][ T6694] EXT4-fs (loop0): 1 truncate cleaned up [ 193.954142][ T6694] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 194.049514][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 195.701777][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 195.803170][ T6726] BTRFS info (device loop2): balance: start -d -m [ 195.805333][ T6726] BTRFS info (device loop2): relocating block group 6881280 flags data|metadata [ 195.816058][ T6726] BTRFS info (device loop2): relocating block group 5242880 flags data|metadata [ 195.934017][ T6726] BTRFS info (device loop2): found 10 extents, stage: move data extents [ 195.945481][ T6726] BTRFS info (device loop2): found 1 extents, stage: update data pointers [ 195.952743][ T6735] netlink: 36 bytes leftover after parsing attributes in process `syz.1.564'. [ 196.001673][ T6726] BTRFS info (device loop2): balance: ended with status: 0 [ 196.366917][ T4334] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 196.391012][ T6749] loop0: detected capacity change from 0 to 512 [ 196.396746][ T6749] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 196.403425][ T6749] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 196.404781][ T6749] System zones: 1-12 [ 196.810109][ T6749] EXT4-fs (loop0): 1 truncate cleaned up [ 196.811122][ T6749] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 197.056286][ T6762] loop2: detected capacity change from 0 to 512 [ 198.435793][ T6762] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 199.132314][ T6766] loop3: detected capacity change from 0 to 512 [ 199.148086][ T6766] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 199.176445][ T6766] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 199.177855][ T6766] System zones: 1-12 [ 199.184962][ T6766] EXT4-fs (loop3): 1 truncate cleaned up [ 199.185818][ T6766] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 200.900826][ T6762] EXT4-fs (loop2): 1 truncate cleaned up [ 200.901854][ T6762] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 200.944395][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 200.947601][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 200.949125][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 201.094661][ T6790] netlink: 36 bytes leftover after parsing attributes in process `syz.0.578'. [ 201.374240][ T6792] loop3: detected capacity change from 0 to 8192 [ 201.511291][ T6792] loop3: p1 p2 p3 p4 [ 201.512113][ T6792] loop3: p1 size 51456 extends beyond EOD, truncated [ 201.513573][ T6792] loop3: p2 size 815620 extends beyond EOD, truncated [ 201.525030][ T6792] loop3: p3 start 36132 is beyond EOD, truncated [ 201.526174][ T6792] loop3: p4 start 167772160 is beyond EOD, truncated [ 202.010002][ T6802] loop0: detected capacity change from 0 to 256 [ 202.067300][ T6802] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d) [ 202.405163][ T4316] udevd[4316]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 202.408685][ T4318] udevd[4318]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 202.652620][ T6814] loop2: detected capacity change from 0 to 256 [ 204.056771][ T6814] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 204.501595][ T6826] loop4: detected capacity change from 0 to 256 [ 204.898776][ T6826] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 205.387700][ T6827] loop0: detected capacity change from 0 to 512 [ 205.412525][ T6827] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 205.416212][ T6832] netlink: 36 bytes leftover after parsing attributes in process `syz.2.590'. [ 205.460774][ T6827] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 205.462100][ T6827] System zones: 1-12 [ 205.672812][ T6827] EXT4-fs (loop0): 1 truncate cleaned up [ 205.673770][ T6827] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 205.718276][ T6835] loop3: detected capacity change from 0 to 512 [ 205.739877][ T6835] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 205.755674][ T6842] bond1: option mode: unable to set because the bond device is up [ 205.757127][ T6841] loop1: detected capacity change from 0 to 1024 [ 205.758180][ T6835] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 205.758728][ T6841] EXT4-fs: Ignoring removed i_version option [ 205.759672][ T6835] System zones: [ 205.761766][ T6841] EXT4-fs: inline encryption not supported [ 205.765019][ T6841] EXT4-fs (loop1): Test dummy encryption mode enabled [ 205.777560][ T6835] 1-12 [ 205.778924][ T6835] EXT4-fs (loop3): 1 truncate cleaned up [ 205.787564][ T6835] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 206.196356][ T6841] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 207.050560][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 207.508154][ T6860] loop4: detected capacity change from 0 to 256 [ 207.597181][ T6860] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d) [ 207.716543][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 207.900032][ T6868] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 207.939259][ T6873] loop0: detected capacity change from 0 to 512 [ 207.950892][ T6873] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 207.961076][ T6873] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 207.962454][ T6873] System zones: 1-12 [ 207.970565][ T6873] EXT4-fs (loop0): 1 truncate cleaned up [ 207.971575][ T6873] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 208.192159][ T6881] netlink: 24 bytes leftover after parsing attributes in process `syz.4.603'. [ 208.322443][ T6884] netlink: 36 bytes leftover after parsing attributes in process `syz.4.604'. [ 209.177708][ T6891] loop4: detected capacity change from 0 to 8192 [ 209.668629][ T6902] loop2: detected capacity change from 0 to 512 [ 209.682523][ T6902] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 209.692899][ T6891] loop4: p1 p2 p3 p4 [ 209.693702][ T6891] loop4: p1 size 51456 extends beyond EOD, truncated [ 209.695172][ T6902] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 209.695264][ T6891] loop4: p2 size 815620 extends beyond EOD, truncated [ 209.696455][ T6902] System zones: 1-12 [ 209.698418][ T6891] loop4: p3 start 36132 is beyond EOD, truncated [ 209.699385][ T6891] loop4: p4 start 167772160 is beyond EOD, truncated [ 209.706793][ T6902] EXT4-fs (loop2): 1 truncate cleaned up [ 209.707750][ T6902] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 209.720083][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 211.113713][ T6917] loop0: detected capacity change from 0 to 256 [ 211.246716][ T6917] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d) [ 211.255914][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 211.343170][ T4316] udevd[4316]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 211.396673][ T4572] udevd[4572]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 211.496676][ T6926] loop2: detected capacity change from 0 to 256 [ 211.597711][ T6926] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d) [ 211.751562][ T6925] netlink: 36 bytes leftover after parsing attributes in process `syz.0.615'. [ 211.835920][ T6932] netlink: 24 bytes leftover after parsing attributes in process `syz.4.618'. [ 211.890914][ T6934] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 211.897005][ T6934] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 211.998643][ T6936] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 212.000448][ T6936] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 212.030548][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 212.243355][ T6940] loop1: detected capacity change from 0 to 256 [ 212.461413][ T6940] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d) [ 212.841037][ T6951] loop0: detected capacity change from 0 to 512 [ 212.848808][ T6951] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 212.864643][ T6951] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 212.866008][ T6951] System zones: 1-12 [ 212.890898][ T6951] EXT4-fs (loop0): 1 truncate cleaned up [ 212.899014][ T6951] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 213.649618][ T6961] loop1: detected capacity change from 0 to 8192 [ 213.792135][ T6963] loop3: detected capacity change from 0 to 512 [ 213.946489][ T6963] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 214.003232][ T6961] loop1: p1 p2 p3 p4 [ 214.004126][ T6961] loop1: p1 size 51456 extends beyond EOD, truncated [ 215.424235][ T6961] loop1: p2 size 815620 extends beyond EOD, truncated [ 215.428983][ T6961] loop1: p3 start 36132 is beyond EOD, truncated [ 215.430066][ T6961] loop1: p4 start 167772160 is beyond EOD, truncated [ 215.543293][ T6968] netlink: 36 bytes leftover after parsing attributes in process `syz.4.628'. [ 215.573007][ T6963] EXT4-fs (loop3): 1 truncate cleaned up [ 215.573997][ T6963] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 215.796529][ T4316] udevd[4316]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 215.804733][ T4572] udevd[4572]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 215.902740][ T4316] udevd[4316]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 215.984875][ T4572] udevd[4572]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 216.040950][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 216.047079][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 216.100874][ T6982] netlink: 24 bytes leftover after parsing attributes in process `syz.3.631'. [ 216.123735][ T6985] loop4: detected capacity change from 0 to 1024 [ 216.125181][ T6985] EXT4-fs: Ignoring removed i_version option [ 216.126199][ T6985] EXT4-fs: inline encryption not supported [ 216.139127][ T6985] EXT4-fs (loop4): Test dummy encryption mode enabled [ 216.145682][ T6985] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 216.222132][ T6991] loop0: detected capacity change from 0 to 512 [ 216.236464][ T6991] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 216.835034][ T6993] loop3: detected capacity change from 0 to 8192 [ 216.963666][ T6993] loop3: p1 p2 p3 p4 [ 216.964492][ T6993] loop3: p1 size 51456 extends beyond EOD, truncated [ 216.971229][ T6993] loop3: p2 size 815620 extends beyond EOD, truncated [ 216.972714][ T6993] loop3: p3 start 36132 is beyond EOD, truncated [ 216.973749][ T6993] loop3: p4 start 167772160 is beyond EOD, truncated [ 217.260162][ T6991] EXT4-fs (loop0): 1 truncate cleaned up [ 217.261319][ T6991] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 217.730508][ T3935] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 217.732334][ T3935] Buffer I/O error on dev loop3, logical block 0, async page read [ 217.733774][ T3935] ldm_validate_partition_table(): Disk read failed. [ 217.734868][ T3935] Dev loop3: unable to read RDB block 0 [ 217.735831][ T3935] loop3: unable to read partition table [ 217.736910][ T3935] loop3: partition table beyond EOD, truncated [ 217.858868][ T4318] udevd[4318]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 217.942960][ T6997] loop2: detected capacity change from 0 to 256 [ 218.040168][ T6997] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d) [ 218.246066][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 218.303294][ T4316] udevd[4316]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 218.835923][ T7007] loop2: detected capacity change from 0 to 512 [ 218.847505][ T7007] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 218.856946][ T7007] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 218.858459][ T7007] System zones: 1-12 [ 218.862882][ T7007] EXT4-fs (loop2): 1 truncate cleaned up [ 218.864004][ T7007] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 218.915228][ T7010] netlink: 36 bytes leftover after parsing attributes in process `syz.1.641'. [ 219.265586][ T7022] loop3: detected capacity change from 0 to 512 [ 219.277648][ T7022] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 219.542425][ T7022] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 219.544987][ T7022] System zones: 1-12 [ 219.548724][ T7022] EXT4-fs (loop3): 1 truncate cleaned up [ 219.553141][ T7022] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 220.492976][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 220.790343][ T7033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 220.791926][ T7033] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 220.911762][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 220.924244][ T7031] loop0: detected capacity change from 0 to 8192 [ 220.954876][ T7031] loop0: p1 p2 p3 p4 [ 220.955754][ T7031] loop0: p1 size 51456 extends beyond EOD, truncated [ 221.010812][ T7031] loop0: p2 size 815620 extends beyond EOD, truncated [ 221.012485][ T7031] loop0: p3 start 36132 is beyond EOD, truncated [ 221.013584][ T7031] loop0: p4 start 167772160 is beyond EOD, truncated [ 221.040049][ T7039] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 221.261457][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 221.833749][ T7054] netlink: 36 bytes leftover after parsing attributes in process `syz.3.653'. [ 222.328182][ T7065] loop2: detected capacity change from 0 to 512 [ 222.342231][ T7065] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 222.348168][ T7065] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 222.349731][ T7065] System zones: 1-12 [ 222.366305][ T7069] netlink: 24 bytes leftover after parsing attributes in process `syz.0.659'. [ 222.370882][ T7065] EXT4-fs (loop2): 1 truncate cleaned up [ 222.371824][ T7065] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 222.392266][ T7071] loop0: detected capacity change from 0 to 512 [ 222.448946][ T7071] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 222.453706][ T7071] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 222.455093][ T7071] System zones: 1-12 [ 222.461622][ T7071] EXT4-fs (loop0): 1 truncate cleaned up [ 222.462734][ T7071] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 223.042620][ T7081] loop4: detected capacity change from 0 to 256 [ 223.839825][ T7081] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d) [ 223.892730][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 224.053515][ T7087] loop0: detected capacity change from 0 to 1024 [ 224.055031][ T7087] EXT4-fs: Ignoring removed i_version option [ 224.056001][ T7087] EXT4-fs: inline encryption not supported [ 224.057359][ T7087] EXT4-fs (loop0): Test dummy encryption mode enabled [ 224.065043][ T7087] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 224.103023][ T7083] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 224.103569][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 224.247933][ T7099] loop3: detected capacity change from 0 to 512 [ 224.302262][ T7099] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 224.479344][ T7099] EXT4-fs (loop3): 1 truncate cleaned up [ 224.480463][ T7099] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 225.554539][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 225.605667][ T7113] netlink: 24 bytes leftover after parsing attributes in process `syz.1.672'. [ 225.667742][ T7116] loop1: detected capacity change from 0 to 512 [ 225.675285][ T7116] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 225.681864][ T7095] loop4: detected capacity change from 0 to 32768 [ 225.697507][ T7116] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 225.698973][ T7116] System zones: 1-12 [ 225.701570][ T7116] EXT4-fs (loop1): 1 truncate cleaned up [ 225.703260][ T7095] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.665 (7095) [ 225.705320][ T7116] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 225.743502][ T7095] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 225.746390][ T7095] BTRFS info (device loop4): using crc32c (crc32c-generic) checksum algorithm [ 225.753190][ T7095] BTRFS info (device loop4): setting nodatacow, compression disabled [ 225.754679][ T7095] BTRFS info (device loop4): disabling tree log [ 225.755800][ T7095] BTRFS info (device loop4): max_inline at 0 [ 225.756703][ T7095] BTRFS info (device loop4): using free space tree [ 226.874568][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 227.053380][ T7148] loop1: detected capacity change from 0 to 256 [ 227.066216][ T7148] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 228.088907][ T4325] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 229.108595][ T7166] loop4: detected capacity change from 0 to 1024 [ 229.110520][ T7166] EXT4-fs: Ignoring removed i_version option [ 229.111539][ T7166] EXT4-fs: inline encryption not supported [ 229.114846][ T7166] EXT4-fs (loop4): Test dummy encryption mode enabled [ 229.334391][ T7169] loop1: detected capacity change from 0 to 256 [ 230.480872][ T7166] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 230.485854][ T7169] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d) [ 230.512292][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 231.304033][ T7186] loop1: detected capacity change from 0 to 512 [ 231.309459][ T7186] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 231.316630][ T7186] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 231.318031][ T7186] System zones: 1-12 [ 231.319648][ T7186] EXT4-fs (loop1): 1 truncate cleaned up [ 231.325035][ T7186] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 232.847979][ T7193] loop4: detected capacity change from 0 to 32768 [ 232.860613][ T7193] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.688 (7193) [ 232.872362][ T7193] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 232.876369][ T7193] BTRFS info (device loop4): using crc32c (crc32c-generic) checksum algorithm [ 232.896644][ T7193] BTRFS info (device loop4): setting nodatacow, compression disabled [ 232.902622][ T7193] BTRFS info (device loop4): disabling tree log [ 232.908432][ T7193] BTRFS info (device loop4): max_inline at 0 [ 232.914583][ T7193] BTRFS info (device loop4): using free space tree [ 233.018670][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 233.114404][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 233.130434][ T7215] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 233.276755][ T7234] loop1: detected capacity change from 0 to 512 [ 233.307806][ T7234] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 234.168803][ T7245] loop3: detected capacity change from 0 to 1024 [ 234.170407][ T7245] EXT4-fs: Ignoring removed i_version option [ 234.171341][ T7245] EXT4-fs: inline encryption not supported [ 234.174237][ T7245] EXT4-fs (loop3): Test dummy encryption mode enabled [ 234.176118][ T7234] EXT4-fs (loop1): 1 truncate cleaned up [ 234.177149][ T7234] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 234.205131][ T7245] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 234.539678][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 234.565340][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 234.726497][ T4325] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 234.789521][ T7261] loop1: detected capacity change from 0 to 256 [ 234.821594][ T7261] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d) [ 235.618686][ T7270] loop3: detected capacity change from 0 to 512 [ 235.622656][ T7270] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 235.912622][ T7270] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 235.941166][ T7270] System zones: 1-12 [ 235.951783][ T7270] EXT4-fs (loop3): 1 truncate cleaned up [ 235.952837][ T7270] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 237.473957][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 237.643066][ T7296] loop3: detected capacity change from 0 to 256 [ 237.669772][ T7296] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 239.194619][ T7305] loop0: detected capacity change from 0 to 1024 [ 239.196031][ T7305] EXT4-fs: Ignoring removed i_version option [ 239.197053][ T7305] EXT4-fs: inline encryption not supported [ 239.204428][ T7305] EXT4-fs (loop0): Test dummy encryption mode enabled [ 239.224275][ T7305] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 239.874221][ T7315] loop3: detected capacity change from 0 to 256 [ 239.917398][ T7315] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d) [ 240.167825][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 240.775389][ T7311] loop4: detected capacity change from 0 to 32768 [ 240.780706][ T7311] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.711 (7311) [ 240.787855][ T7311] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 240.789684][ T7311] BTRFS info (device loop4): using crc32c (crc32c-generic) checksum algorithm [ 240.797516][ T7311] BTRFS info (device loop4): setting nodatacow, compression disabled [ 240.798837][ T7311] BTRFS info (device loop4): disabling tree log [ 240.799913][ T7311] BTRFS info (device loop4): max_inline at 0 [ 240.809389][ T7311] BTRFS info (device loop4): using free space tree [ 241.720111][ T7339] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 241.850335][ T7361] loop0: detected capacity change from 0 to 256 [ 241.930291][ T7361] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 243.407925][ T7370] loop3: detected capacity change from 0 to 256 [ 243.488181][ T7370] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d) [ 243.830036][ T4325] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 243.982745][ T7379] loop0: detected capacity change from 0 to 256 [ 244.199198][ T7379] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d) [ 244.722255][ T7395] loop4: detected capacity change from 0 to 256 [ 244.845583][ T7395] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d) [ 244.902415][ T47] block nbd3: Receive control failed (result -32) [ 244.930956][ T7380] block nbd3: shutting down sockets [ 245.020112][ T7396] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 245.178680][ T7401] loop0: detected capacity change from 0 to 256 [ 245.207533][ T7401] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 246.925316][ T7415] loop0: detected capacity change from 0 to 1024 [ 246.926710][ T7415] EXT4-fs: Ignoring removed i_version option [ 246.927675][ T7415] EXT4-fs: inline encryption not supported [ 246.965162][ T7415] EXT4-fs (loop0): Test dummy encryption mode enabled [ 247.069122][ T7415] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 248.791163][ T7429] loop1: detected capacity change from 0 to 256 [ 248.810941][ T2061] ieee802154 phy0 wpan0: encryption failed: -22 [ 248.812095][ T2061] ieee802154 phy1 wpan1: encryption failed: -22 [ 248.909236][ T7429] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d) [ 249.076407][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 249.113856][ T7433] 8021q: adding VLAN 0 to HW filter on device bond2 [ 249.763582][ T7442] loop2: detected capacity change from 0 to 8192 [ 250.058046][ T7442] loop2: p1 p2 p3 p4 [ 250.058922][ T7442] loop2: p1 size 51456 extends beyond EOD, truncated [ 250.060362][ T7442] loop2: p2 size 815620 extends beyond EOD, truncated [ 250.061695][ T7442] loop2: p3 start 36132 is beyond EOD, truncated [ 250.062773][ T7442] loop2: p4 start 167772160 is beyond EOD, truncated [ 250.132127][ T4572] udevd[4572]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 250.134958][ T4318] udevd[4318]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 250.249573][ T7458] loop2: detected capacity change from 0 to 512 [ 250.648156][ T7458] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 252.579900][ T7448] block nbd0: shutting down sockets [ 252.632036][ T7458] EXT4-fs (loop2): 1 truncate cleaned up [ 252.633089][ T7458] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 252.642052][ T7460] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 252.752783][ T7464] loop1: detected capacity change from 0 to 512 [ 252.754543][ T7464] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 252.791310][ T7464] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 252.792746][ T7464] System zones: 1-12 [ 252.794789][ T7464] EXT4-fs (loop1): 1 truncate cleaned up [ 252.795969][ T7464] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 252.959883][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 253.455829][ T7477] loop2: detected capacity change from 0 to 1024 [ 253.457477][ T7477] EXT4-fs: Ignoring removed i_version option [ 253.458509][ T7477] EXT4-fs: inline encryption not supported [ 253.460915][ T7477] EXT4-fs (loop2): Test dummy encryption mode enabled [ 253.474386][ T7477] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 253.488834][ T7483] loop0: detected capacity change from 0 to 512 [ 253.496417][ T7483] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 253.509514][ T7483] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 253.511729][ T7483] System zones: 1-12 [ 253.514629][ T7483] EXT4-fs (loop0): 1 truncate cleaned up [ 253.515965][ T7483] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 254.246575][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 254.418036][ T7491] 8021q: adding VLAN 0 to HW filter on device bond3 [ 256.203244][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 258.599145][ T7536] loop0: detected capacity change from 0 to 1024 [ 258.600659][ T7536] EXT4-fs: Ignoring removed i_version option [ 258.601599][ T7536] EXT4-fs: inline encryption not supported [ 258.602884][ T7536] EXT4-fs (loop0): Test dummy encryption mode enabled [ 258.627605][ T7536] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 258.630070][ T7537] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 258.941791][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 259.819688][ T7556] loop2: detected capacity change from 0 to 512 [ 259.874011][ T7556] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 259.881650][ T7556] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 259.883138][ T7556] System zones: 1-12 [ 259.886284][ T7556] EXT4-fs (loop2): 1 truncate cleaned up [ 259.889500][ T7556] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 261.943447][ T7574] loop0: detected capacity change from 0 to 512 [ 262.112697][ T7575] loop4: detected capacity change from 0 to 512 [ 266.880132][ T7574] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 266.880137][ T7575] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 266.881544][ T7575] EXT4-fs: failed to create workqueue [ 266.884150][ T7575] EXT4-fs (loop4): mount failed [ 266.900716][ T7574] EXT4-fs: failed to create workqueue [ 266.901596][ T7574] EXT4-fs (loop0): mount failed [ 267.436829][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 267.437184][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 267.608037][ T7601] loop2: detected capacity change from 0 to 1024 [ 267.609560][ T7601] EXT4-fs: Ignoring removed i_version option [ 267.610703][ T7601] EXT4-fs: inline encryption not supported [ 267.613026][ T7601] EXT4-fs (loop2): Test dummy encryption mode enabled [ 267.616727][ T7601] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 267.690220][ T7606] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 268.184815][ T47] block nbd3: Receive control failed (result -32) [ 268.189240][ T7589] block nbd3: shutting down sockets [ 268.323227][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 269.243640][ T7631] loop1: detected capacity change from 0 to 512 [ 269.255605][ T7633] loop2: detected capacity change from 0 to 512 [ 269.269567][ T7633] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 269.310073][ T7631] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 269.328693][ T7633] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 269.330074][ T7633] System zones: 1-12 [ 269.331652][ T7631] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 269.332934][ T7631] System zones: 1-12 [ 269.334926][ T7633] EXT4-fs (loop2): 1 truncate cleaned up [ 269.335826][ T7633] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 269.344329][ T7631] EXT4-fs (loop1): 1 truncate cleaned up [ 269.345291][ T7631] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 272.339234][ T7639] block nbd3: shutting down sockets [ 272.360447][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 272.402748][ T7648] device syzkaller0 entered promiscuous mode [ 272.409337][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 273.902434][ T7667] loop3: detected capacity change from 0 to 1024 [ 273.903941][ T7667] EXT4-fs: Ignoring removed i_version option [ 273.904886][ T7667] EXT4-fs: inline encryption not supported [ 273.911779][ T7667] EXT4-fs (loop3): Test dummy encryption mode enabled [ 273.927530][ T7667] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 274.018073][ T7661] netlink: 36 bytes leftover after parsing attributes in process `syz.2.798'. [ 274.832926][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 274.855873][ T7686] loop1: detected capacity change from 0 to 512 [ 274.862503][ T7686] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 274.866536][ T7686] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 274.867875][ T7686] System zones: 1-12 [ 274.869598][ T7686] EXT4-fs (loop1): 1 truncate cleaned up [ 274.870888][ T7688] loop3: detected capacity change from 0 to 512 [ 274.870972][ T7686] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 274.876899][ T7688] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 274.932027][ T7688] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 274.933589][ T7688] System zones: 1-12 [ 274.939903][ T7688] EXT4-fs (loop3): 1 truncate cleaned up [ 274.965855][ T7688] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 276.194873][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 276.295204][ T7705] loop2: detected capacity change from 0 to 256 [ 276.779228][ T7705] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 277.637223][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 278.086624][ T7722] netlink: 36 bytes leftover after parsing attributes in process `syz.2.813'. [ 278.604987][ T7732] loop2: detected capacity change from 0 to 1024 [ 278.610847][ T7732] EXT4-fs: Ignoring removed i_version option [ 278.612169][ T7732] EXT4-fs: inline encryption not supported [ 278.856607][ T7735] loop4: detected capacity change from 0 to 256 [ 278.870688][ T7732] EXT4-fs (loop2): Test dummy encryption mode enabled [ 278.887893][ T7735] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 278.906310][ T7732] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 279.458001][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 279.502269][ T7745] syz.2.820 uses obsolete (PF_INET,SOCK_PACKET) [ 279.516742][ T7747] loop0: detected capacity change from 0 to 512 [ 279.518500][ T7747] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 279.522546][ T7747] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 279.523861][ T7747] System zones: 1-12 [ 279.525287][ T7747] EXT4-fs (loop0): 1 truncate cleaned up [ 279.526217][ T7747] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 279.528353][ T7749] loop4: detected capacity change from 0 to 512 [ 279.547742][ T7749] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 279.557571][ T7749] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 279.559002][ T7749] System zones: 1-12 [ 279.561688][ T7749] EXT4-fs (loop4): 1 truncate cleaned up [ 279.564211][ T7749] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 279.646280][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 282.731658][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 282.739742][ T7768] netlink: 36 bytes leftover after parsing attributes in process `syz.1.826'. [ 285.479778][ T7797] loop1: detected capacity change from 0 to 1024 [ 285.481819][ T7797] EXT4-fs: Ignoring removed i_version option [ 285.482806][ T7797] EXT4-fs: inline encryption not supported [ 285.486403][ T7797] EXT4-fs (loop1): Test dummy encryption mode enabled [ 285.523096][ T7797] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 286.536987][ T7804] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 286.550557][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 286.744444][ T7811] loop4: detected capacity change from 0 to 512 [ 286.749203][ T7811] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 286.786949][ T7814] loop1: detected capacity change from 0 to 512 [ 286.793420][ T7816] netlink: 36 bytes leftover after parsing attributes in process `syz.3.839'. [ 286.796215][ T7811] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 286.797512][ T7811] System zones: 1-12 [ 286.828133][ T7814] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 286.833883][ T7811] EXT4-fs (loop4): 1 truncate cleaned up [ 286.834821][ T7811] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 286.906732][ T7814] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 286.908122][ T7814] System zones: 1-12 [ 286.911121][ T7814] EXT4-fs (loop1): 1 truncate cleaned up [ 286.912038][ T7814] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 291.833174][ T4325] EXT4-fs (loop4): unmounting filesystem. [ 291.838734][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 292.189785][ T7838] loop1: detected capacity change from 0 to 512 [ 292.198924][ T7838] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 292.204338][ T7838] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 292.204368][ T7838] System zones: 1-12 [ 292.209348][ T7838] EXT4-fs (loop1): 1 truncate cleaned up [ 292.209360][ T7838] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 295.441839][ T7862] netlink: 36 bytes leftover after parsing attributes in process `syz.0.851'. [ 296.448850][ T7864] loop2: detected capacity change from 0 to 1024 [ 296.452412][ T7864] EXT4-fs: Ignoring removed i_version option [ 296.453553][ T7864] EXT4-fs: inline encryption not supported [ 296.456454][ T7864] EXT4-fs (loop2): Test dummy encryption mode enabled [ 296.973653][ T7864] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 297.102315][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 297.167328][ T7871] loop3: detected capacity change from 0 to 512 [ 297.259460][ T7871] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 297.405401][ T4334] EXT4-fs (loop2): unmounting filesystem. [ 297.558544][ T7871] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 297.560613][ T7871] System zones: 1-12 [ 297.595348][ T7871] EXT4-fs (loop3): 1 truncate cleaned up [ 297.600623][ T7871] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 297.713720][ T7882] loop1: detected capacity change from 0 to 512 [ 297.732515][ T7882] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 298.032800][ T7882] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 298.034214][ T7882] System zones: 1-12 [ 298.048001][ T7882] EXT4-fs (loop1): 1 truncate cleaned up [ 298.048977][ T7882] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 300.856572][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 300.880089][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 300.900902][ T7902] netlink: 8 bytes leftover after parsing attributes in process `syz.3.860'. [ 300.921701][ T7902] 8021q: adding VLAN 0 to HW filter on device bond3 [ 302.326339][ T7922] netlink: 36 bytes leftover after parsing attributes in process `syz.3.868'. [ 303.114363][ T7931] loop1: detected capacity change from 0 to 1024 [ 303.115906][ T7931] EXT4-fs: Ignoring removed i_version option [ 303.116919][ T7931] EXT4-fs: inline encryption not supported [ 304.361363][ T7931] EXT4-fs (loop1): Test dummy encryption mode enabled [ 305.083334][ T7931] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 305.249178][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 305.262218][ T7930] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 305.287130][ T7939] loop3: detected capacity change from 0 to 512 [ 305.356881][ T7939] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 305.360715][ T7939] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 305.363512][ T7939] System zones: 1-12 [ 305.388482][ T7939] EXT4-fs (loop3): 1 truncate cleaned up [ 305.389424][ T7939] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 305.401348][ T7930] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 305.670071][ T7951] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 305.755233][ T7930] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 306.084692][ T7930] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 306.239602][ T7930] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 306.243500][ T7930] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 306.246870][ T7930] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 306.250262][ T7930] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.143825][ T7982] loop0: detected capacity change from 0 to 512 [ 308.470635][ T7982] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 309.099788][ T7982] EXT4-fs (loop0): 1 truncate cleaned up [ 309.100935][ T7982] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 309.421603][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 309.885553][ T8004] loop0: detected capacity change from 0 to 512 [ 309.889371][ T8004] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 309.981370][ T8004] EXT4-fs (loop0): 1 truncate cleaned up [ 309.982448][ T8004] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 310.261650][ T2061] ieee802154 phy0 wpan0: encryption failed: -22 [ 310.263266][ T2061] ieee802154 phy1 wpan1: encryption failed: -22 [ 311.063334][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 311.762892][ T8018] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 312.193206][ T8026] sch_tbf: burst 1023 is lower than device lo mtu (65550) ! [ 312.916742][ T8037] loop1: detected capacity change from 0 to 512 [ 313.038455][ T8037] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 313.473137][ T8037] EXT4-fs (loop1): 1 truncate cleaned up [ 313.474250][ T8037] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 313.975015][ T47] block nbd0: Receive control failed (result -32) [ 314.041128][ T8027] block nbd0: shutting down sockets [ 314.144687][ T8044] loop0: detected capacity change from 0 to 512 [ 314.171180][ T8044] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 314.177436][ T8044] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 314.178721][ T8044] System zones: 1-12 [ 314.190301][ T8044] EXT4-fs (loop0): 1 truncate cleaned up [ 314.191288][ T8044] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 314.268232][ T4324] EXT4-fs (loop1): unmounting filesystem. [ 315.345894][ T4329] EXT4-fs (loop0): unmounting filesystem. [ 315.411012][ T8068] ================================================================== [ 315.412358][ T8068] BUG: KASAN: use-after-free in dvb_device_open+0xd4/0x388 [ 315.413494][ T8068] Read of size 8 at addr ffff0000cad06618 by task syz.4.901/8068 [ 315.414764][ T8068] [ 315.415179][ T8068] CPU: 0 PID: 8068 Comm: syz.4.901 Not tainted syzkaller #0 [ 315.416436][ T8068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 315.418119][ T8068] Call trace: [ 315.418655][ T8068] dump_backtrace+0x1c0/0x1ec [ 315.419483][ T8068] show_stack+0x2c/0x3c [ 315.420268][ T8068] __dump_stack+0x30/0x40 [ 315.420999][ T8068] dump_stack_lvl+0xf4/0x15c [ 315.421753][ T8068] print_address_description+0x88/0x218 [ 315.422652][ T8068] print_report+0x50/0x68 [ 315.423338][ T8068] kasan_report+0xa8/0xfc [ 315.424034][ T8068] __asan_report_load8_noabort+0x2c/0x38 [ 315.424975][ T8068] dvb_device_open+0xd4/0x388 [ 315.425736][ T8068] chrdev_open+0x3d4/0x518 [ 315.426490][ T8068] do_dentry_open+0x72c/0xf98 [ 315.427278][ T8068] vfs_open+0x7c/0x90 [ 315.427913][ T8068] path_openat+0x1f8c/0x26bc [ 315.428647][ T8068] do_filp_open+0x194/0x384 [ 315.429378][ T8068] do_sys_openat2+0x134/0x3f4 [ 315.430205][ T8068] __arm64_sys_openat+0x118/0x14c [ 315.430972][ T8068] invoke_syscall+0x98/0x2b4 [ 315.431703][ T8068] el0_svc_common+0x138/0x258 [ 315.432475][ T8068] do_el0_svc+0x58/0x130 [ 315.433179][ T8068] el0_svc+0x58/0x128 [ 315.433781][ T8068] el0t_64_sync_handler+0x84/0xf0 [ 315.434530][ T8068] el0t_64_sync+0x18c/0x190 [ 315.435212][ T8068] [ 315.435576][ T8068] Allocated by task 1: [ 315.436261][ T8068] kasan_set_track+0x4c/0x80 [ 315.437003][ T8068] kasan_save_alloc_info+0x24/0x30 [ 315.437828][ T8068] __kasan_kmalloc+0xa0/0xb8 [ 315.438598][ T8068] kmalloc_trace+0x7c/0x94 [ 315.439353][ T8068] dvb_register_device+0x1a0/0x17a8 [ 315.440179][ T8068] dvb_register_frontend+0x4c0/0x720 [ 315.441060][ T8068] vidtv_bridge_probe+0x9ac/0xe34 [ 315.441923][ T8068] platform_probe+0x13c/0x1b4 [ 315.442682][ T8068] really_probe+0x39c/0xacc [ 315.443398][ T8068] __driver_probe_device+0x180/0x310 [ 315.444240][ T8068] driver_probe_device+0x78/0x324 [ 315.445004][ T8068] __driver_attach+0x3bc/0x60c [ 315.445718][ T8068] bus_for_each_dev+0x148/0x1d0 [ 315.446476][ T8068] driver_attach+0x4c/0x5c [ 315.447176][ T8068] bus_add_driver+0x2d8/0x554 [ 315.447910][ T8068] driver_register+0x200/0x378 [ 315.448707][ T8068] __platform_driver_register+0x6c/0x80 [ 315.449578][ T8068] vidtv_bridge_init+0x4c/0x8c [ 315.450308][ T8068] do_one_initcall+0x278/0x9e0 [ 315.451005][ T8068] do_initcall_level+0x154/0x214 [ 315.451772][ T8068] do_initcalls+0x58/0xac [ 315.452418][ T8068] do_basic_setup+0x8c/0xa0 [ 315.453138][ T8068] kernel_init_freeable+0x35c/0x4f0 [ 315.453938][ T8068] kernel_init+0x24/0x1d8 [ 315.454606][ T8068] ret_from_fork+0x10/0x20 [ 315.455289][ T8068] [ 315.455639][ T8068] Freed by task 8018: [ 315.456234][ T8068] kasan_set_track+0x4c/0x80 [ 315.456931][ T8068] kasan_save_free_info+0x38/0x5c [ 315.457756][ T8068] ____kasan_slab_free+0x148/0x1b0 [ 315.458620][ T8068] __kasan_slab_free+0x18/0x28 [ 315.459368][ T8068] slab_free_freelist_hook+0x16c/0x1e8 [ 315.460199][ T8068] __kmem_cache_free+0xbc/0x218 [ 315.460957][ T8068] kfree+0xd0/0x1a8 [ 315.461539][ T8068] dvb_device_open+0x2dc/0x388 [ 315.462283][ T8068] chrdev_open+0x3d4/0x518 [ 315.463022][ T8068] do_dentry_open+0x72c/0xf98 [ 315.463752][ T8068] vfs_open+0x7c/0x90 [ 315.464438][ T8068] path_openat+0x1f8c/0x26bc [ 315.465153][ T8068] do_filp_open+0x194/0x384 [ 315.465883][ T8068] do_sys_openat2+0x134/0x3f4 [ 315.466576][ T8068] __arm64_sys_openat+0x118/0x14c [ 315.467346][ T8068] invoke_syscall+0x98/0x2b4 [ 315.468180][ T8068] el0_svc_common+0x138/0x258 [ 315.468983][ T8068] do_el0_svc+0x58/0x130 [ 315.469695][ T8068] el0_svc+0x58/0x128 [ 315.470297][ T8068] el0t_64_sync_handler+0x84/0xf0 [ 315.471054][ T8068] el0t_64_sync+0x18c/0x190 [ 315.471784][ T8068] [ 315.472139][ T8068] The buggy address belongs to the object at ffff0000cad06600 [ 315.472139][ T8068] which belongs to the cache kmalloc-256 of size 256 [ 315.474302][ T8068] The buggy address is located 24 bytes inside of [ 315.474302][ T8068] 256-byte region [ffff0000cad06600, ffff0000cad06700) [ 315.476337][ T8068] [ 315.476728][ T8068] The buggy address belongs to the physical page: [ 315.477748][ T8068] page:0000000026911a55 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10ad06 [ 315.479459][ T8068] head:0000000026911a55 order:1 compound_mapcount:0 compound_pincount:0 [ 315.480781][ T8068] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff) [ 315.482142][ T8068] raw: 05ffc00000010200 fffffc000343a800 dead000000000004 ffff0000c0002480 [ 315.483563][ T8068] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 315.484971][ T8068] page dumped because: kasan: bad access detected [ 315.485998][ T8068] [ 315.486383][ T8068] Memory state around the buggy address: [ 315.487296][ T8068] ffff0000cad06500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 315.488509][ T8068] ffff0000cad06580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 315.489676][ T8068] >ffff0000cad06600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 315.490840][ T8068] ^ [ 315.491550][ T8068] ffff0000cad06680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 315.492799][ T8068] ffff0000cad06700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 315.494032][ T8068] ================================================================== [ 315.498239][ T8068] Disabling lock debugging due to kernel taint [ 315.499181][ T8068] ------------[ cut here ]------------ [ 315.500102][ T8068] refcount_t: addition on 0; use-after-free. [ 315.501238][ T8068] WARNING: CPU: 0 PID: 8068 at lib/refcount.c:25 refcount_warn_saturate+0x134/0x1f8 [ 315.502800][ T8068] Modules linked in: [ 315.503439][ T8068] CPU: 0 PID: 8068 Comm: syz.4.901 Tainted: G B syzkaller #0 [ 315.504868][ T8068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 315.506413][ T8068] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 315.507615][ T8068] pc : refcount_warn_saturate+0x134/0x1f8 [ 315.508534][ T8068] lr : refcount_warn_saturate+0x134/0x1f8 [ 315.509504][ T8068] sp : ffff8000219e75c0 [ 315.510214][ T8068] x29: ffff8000219e75c0 x28: ffff0000db579ba8 x27: dfff800000000000 [ 315.511591][ T8068] x26: ffff0000d3444400 x25: dfff800000000000 x24: 1fffe000195a0cc3 [ 315.512940][ T8068] x23: 0000000000000000 x22: ffff0000cad06610 x21: ffff0000d2ebba10 [ 315.514322][ T8068] x20: ffff0000cad06610 x19: ffff800017beb000 x18: ffff800011b9bf60 [ 315.515698][ T8068] x17: 1fffe00033ea637e x16: ffff80000804309c x15: 0000000040000000 [ 315.517023][ T8068] x14: 0000000000000001 x13: 1fffe00033ea8a30 x12: 0000000000ff0100 [ 315.518423][ T8068] x11: ff00800008048348 x10: 0000000040000002 x9 : 2e30a223d53f9d00 [ 315.519865][ T8068] x8 : 2e30a223d53f9d00 x7 : 0000000000000004 x6 : ffff800008257aa0 [ 315.521201][ T8068] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 315.522541][ T8068] x2 : ffff8000219e7160 x1 : 0000000000000000 x0 : ffff800008257b34 [ 315.523854][ T8068] Call trace: [ 315.524359][ T8068] refcount_warn_saturate+0x134/0x1f8 [ 315.525188][ T8068] dvb_device_open+0x328/0x388 [ 315.525936][ T8068] chrdev_open+0x3d4/0x518 [ 315.526647][ T8068] do_dentry_open+0x72c/0xf98 [ 315.527378][ T8068] vfs_open+0x7c/0x90 [ 315.528064][ T8068] path_openat+0x1f8c/0x26bc [ 315.528840][ T8068] do_filp_open+0x194/0x384 [ 315.529493][ T8068] do_sys_openat2+0x134/0x3f4 [ 315.530210][ T8068] __arm64_sys_openat+0x118/0x14c [ 315.530920][ T8068] invoke_syscall+0x98/0x2b4 [ 315.531643][ T8068] el0_svc_common+0x138/0x258 [ 315.532334][ T8068] do_el0_svc+0x58/0x130 [ 315.532952][ T8068] el0_svc+0x58/0x128 [ 315.533550][ T8068] el0t_64_sync_handler+0x84/0xf0 [ 315.534356][ T8068] el0t_64_sync+0x18c/0x190 [ 315.535116][ T8068] irq event stamp: 259 [ 315.535777][ T8068] hardirqs last enabled at (259): [] finish_lock_switch+0xb0/0x1c4 [ 315.537385][ T8068] hardirqs last disabled at (258): [] __schedule+0x298/0x1b0c [ 315.538913][ T8068] softirqs last enabled at (190): [] local_bh_enable+0x10/0x34 [ 315.540448][ T8068] softirqs last disabled at (188): [] local_bh_disable+0x10/0x34 [ 315.541968][ T8068] ---[ end trace 0000000000000000 ]--- [ 315.548547][ T4335] EXT4-fs (loop3): unmounting filesystem. [ 316.036349][ T8062] ------------[ cut here ]------------ [ 316.037243][ T8062] refcount_t: underflow; use-after-free. [ 316.038311][ T8062] WARNING: CPU: 0 PID: 8062 at lib/refcount.c:28 refcount_warn_saturate+0x154/0x1f8 [ 316.039768][ T8062] Modules linked in: [ 316.040442][ T8062] CPU: 0 PID: 8062 Comm: syz.4.901 Tainted: G B W syzkaller #0 [ 316.041866][ T8062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 316.043357][ T8062] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 316.044674][ T8062] pc : refcount_warn_saturate+0x154/0x1f8 [ 316.045631][ T8062] lr : refcount_warn_saturate+0x154/0x1f8 [ 316.046615][ T8062] sp : ffff8000219f79b0 [ 316.047290][ T8062] x29: ffff8000219f79b0 x28: ffff0000cf9d8a48 x27: 1fffe0001b6af375 [ 316.048551][ T8062] x26: 0000000100000642 x25: ffff0000d258e000 x24: ffff0000cad06600 [ 316.049847][ T8062] x23: dfff800000000000 x22: ffff0000d258e320 x21: 00000000c0000000 [ 316.050988][ T8062] x20: ffff0000cad06610 x19: ffff800017beb000 x18: 0000000000000000 [ 316.052223][ T8062] x17: 0000000000000000 x16: ffff80000804309c x15: 0000000000000000 [ 316.053501][ T8062] x14: 0000000000000001 x13: 1fffe00033ea63a3 x12: 0000000000ff0100 [ 316.054800][ T8062] x11: ff00800008194250 x10: 0000000000000000 x9 : b545963be7041e00 [ 316.056176][ T8062] x8 : b545963be7041e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 316.057508][ T8062] x5 : ffff8000219f7438 x4 : ffff800015304cc0 x3 : ffff8000085389e4 [ 316.058867][ T8062] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000 [ 316.060153][ T8062] Call trace: [ 316.060681][ T8062] refcount_warn_saturate+0x154/0x1f8 [ 316.061448][ T8062] dvb_generic_release+0x16c/0x1e0 [ 316.062166][ T8062] dvb_frontend_release+0x114/0x400 [ 316.062996][ T8062] __fput+0x1bc/0x7b8 [ 316.063626][ T8062] ____fput+0x20/0x30 [ 316.064308][ T8062] task_work_run+0x1ec/0x278 [ 316.065067][ T8062] do_notify_resume+0x1fa0/0x2aa4 [ 316.065899][ T8062] el0_svc+0x98/0x128 [ 316.066507][ T8062] el0t_64_sync_handler+0x84/0xf0 [ 316.067296][ T8062] el0t_64_sync+0x18c/0x190 [ 316.067993][ T8062] irq event stamp: 6506 [ 316.068625][ T8062] hardirqs last enabled at (6505): [] _raw_spin_unlock_irqrestore+0x48/0xac [ 316.070119][ T8062] hardirqs last disabled at (6506): [] __schedule+0x298/0x1b0c [ 316.071472][ T8062] softirqs last enabled at (6458): [] local_bh_enable+0x10/0x34 [ 316.072985][ T8062] softirqs last disabled at (6456): [] local_bh_disable+0x10/0x34 [ 316.074444][ T8062] ---[ end trace 0000000000000000 ]---