last executing test programs: 2m49.595646654s ago: executing program 2 (id=487): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8c8}, 0x20004804) 2m49.515244734s ago: executing program 2 (id=492): r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup(r0) r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$int_in(r2, 0x40000000af01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000340)) r3 = dup(r1) ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000000)={0x1, r3}) ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f00000001c0)=0x304008000) ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f00000003c0)={0x1, r1}) 2m49.449710173s ago: executing program 2 (id=495): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000004200)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000037a9405c0b33b761000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc6070000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea21056000000000000000000000000000000000000000000000000002200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bf0e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ddff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x20, 0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x80000, 0x0) io_setup(0x2, &(0x7f0000000200)=0x0) syz_fuse_handle_req(r0, &(0x7f0000006380)="3260e0535984da95182f34643e8a3b1443f4a18e3943cd21e899bda2b637a6f46031c02a8e8f4f91a97624891f9bf5e1aa78062799d30228d6cef1e2598d6a58af01da29250e1ae76e56c90a54ced074b4cb060d4474007fc4097cc003a7797f0327ca44e310d032987c35badc7bd056e3adc50ca21c28eddda0dc26c865805537544daf47ec87c8dc0f190c569218f12ebb812783359d85e7d08ea8cfdae07b27780055009f3df645a3e2413c3246d93ccc44a1a97b6e575be04e48ff5cdce2a3ed77b5abd2fae8612221879d22edabf2de3e6bf48df833c3b57a5c02b7adf19edd8621a82bab627d6326146dab23f65b3d96f8a53aed852af765073f7eeff1356e78ac2dba44b7e7b72c5dff464b84de55162cea10aa9160bdb6c9e187ecd937b940da20024ff40f2c719af2249123eb15386fe2736048259e05bae4db02a55c78d67ae4a7132a1e1af80831dd02ee4a667d8deedcfa7fb5f7409ee7dcd04d38083e134eb91b187721154b6d53cdcfd5995bfd412b858a0f6d4f111777a1a6a1360ecee595ebac27f245493eb34062e0c46b86df80ba6faa4cfb06253649a938e8a7008846fe3f1ad869207ddc0407e71f49b98b296a510b0fc2f75dc4b9c364377a11961d61b9b34cd2fa7439000ac244b64189e06d13db0a7c8d31cc95e5bab828d4c942751cd751b2158711a9aa639083d07f45984811a703980f20e5ff8d34cbed55e8f96c8aa7cb167bfcb099233beb47ebc7ec10114893cac365e19c269ceed2c394ed016934bd87a7deb77f248f79ffcebbea54c97004f8a5b2464010ba79e932f320d6cbf3e2476393df09a0d1819d19fd31bd46fe0cdf8773f2354f2bbad711c87113aeea5c7f2822f01441da9678571cda03b234c3cb8313482e0095c3e98d90bc2f0034f76fad0d584b1fa75ea8a1e8bec27b19d59ed7a90bef63bbee9094f96829c674574fd5f5aafe743ff6ec7489c6c34997996dc8f65c082eb1642dca5c5c02cd41ca9e722d1b9d7029431d2dbe0a3e5a90739b5ff48f385f0ff3fe2d10a84923f517d3204abec4a13ce0ac0a67c85dec65fa82f0678cd12263e5846fbd3bdeecf4e93fcb55f921ccd2d67568c440544dd8f0cb7358de53869bf09619e5b04d3333d031ecb010d47a6407e260bbc8b1b6e390c03f54cf555cabb1212a7a1d68b7ef8471a4c9a8a17da6b31e2320784acd31fb22c653851478187eaf575db51975725b0c25d3f7d18a6558a4e7bc5ad1d065b43e0615fc28ce82b4b77ba711ea3024cfb5ef153733433905a65cedd9e2cd05eedb4bafb2b4c4f5224250b412dcdc7321077cd9975656e148dc6d8f781e2106133e2ba643e206b25344a590a13de45fe206c195c531a189afa55950e66b701d52e21614d4bcd37ff829b2196b32319fdab24f9f576ffdca96d27fe87f53961efb3d0969f3f7ac483c68f308a7e2355686775ff46e74f16c1c71aeda0e47eeaeeb460384195d5846e46c93ca7ef3a11fd264057363a0973ddc7a7787f98c57afc001fd8196cb8ca339d025d6d79f0369f917d1e8fe32e5e07b3166c3c22f10bb88949189c836d6489309071d8c02f29948771e76eca94f635f6977436ec662083c1f72076f1d6d79381b38d5bdc3068eec5b1cbe9420b84781827265fbda5a341c7467365547eebc2237997dc3a4d5b04d526f2ab9528645923b40827258dbe952a87a6f0ee78110b95aa5dfa227097e853c611cba85bd9c2aaa6180945472a82a661909c3c6c765723c36157fe79f678dffef6e60f36432279a1170dbe64b073eb15b5a8fba2beb5b2acce71245c7ee6dd133b3676737a234b1f1b9ccf179cec34e6ebbfd9c26559ae6cd0adcdb89b94d5e741e2289879c63122b9d09d88414bb325894acc2b08b3c0a8a1fd11c816f82e04bbc4638086c504338ed33c405fdebea7e5dba2195cb64ebeea2a2af23f9fa53e98baa9508adbefcce4771d9dbe264bbcffdc9734440fa794e2790a1fa323a28cf82dbea82745b99d6018674a7964e2bafeb14f1cc6968acfc90ceb3cadfa6c03d10d7d2eea2db465811c791d6d1d313a5f53f316a05f4ea99f59be7cb37f5787c7241994cd9b4a016ffb1738cbdbc8c515d4489077153a551726bc478415d1a7b513d07ffcc0ccf2a0ff84ded8d42d8afa22324e98675784e244db7596d0fba8bf3b0e59c73c8c8b94506344cda2c987776966d1a8ae7da4293f7b0505cd584e433ed9f25d5fbf336b4754cf9db9b637248dbf6097fc5152b97d03b785ec60ad1af04a98c475ebcf30a72673a7dac8c493fb3f38045d4434cdfcf691a8b754adeedd1ab8eb23c12c5fdea915d0e40fdd802e903dced1a51c64c3a12f9ae46692e329e61b121ba710047b3e851bb3438aa664e688dbb45816faea089dda1ad2014ae1dfad1489bcf6fbfbfde6e5273384a0646ae1b81ace263e414b92a1e48f289929e8f94ca6e6b2e07bcfef00756677feb8faf1285f4ed75d4c3b7017918d84ae67efcd089f3c60b4d4cc6f994b5c551d0982cc32204a54deeb4cefe3be0b20368f5aa6a7bc2b5fac17c28a0ac16892a9ada32f555ce6da85c6d0fb2d1168eb532fb53094435485ad6e769587bc2ee8da8fab50498123109b69c15b386db8bd2d33c3f283119d686077d1b42b6102265616a2f94e7712ba305503a55a84edf3fb1a6ea96b5f6c6fd18d04838dddae306dc8af70028990a1ca2d8734aab6cb51cfa8c709f3fff45eecf25bf27b4e09efedaf54fecee2b4590d1643557d49c7ff4f09e57d4deff7d6ea372a587c98b2c7dcecfb3c536348972126ee3d868a65dc3f49c4f5bd97d7a29d4bdef9b8fd918ef5305e3cf8e43bd93bea8b6312b3026ea5bd512246e1ecbeefc486b4e50a5c7c45ed84b663935f057d90116a5a055f3d529a386ce9f685cb7147f8a9fd14e85a8439960af5f665baa96a9475f962492fb6b34270baaf6e56d5acffacc6e5e68ebf9bb03c45dea87bbc59b5fabb6963d40cbaffa8211683c4101048aa3f65e8a2df6f825c69da968fad3bed78951709c16154606a25cb02b70aa399c158241c555d61ec0757d8f3959f5c921a50d61be17f47bafcdfc1cd0bf92eed14fe60fdffdf7f095f064552adcbf0a9d1deebfb24e028382964aaa1e4f03399fb20460e5bea8e31f9ca9224c5d3e0c8c30fc146a1a4f7a5e650148fa865ca3ccf218667f60acf7783c752a44c764e7b69de1f9084b8eb4b7058a00430547a7fa716563db8d39c363ce69ef8d798e86260dfb71ba76e158aa930109a5af17b86f6919d8a0fa1cd7bf087a81cb40cccda9a8e8c3d81746d22e2a1eca94636794994fb6fda47d8b1a47ac00976cb93111d173e447a94f6af58b8cb824f6d5078b95f4607ce70ed8f7731c86b7b52af6cf02c583a962f323a062a18953a32a77fc5f839fdb9b36f1473c5c71ca5987deb9eb6e2c10f6f7512a2705abc6ea0f405f229c67fbef6611aa8048df2e25865ba8a2582a71e2b33a3719c7093bdb315adb4d542d102413b831186a08754e249f3d8e4700e3a097659379d5936f20652d8744690be01b47a4477b86fe0c659c5fd0ed785fce837aec1d97b73bbb1913ec230f6b7e71f7e340dda1a531cf9015697cffce0de558cc2c909841cde75e31eb340def9928ef8946941ee0c88b7bb71efa90d80f769c94966b339886f4aba0febc69398200b32b1d2aa2bd6ddb5e530b1dc5c480dce800539d3eb5cbcb8568029d5f2219ac0b0727b55bc5c1a87bd0d61e31354a545110b25fc51285e36fcaaa806fd4130851a58d8350c107e5fe39d3bf5bf5a831d6066b1953e6525638b357d8855acc95fcf0b254ee85f03281b0aaa00ad832a53bba160c2c91b11c6f278be54b98b7b59fd8ab5ffdb7707236aff031649fc5c9273a5abfd3751a34e6f85d3b531188c63976b52509f765ccc8152e4f2c51cac9f70fc2541477a2cecbf88b311fd3883fcb7b6a820dfb0d6698d81d8a41fd2b30cef967c274ec50501f944e082e032ef3a400b04b2d41641a459d3d7765090404423e03a4fa1f28c212d85beaeda93f8ed6488c0ea8a8c3cabb1087b55a4b328a4b41e0d52f2cbdb1e1a5fb058e2a285b6921c4b76ba8a5594414ee28ab5b93d322ec60d1495dce6758938846884a0eea4f6ee87167409350233b9854295797ec209877bcad6e8c9c4865ce6c0f12f34daf6221b2c6537dbf0f6ac5294b69a176e467e53ee0a7aae608893b3f956b541ab314b18928b248674765f78daace4219a9c2780d00860a149caeab50b5037a60001882961c453f74bbc4b149aa7f227fbd8aa0dd2bb4be4fdc087550eb934db93009b9429df4a5c85526a02d8949456af205b284491737e998f2b36bde6e0d4f44872a7f2c7c619e74bed2dd502fe6cf8a09932a20c0b0847f732482e170ea1f4be7867e2af82b8d5f71a849624c77c208c36623c6e464dcdda8339621d8cb296d8b1f817b60fc4ec74b21fad49c0f802895b15cf93990048a3048fb184484825c68817eb112e84a1f768d181f97c1aa7fe5da1b09ed353ff022f7018dac574b173dc21a791b4aeaef538293318feedb4d03006067911f03271207244b6516ac7e0c1c4104a25025b6dea86d75dfbfa62b6573779bad95b731f1e66662bed793be3646c9cf086b084e6f6d07465d3551666b31d57c6e9b7827139d36a377141e6f70df8f621be740ff86a97f291e3989744715e5d44e1114efe00cebc640ffe4429d65af3bba8a6e988924170aa33735899646fef447b04896d2fa25efd9f51f453f2f9c21858d789aaec250d3ab39e12f0d3b9bf5cdc7f785eaa3c71dea8b433d7346731fd44afcb5fb3274934c099a22d44e936dcbb01be2155350fd028fb480d8e1df9d5d53d5a1c7a8ad051d48c7c15f0c7c9edad4fa227a617bc15e2698f30cf482c4ccb7f14f78d7514cbf36a38cf813f24637cc2c90ea5911be59eb58fd11ba6b080dea6418153bb280df383899dede669fd20aa9b93e2530b883ca0e1413d7dbb82ffeb9f3c94510befaabf72c36f2f3375ba4b36d1ddc7d193aaae5b4881df729fa2dabe2ec3ce9a045edf98555afbf370d01efca3bc63eea7e39ec9e25d03e981db5587ae66eb7ba085aa9a7bbab653645cf261c44d9d91b8503384d0b35624334bb6c0d481ba4a41158b2aae61c5a51dfd569810ffeade421656aebe950d88f9a951c1d26182d1162557d49f0f8908a57bee2ef696611e3a19b4d214c547b10cf6925dab4f3a47fe4d21abd1402029f4ee1d248c549891eef3c93ae48de3774ca68346ccbc3c4c739212f5c5930bb6629a99599830ff92918e9a42fab798e5343859377b1e52dadceda13eeaf6eb4a599117495611154f7056294a11b5d9078871d2920475745c8792d4af4ef2fe0c9ed6eefdceacad2bc1645c235ef516c0f82459407f0b00e0c0815f8e8b4e8858949fe55bdea11874eb7f16b05a297b3628733b8ce72a93c1eaa246452129d6cec2dd5e749614dd076919c19dfed847a6ea24e1e968a4b1f3751d76aa37fe1b1d1deace37faa7fbf1bb92fc72389767f753820d5f02b8e28cc1daad9b100cf2427a0af85fd2a11de6e1147981baea0334b15c5566b138171b41bd625ec674a49c2c11700f7d4d9e27d74041759edb124882dc77b810a161d3557d16ba1eae3d3043cc1ee1f1092e0af537c5fa3a2cc5090b0255f90ccf8a34533b20b797d3fe659035f68a9cb02e2303d825aebcf8e0c11f86eb23c3d0e167140cc24f4ad97fb6a4d823fa481c219a4ef122156e971f3ad80debd68b43c1792f2b9d2ba49e198a3dcaed67f60016f68f861120aa31ff19273ad166bf89d926786ef8b4ae30936866d30ecf7f4a361bfe9b939772aed559ceae7c8b08e710bca2189c850d2e1bcd51256bb3b73076559e2368bf2c0770bacff8a8fd0bb93200409b2b51dd249ad8d7728ea11b76979a6050a48ff823f6742dcf82a6c6ce1cbe7c8baee53c714d6791a3ce29b45ed9cf7b853243021ca8e7e7e2d254813797ef3d627aefe764702035d96488b7fb8fb3e9bc2bc55f2c2726e9a59df14373ea44304d0c54f9b3257a84e9315c8f7dedb45e080d458cdf94fb6c228391d9d6f81c60257406fedd22d5af3cbb77886c62d06aed37b6cd2e40cc6d381ef0b68458952c51e6e7a87a4d71c5716784177ad66307b97e87e34d734db29702587648eaf3e420b4fc17857c48aa4e842777c4c9497c91b90a6a77381bea39651334e396cdbed33ae28a60ab6420adac3b27b612d2110e4bfb7a13ef03f1ba75dabec81146d6fdb1f3fdb450154aa54477ae243e1d7f674b758b485ac35c02ff75cbaf38824ca6a5d5a9cee2b9517c4428bb93c575d83e299dcd8418278c739d26ce76525edce23f6a412d39b6d2a61adcfc7d29537239e4a3874f6bd3b233287731aa78519e97473bd2416e9131e1f560a2515acb58a9cec73efcf7d6d6da5ff29496993f61c056d3ba317bb11cdc2200ef780edf6ca1ab12d20115a5b216f4cc28fa4fc85d71a75654fa6e84888c1a0ff9d49f4dcce25c21047d7358842b6a745391bf299e3871066bd1b30383a921af08a46beedc09cf71f4f8569bdf95624808693bed464ed103e3ea3decf40e33bd2f567dd5bed0e8a979a9ab83721c84277ef93f420dbe29f089939e2ccedf226bead5be90ccf82e5c35fccd87401c0bf401774aa68c782be9a61ea0b1966ac26eb001bb271de04e18748f28a167cdf74d0fdc50779e74b326cbd951795ce837446744cbf07245916b71c1d7f9af7ba326962e7d79ee9d9bb1d81228334630e433edd934e8b233174f6fc8b59c60c488bc3ebf1fd756f79f0b387c64998a950404516e6604b4a41368e053195393ef30b33877574c31d791828752315b7f16afacc7a8ae29747946f6727c11582a267d5d83d418cf9ad93755e439f7f831c577f9e241460d21ab7dfde600dd1f36173afb7600b0dc145010ce5f17ddf5c89b0cfab46b3996ca8df59e3224a69b1512feea3187eb9a37a5c89123c72b7104d9a09ba2455c36fb8c460d3e0cd140c3d13798a4c5d992b171e445e1b23577c5c44373c8cac0c74835729660ee3a8aeb0b7df74246cf6a0a58c2d8892ff3595f04092f0322be6185da603d3abaed4333c2c2f60c888ba2fe24398f1fd1d7129ef3e3414ad44bece13a1316fa22e5744645a6afe3165b818f5818c11e42820708a4ed445ff434f80570955c8f50a3f11d17cbc27aa3bd32e6f41e54961a19ec09becc2d2061cad976168b18d1f325e39ea78de147400a4cb0cbb51937e11d533a2f971fbedeaf716959a07652ec10ced281c81c808b70b7dd887f283f51b1e9fb68182a7384d01d7dbf62e2cf74cd801ccd5725f4f423871861e44a8890b93f172f22f8cec0d5b87c83c6dd0ea71faf9c7f5e042d516eea6f6c82b1dee10064f9f570403d10b4a5ac80e3d94e384e150d381c4becf4a81706194966709ecb3e892eb89d4dc02c7e4ae3024c7234b36575e32b78183264cc1fafcaf9c0c8d7bc22562eadcbcb19489b1c806f7bdd59273eaaf7e4c8957ac8551d13c9359ae47bdf08a466b19e4d7961dd708d4036f3e9d4fff1fd20a07bc36cc8975135e0d9f0e9446c230746a43f78785f80266e13c967ace5525baddbb97711c8533b0a266c1472eb7bba8c28bc7fd80b14e1ed7d7e17b2dbc5dedea5f6690854d8e2c775ab53d696197ae680355be0f15f8b48a555d92c1b4091dac101f51f41fa34f0c03ca6cc7a2ede932da7f05f5856b6a9e8e355948ca6ccd7806081b3e9bb0706af517514693045736e9085dd6a78b2bc00467c34e0e640fdecd8f5bd5f32f12c3e16a01a22d0b7169b72a50bb77b8b2739d0418808ea25395a5414038426139da5b84f167ecdcd6479604855acf8f6a219ab8d59fec373955ddaca8f626211b1551efb822eb0bf896cc30dd7a374a76025df875d0ff6ad710847c234a609bd338042edee2ef52fdf11f19dcd05c21c23240db3ac3a68ab92f99263b2076f620d70b2cd4afe3026979acce38a28c286108e7ca1cb22ce82160db8049899296763f4761305073bca13c6bb670e64e43996b882c32fa910bd382977297a458779a534bf1495494ba26ca44728702823ed6ae46ee434adb16ed8dfee63b5688037c40d2302ecb44b857c48f9ca322a3c9727d571d33d20e9cbb63b3c18f50599da6495fbae845f646b110b6a8868a01eb7bebc4ad4073017c4ea9da3d48946401c4456410f6470c7aafaf1d6d7eae092cd334d42279d2aac2f3c5ed8dcdb078bea07170390fd9a3bd4384b0a6bbe68b09a6fd6524707ce0bb5679072dc473e2413729ebefe3ffa5db6c9ff533ad471283e60a906260966472784ab31a158c6d69af3ef5663d25a0623c4eb94bef421734cbb24bf5db53fb6c5a15fefda07536e5d6a9c6d755621d46ccf8f7f857525e9505b4dd97604f227ec35d723740e6faac5038791c72f42b0575177a1ff78fa7be59d6e9c5bf9f794e98e162b58e0c3632e13c6f8e1dfa0683d87955fb67eca5a7db54224e5eea2832a3b62b2022f0b1cf40cd339587946abd05beb872d0a5490e28fca6f17c9d4f13f3c230079da52d51f77fb53174e361ebaf2829e032ce00cfa0527abe58c0b4daf3b6b838ac195f7997c84b25690dd602f8dcce4b63743ba47ea4d833881e3eb39b10130b7baf159dcd886866c79e8851250da457e93c2c94b4d42e037072a1f97112e1366bf0a84c5e428e82ca4d723bb90e4e3875e51bd78a49f7ca062a5dd9b81afb6141156433491da10317c75ef3032746dc78d7bfade833a13ba754cdf55651751a43b7ed31ce0ae3bb7a4fa1206fe3774f089c07bcdf9113b4e0187fe4350f3eb53f6d86c7966402be74a3a2e3c744b09a581a35973ac8078c414ae328e4b4f99f85f9821be722b6529ed1a6c96e0e6c9b0670344a3bc9f9659018a03e3f9c314f16291de36273edf046105775de3734b70a20e303ff3e6ef97c50f94f79ad0e6437bbd27d0f7282a8899d780b9f83525b5b4fe3d1f6efe67ff877aa9265ac9e5d9cbd11e2eedd5fc1797e65f0c352b999957d9a91889236a8dac91ad6fbff4aeceb4d3df0d919e5244b7ced51a88f805fe4741d7c8032650854750f6500a79c1ce9eea3bb49fa8206a4a9e8a05e68c0b648cc1f0a30af421280f883b46d0a550b505a19f7d6d323853a4c303a944c842362553bd43c5f6c4451dec21a6a22fd8ddb7505b6fbd5f751da807bbb32ee5a2df757a25179e25ade116f10fdf9c64250108e000b41009f5cef5f90af21dbac51f1e48f88d0c4ba16a1c04f6a27e146ad81001d8482b5e56b59bb1d1655b9bb28dfbde776ba4c38ad8fc05fef5740edc3c44052c4406fcd8bf382d4d2c8cfa97551dc62add131c0e093b1cf1bc2caa3744c0c1f239e2a846d136234af511e1e6f03e5cc39de94cfdb5ec89258b2f459563fc3cf92113ec3ab8b3cb5caff25df7dbaec1dde4254d73de40057e10760c82c7943eeb444cc58ce162b780842cef2ff9125922160222e0b25e25c84b071743c665e6aec93981509b00849a8c211613e477ceecdcc05d793f8dc45a24c7582f0130ba19917cbe13791c4197c29b85b7372f74d8ffff29ffe7b375a34d62d509c425c8aeb6f1ae571a5706313243fa3bb28d03be83fe33c47b1bd54e70196f6f009df155e92b380346643e0bf4e9f304e4989bdfd169669c684d99f5325936efb9666847edabd0aad5031a3263407db45def9d88d8d48fc0ed5d6abb986c16e2f6ed4f849d087835eb2397b3d292f66a9e580565aec978f1485b4a1734b826e349820c92eadcc8516ecb63d7090e7ab637622c7ced17f373ffb858b2e770d8a16388d692c50c4fd60da5d0cf6645abc237c5c14e5a32a4b5046c0bddeb4e02c8ebda30780ffbfe3a7898bd220d6690b0aba01eff37ec941f0d3cbdf45a70cfe4d8c846cc8e6b1292310e52dee32ccd56665308722cb7cd335ada1291923c5d5456116b2968a82f944a763d7b89c97e498696266bb9ab12d666a2824d01e794af31541c712bc63697694e2f7e93385ba584544b352bdfef8d212295e4ae14c2c0cc34f3fb8d20ee74346ff95d24280c1665238b7fd60349b1c1d602e9ded7758ebd4df051a8e2da5eb6d6686cc9433135f13fe5cc80e8b9e251f01a4a31f70dce8aa0205d90fd203e9d0a3cbf62d07ab4ef18096837ae57a14d64ca595b07eab6fa4c9e7083e9e0a2bc2d05753fd2083dbf39b3a3b5e11a59012aa78cec107ce082f9b80b30f28985fb37b6f0efcd24f2f7489dde615ce9b426f1be3851430c04acd899300314274cd2d8895de6a878ab939a962af1cbeef0e2367c6354efaf84fa953e4cbee244bea6026a96be816c5666af33713b8b88e1e2704e8882a11d34af6d34ff954b0bbdd6eb3d1e7e280b7916f040e931793f66153da85445fb576cd63e7ddca1d9e3689962ba587033dbf9f0310df3faa720c637ba1336b00921c04c2dd24271846a6418c817452dc903280bb10c844fdca7457a8c14d87638a231c3e285cee7c8ebf056900c1f2424fbe257167001b6f799987c26ff6f08a9b0241b476fe71418493cb467a73da9d8bc38a697c5774503aace0026d89de156b4ff2b0ebe50bc2e27057ca8ee8a2fd27b1b38886f66d4b9e3d1d1455efbb916b06e8503db88ab39ae488f8ad8c746dc094376d9558658069826f52b8b60cebf49ec346a2d5b374191fc96b305e2a8f0b1d74abbe3987f63a7592aa1e045d4c14a58209727436d29b6018a9fa25bef2361b8e4ce6c6cec395a18ea84ef879f4e0cd4316dcccf54441b7074680c8b710341cdbfdea09a947f1d3e42bc045c94cd98220b6b6a66ac2a3b6b4c75359d002e42b85662998bed845ac106ab15292cb278347c1822284a866410939a0aa800d1de26961f27b19ed7460d22ec74ba23e6f5c8275b11fd22957bddf86574239714b02557a6c745ea6dca1b12c74176051f57698696e96e5a2f5261946883a1e1229cb62f00cb4f39661078f596e320712d9105bb68d5f05404e880dc1df4b1cc23cb9f868e6c132702dafbbd49d423cf219303800559d96038b954440aa0cb42d6fd0925e80de34c419a93273e4fe1f325d134d102c7248b08f9a280d1a2d00309b44190ce75989056eddcf348d7f3aeeb380e817e0e7f8103762ce163d2c63007e9907ec798be8b4334fda6f0db617b20983c62fe2b6f8cd93db340ad42c2ee0113fec14edc95f2250c2ddb8afdb84e1d62f2259b523ec6f93231bc43b98341283b9f34bd0163a189fc894e3bfe40a3683ea46503ebd98b723fef6fed44e4fdffe0f5f9254f0c94435bb3880bac342cc8d4fc5329e938da44d1e2d32a0c7f4f0837532a831b394b0164dcfdb94109da935450a8b4cfb3082556771901a617557d1ff82c2b6a9ce7fd9d64a7db8d0d6b8c47d6e6f665802b704f9f53547c98922207d61807d448ba016347174c15c86fc47e3119cd30699bee7edacae7efdd5be6c36839457c4710c24e9f6d57dc002edfa82eaee7e6f45676192a7b500", 0x2000, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)={0x78, 0x0, 0x20d, {0x7fff, 0xffffff38, 0x0, {0x3, 0x7, 0x100000000000601, 0x9, 0x8009, 0x1ff, 0x933e, 0x9, 0xf, 0xc000, 0x8b, r1, 0x0, 0x8, 0x8537}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) io_submit(r3, 0x1, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x7000000, 0x4, 0x0, 0x0, r2, 0x0, 0x0, 0x1000000000000000}]) syz_fuse_handle_req(r2, &(0x7f0000008380)="a77b6979ac308f6cd9729f4126f9bdeadbde5a616f928043b2a39f39b4bbfa5da4e83f8b06ed716fc33cd772027282ebeea0244d9648dbabc9940cf4227e51da231602ef67168b077364b1332d55913972bc55c1bc7d08e390be60eab1c6ad24581fdb6b0ba7d074de2f888a579d2de9c840ed78c424213055c6b3b299049fb07e089e881187c1cb0d2e9499cb175b2ecc2f4bb52705f00928a4a706d28922f3db5712203fbec4fd28ceb6c0de8ab82b7eea57a659b7e3b921e7040d7f48177797b69773bb693fcc0b8e7a2d67f139fd27545042c269e8b3b7302a2e4201b457ff2bf7f1e94874aa985068fdcad0c2b1df16a0b364153fcb7631730d3a36295ece6267c54d296ca3be74d37e6168957802894eade27bd42418597d1ff78309c965b2720e122a6f76edc684af9ca52a339b561a1651f6e60434f24b73ea88221b6f751e422e5e33cf04ba50aad949fd9ff58ccac03b29f1e17bb9f6feadd4fd9c6ea7de73fd2d66dbf39e65bb25dbf5bf29929ad5b8f9c783ea1569671533d542706af337934c0d83647038a49bde65eff896ccb2fc4fc8e00be0534d1432077eb5d27b1c86b4a60003a12a0b2b4274858f5dc62700a45e81a947e89a190f8324e02199ebbf67e67809c0c6006ab8372c49bea4e4e81fb73d68eec5f00c49fb13d7b1e4ba2d9189af95d3a305f0e5a863b1db3e9270704806da4f7eed557f5c46325350920c5e9243c483c19f5c73524507a7733b04bdd2aafae4755ceee2c0cc1948fb6ec40cf4eb1c5a39319073881beef1d4da1fca0e920d30b4343391e37f16eeb2939c546ed0d51a0aa19ce34dc60b0bd18be46cd6f720e2e2e79b0b73a51b5f0676f1ca95ca531bfb1df86bbfd97ac8094d057e70197e93d7197720399aa7691ea0c32a688ac0c2886cda981fc4e394b8897f6ef7d61871645a23ecb98905fa8533c888573b45bd1480a2a66b793a0b93379a8e9736bf638bdcd2d966cca46bc9d2cfd0193cb131d13f3847f94c65ce9a5d10e0973c3fbc7260050a68b534e847b56caaeac46cfc8890076778c84323660cc01d9ab1543dda758e12d983bac4fc7e50356d71d5900f5c770eaadb308afaaa4aef17b32ac89141e773ebeafb9f1a2ea44489dd387411dd4d28e0e820698bbdd7adbfac1c47887c3345cb8746e6e2be239375a7e2762e7e05f642c295b7a216a8dc20e502482845d7c6411b2973d11eb5500f946bf460434f3083762e690de9f2c6eeae24d13af2a00234248bedd71b7874f45ddf024274bfa254d4f0c2807097aa2f9c7d0c3672f5fcb38e3901d7e6e7b33dfb90681c3ea4218caf15cfbbc15cb969d2f43bbcc155a042da21197e906500698bd4241fb1b7c7998f5f3e4081cb965404521b99e7730e8a69b758062da91e64fbac77610e3f6bf9604c019a4405348af6a5c04a9cc20ee52e9abe40edc0671e9e527f4905b7039768e181ecfc22aeb717b8be2b296cfb338bfcca76b91131682074f1c9fcf91f9f34a8a083034d5c82f2cbfe641e27493bb8990524b94f615c557fbf4c7862dba97d638578532f6b9a4ff7606484fe613d7516e64aae743b20e469c4e784b82a0c49c29cafd6db87fb0a78e0514f2610fc9dbf2ad7d1f5e7b10b085e03cb66291d231660c7f7e68706028e93377605a2226ac3a3551cc4067a04b787add35642c3bf9a0b8dbc53beaa5edd734fb74918c6a70f1c46ad8bf284bdeeef58b42d147abda32a67840ed51ae71eac3e97d2f16240f97ddf03ab332115c6db87737f92d26efe6fe1869ba0f47c6c10d284faf9f4ff5bd23463cc5c70cfb4b940ed422e8820392df6da7b589ddd01dd5b1bdf1ecf3cd4aa53bbcd3ceb68498afe6471664898599627869aa96da7dde651ce0662d4d41df055f0ad3821eeee538e6c859f127edbff11e5d6ea12b0935935db8b3b5f64415f03c9889ddd6fe007bddc92a83d6eff1091949d8cef4aadfb05cff8a41408e8ddcb541a6565347f8abe9f7706f81d074be8af7eb493ce5291db371131b1640af91eea8a5b2fe978bc123c6c4865b82265b9fef9e5eb7d4cdfcd8599975eec336b29420c635215533db79fe8cd8ef5101c0539747aa0a98f29e2f9b7623906aa7b45dff90333f9e96120fe3926c5520379ed76aedad09f21fc4e7c7032210b6fd655c939d99c85e5894f76a587a80acf1793911d352f650b707b968d8409aa39b8be5bdbe5e37202208f13e378ae2e7b142b1e5221403e83e3717172fbd0fff060c3d1a5fea5191f3ef4913900c320d5b7345a24372fc6af39f0517b6acdac3d1bedd14df588642fdc5fedde23a440e52e5b26783fb4952d0b312ad8c534393875caa3c506ad633c76f7ffee98d8bda86ce119b19c573032e3a8e5e9b3be91222c043710db0a138d9f0a3d13baae14e9834c4e5624aa2649dd41109eaabe7b9f6c132e3919c95542346486b0a6e12189e24105ca086dcbf6a48ddeafe46a4e1fe7eefa212685a90793f44923d485506672722c660006c28c21d726a05c9188f55896b27c29df8727cfd0a4bf33f2bb17fc92a987e33879f93440998f6b2eb72616c51e83a2f31d556424a8ab0841add4a13dcd31f5cc011e41b8610445b9a7ac5a18d6527436061a0b56f0044469ce6ed2e65f72997b122af2c2ef8a2e001ff20a1b00b79507e380f0263280048a07da34f66829ead38a428bf83e0bae5f78ea39ea286264a8fe1f2c70a290205e8ed060fc644d33ae8a4a8e45fe61c36cf5adfe5c8e51d28b4684c0502d84fb329a913311db22228c9d6cc37a9679721ef074ec4cd5eb33948b2e07b9d3b9db18bd8c3101b1bb2863765047045c2ac5aecaff54375c6a2f3dec55b44404e5a802719908966cafb5f4d83ae3ca057bd4399049855cfd8796e97f7f9e5d446f0514b3eeaf568f9768a62b67f4556a3c1e202527413f9f0cd9f98bb7b0d328661d613ed42b503999244b8246375ddc0ae50eec28198036d165efb6623f3ff187ca98bc219ad1c6b1221358036887c7232650d9a5c49c1f380e1f609b7a6968763238cf37869c3836e6fa1253fb86b4b789aec4c0998fd24e0c5dd5abd19edbb7badddb8d15583c4aa2a32be1919de29e60204eee9431a163f24ccec83f1f7fff25e442ade25981c681993a7f7512cc9852a770b67e055ed0aa87bc79ccb059b91eb3041fd013c5159fc9c2965f319199ed15513357d4c7b7688ca0ed4847f3f502825637e06de8f8c1606fd0fe9a2db8a439249d9e3fa748b9c982774520ddc02ae9221396d3b32232bc335cc0affcee2d81b42001de90a861bde860cb7a05101e40a908684609a879a5ef2f458f830dd16c8025c226725f1ecd53163b8181b19035745e9b46e737d7277cd83a66e04e19528e14b74c4eef90aa3a27d30d47fa15e267d6376e230370881894db13f8d4a4ea5fe6fca520db2a034f7678a432bcf9378265fd67c1c81a0e7c176333a32170618935a6ecaab181a9bd373781a226082f8f21d4f3a33bdf0477c08b2ea9adff44d74dc9e21016cd651a2aa5a792d0235a82a4ade72e49a334c947710bbc0719979d3e09f87529bd9de8ee0602c2b1f77be5b130bb22fa65f2d62e3247a9b662f83054936fbfbb8407e430212c1f28eb3ecb58af7962c9d5563545f2db9a4fdf1b5e0f606bbee7b7bdeb3a159468d706eb0ee521b299b90cd80e306528a4cabee83ffe40c5b138e566fba47349742b0f430688bc2fd52753f60836e040fc56ea207ef9bb99cd7e2056a71b357ed5e563cc413e6b47e4b796bc112e7c3e4a651b3b09a816d77afdfcfc40c96804791635e3be8b36363e4426ad4a87d454af17cae5609ce6343826b7d171bc5655bb6dba2c8224076c9ecdc5d9ad26befea4c976e2d453bdf42cb25a3f9ff12af4a5dce6ce7c5de90219f611dfb915b1595e1b7fe81a1b337f353ba679df9be64dc276e4f425b396454318cce97e7a8ce9a122d246697ae3d21f144733bb154db146ce9aa4a612ad15354154bf865942edc571cf5bf5495d0e490c5191d002f64b95b903e43a2e2225815eb079544a6ca62d55ed581e65bae96a0145acc55778581da64d151f206b28be72985536f93ea002186534e1a4c863778ff0d66e4e57bd01273f0c3315cd6ebbff3a54b267ca326c036717ed421cfbf046747f1ddda9824e68a5c44472ef1f7ff4a2eb2b8558ec114b83b60981b1a8965c1279c3850855053f4c3f44fbe2ce6c104e33a9ab2236a3d4c048413a70565c2f770000813306f9baabdeb80cc1e0f79d3b73d47b0423c84ac645b579020add43f9605631bae3155752014e1882f447504a229043cf896f33d86e2acba040f7c4c28a20b6fb2f0fa95261673e6d860dfe19bef44744f65e451372f26ff5be2b03a66ee92c01d4bee8cc52ffa2318c58ed411ad9420db353af50a0224327984f3efb99685a4d2e5825d0d3094e21dce3cff41cdaf89e210e7f9f7d6ab38f2be3427a7d8658265dc9ed57308d901e2a2d4de6261b6129f10de0429d1b93818b5572bc268ec8fc320a73ee75fc0ef5b6b5fc1f83b082064d4c0d50e5c28437a058655a9d909fcfcc17218e8a3ec5b087d0ea531bb0a3c605abf060cb390094b04c8d66f54edf2af81c06a10187ad81550df3eb892e7dbf7e6c14f5b487cfe43cdef3997b3c3d7f7e3afe2d85d0ebaf404f03f044e72a8669fadf3db29e354dbb1bff22bcdee7988af729605b9232383e0dbc9e6fb0dfb5a0f8868b27b425329a39683db9b01e3bead345148fcfdc720eb43ce35f849b8560f03dd1e66e332166c8fe6621b6c090d02a37a47554b8886ab11b287a13f444ee512a6b3a4dec2041f02a03af3228a9e5f0a924458f17c8c56c380101d7c945ebcf99484c7aea9f67377edeb62912adbfab10c47ccc3eb902ea06ec1070fb6f2987f7cc0ddbb6f75fb7faa9e5da28da24f39a2270052eacf513f0ba9197ce40d1e57c566f2e07292816c1c0c2690761c72cebfc94e1066f50af87e1195d181197fc841d8e43a3a9729c82720866d8ff0de612d93a2776ee633080dfc501952991cabdb436068194459d617db3c9f07f8ca9471f82ae8104b9cb6932cc68011e3b5fb772a2950388946d85bc9ef0e4e5ae5aa36544337605293774dc1234b5420434998ac909d2e64f52ae9d39913e7e9bb8433f1ffff02869b71221f6658549ff0302a6ce41f4f8802f73a648310e245497a38bd378ba732e3f0ae9f7f6771e082a031b17b584d6f4c812a6eb2dd99e03d49beb47efab77f7547999b8f936c5006efbb1e7bff3d60841e69f546bbe29c74f58cad55bfd92db2eab1784dd794ae9a493178c23945990388d6e40e9bd2c09bf3cade3004c325775fde8dc2493f96fa86e8918286292c5c26cad70e1594b1b0beaf9199d39595e6ebb05238b6c254c1b37f79cbe5e1746c88b1e7064d06141b35947f3fcb609652ff17d2d578ff62b7c0a13588243315147315f81ab92fa3b4100b9f94f17599588590eeb1caf6251c35058ec1317b3e41dd1f0184fb4347c02621f5ab5b813355342f2856418a7797bf5f6dd544dac4368d9cf00defd104129635d38017933063ccde25628e6af1cda23ca40f8aa54ac977dc399163261f14d3f93ebf328938a31ac722a87b2398e41a582597b10123ff6bb9b50788907ef381371059f485d87246960b249afac7bf2ba9217c27c3e8305325b4aac865e3a93c8d9a7a4ec5ac5c83a8e450a2fa8fba2078927cea0b469d653b411eed153a47f6deb5556e2647ccbae7c1e6b5083d313d7f7d5d09598115918a0e04b659019e63da7fcca6b542a37831db53ea4a246be0ac976fa26de2027f0b4e735b8562316799ef45ef193e1d8284bbd9abd2af6bf5f8efc9df889f517fb6274c31cbd48639c8a7f63027be465fd96f1ad7946fe39b79825dc4afeb097d1f6bb76e3a451c19a77a45f580777ad9ba53701fd386ff89c05f33c890ea18bf86cd33a0d9509c04068feb7fed48c21738ff74f5836958bd7089dbdd977e538cfe60369054ef1d280c4824aa37ac95217b200d6c2890af2dee2b2f998c88dfacab292c16d04441f7e8d0bd235ab7d8def2951c1cb8e893eafdf8e2c7ae023d86f26bc1ea8337c978d4f78d2459709e3700cad48b4d1c2a03154aa482deaa6626a02e8dd9418d22bddac53d26270c7bd709c7e59964f35acfecacb9124fb8cb7a5c406736bae61836bedc9c32d7e541d0fccd87b2e27fe92a091c757f0b6554d86982d17e5d935e0b9792b36f757f8b11c1eede1e868d8805b3849de7a49446f836dfac10fbafa5781aa95dce6af2ea214ff4e4b6c0f215bd5f2fae790a94ea90d1d51c9fb387a6fb196540b951e96fa9ae388839d5f595a192c7c166ae2f25d118cdfac83d439f7aa32be55d00ecb282b544a1b117fc9e6c85e19cff6e6e3a2211790fde703b26d5017e32c2c9e045add21da78708adf68e9be85b627e242fb5189408322bddcc8d29ad3b7bf0512cf4a9aad6f5837742219e7cb89e4858ec47fc084364fa40ad51136f3f2a6b40f0fc31d4c9889100a8dbef56fcf10e676f918ba4904b8d0e2fd85a56fb7eceac4c646ebce361c6650690c92bc69779654a7d121baa9ced2a76c7df5e8a9bc6d8104caa5037e9bb9ec0dd88e49c0ce08b01151fd6a5372014f16285803b432a580c78c39ac9f6456780420f7a5bcbb06d61e56fc3406a290269bfaca50eb7b718277f4cab70ff4f2f7dafeae334d958a35915d0ea7a440e5c3f5e498907e924e47eff3023a58f3820ef090d00f085381a69c1fe7ca2ec06240635e6dbd71d76e947e4859198d3656fc4f7344536c3acd2afcc6b15be80e7a4b1fd0e876848bb403b58b49d898bab849b3d16f58ac2ea53ee1b64e03b2bd4909f5e69b316e03add8a5767f9746bf5a96e9b7c4308bba33afdac255dfba9cce2f881bcac8a47b8e736522697c1493410e91dd14d1e9980fc333ec020a766998fedeb984650201807ac5b37f6a6e7b9172d9c0273e159462cfec06b28298966ee5caba2b61ab3195c521aecf5600a2a7ad4de0f3ea28b0be5d268c93ac174dc6d9e3f1eabad23a0f24e6ea2f77622ea022c62dc12141a2d0bf090f22e29de929d3b05329e42aa58e3b52b04bf08f0d19661e2e2e760bc8d6becb5ceec44912edda909b26acf5b88224bb9b6d32373de2bd165559554e1b2517a29b9a2315c5b1c6aee5c74fe88ad0c8c4e04e34f94867d4644c4dfee1667d1115416af55c6df3b0f3e68fc529bbf9cd6935006a14328630d253ff6b2755e650fabd077d7e4972c7e7019af05d29bf8e8dfb9dce50447b361947a180f087bd89c4ee62ed9ed26f09e12cb0cb91efabdf0ecd9a7162aeddbb17c5840d49878f45f98638b6ba138666840fb31ae5caa371920a534b0ca9a1fba4c029fb7192a78edddcf7d40ed184a533f24fabd6137585a4125ac9c87e9e2fe576ae5432698fb7f608a4d94634d60d9fbb156bddae24d489af13a07d56d536ab3f9ceab333559f8d4f1a9f63905d2f8e7632e3a9b0499e4a04088e289f8bf1fa8741e267fc8fa07bb7cf74d4c7637db7e0a544d0c09e9c0c6c53aa1707bd8cc45d1815e573c06226d387f375df0b5db9fcdccb9130ae6c05187bc3e8de7ce440c4f69718aa6196ed50002f2b7773e98f4011714295e9659953d794b4d546c13b2b54072b2a54bc543e5786ddca8f9a0701bd250ca48a72140dc7fba7561b23da50845dfa362d8c955cd14c2facb7d3a1b3f6f311f76035bb791d7e7614aa6f1e49403fd519797d34e8ea0de8dad82a166e89cd76ff060cb147580c6750df168348c43944e5d6a972a61dd132617c7ce969dbb056b2e4546b75721354d8a7afcdc7fa2bff3f7d10db3c32ac36eb3ba0f0d6a0481b48f8774d5da61b410b3eaa1081605b94680e6f2adeb120dcee796fe3e542141d7720758aaa2f32a275e92aaa7901e6e6a180a8ac2e4ff19341db6edfee4243ba73ae131271c317018e45298ce773e79467ee79c9f4dcc5d6d5b80c806671ec509ace1c325a83376d0d34893ee896608d68ad8b013476ed5a669bf4a7027a3d92fbf3189ca37250ce449ff3e654009e8b89b6a0b47f0323699a060e0a6a15ad19f40496c296c7e57fb5dc8a27a11f1e48f8485af3c2f69cc8e9dc9170b9399d6994a70678d1b63a516311f171b7ef79543389cbfb1434f6ded759c04234135528efc4e4760c187f7f101c94426e772438e6f8dddba32c2c26da3e2bbe80e1dff5a3b1101b2e883e55d7e7e06019d211dac2d6d6534531b5ecc6b0729d602d366e09eeb28284a77a9e7b1e5ee59139747eac2e167e2f837566788289e5c0e4df940a760957bfcecd47697786ad7cd8f57610133c622d1027a85ebed3a0becb1c98dd06397ed283056562c7b393c149d9e8df3b4ad401ce57fed18bec69e42c67212c04b9f855df8ef518f26051c0185fb1525e1aeb2496e72fd9a258f0c32091ce39f6bcb83043ec02e57f47d300022e587a8af1e7c2c5f25df29e6bcb381362b4325de1aeca57ab710eaa17bcc5c064c8bd50fb45d0579405e1fe18f32fdcfb1edfa69dd9c30fdb4df9fb3411c6920d8b557b5a404759482c36e3be483861881c981bb357f821a241d04a5d75ffc0b6f96f20e6f9053c70192d01fd4ee9e74811e0cf881dab519905cbdc34ba629a711c44b260599f55dadb1af708c8c04290276201998cf142d84d0e284f51e0ebe31f121b5246896b05b88309685d4dc4f43d6f87609909485232e608cf5500195f85a74d311730f25ff4ded1ab98d6d666500855c5f4033471cde8fb35656bca1308a1d4b1e8484672cfd086d14f9303d3d35f65708baf3b977674032e4064abb4f9bdb3bfb095f519c2bbf2ffae44ec52c92797bd4b6afa3200917bdd546199a1ca61be5f1625b8b2110d02511a36035260bbd5ed9eb72026d8a4d5e56cf3ce6885d4805a1ddce679765408059f2674ab0290ec3ef0082dd9fd08c10a606757aa8064f30f764d95ea8b1d61ba17ae9c294ba07699b7b03f8dd42a1f73b53d623c7c9aabcb9c51a230715f8c1e68cdb7c360e128296d721fd5ebf8af397740e57a761f40dd3cb81d69b38c3ae7d033c0e186d1233680cec8c1dda06469822f5f9fb71445daa6cbbf3418e359a630823787697359cfb5bfaa90da123db63cd24a54137e1fd3f478799aea4f72e1f5494a5f1e7eab2b70b7158edb4656344d28887ae4e69cc89d9cd6e3f53448a4ed0b814491fff63291349a5b7b896e86c1f71dd43104716bbf1ac2f9038b7ee4c181c8bbcdcf1bb7b4f5b3adca036d54113396b4a5bed5c011359e4f007afdc6a98c849da27b91388b60c8e95ef69cdb05a155cc268d81d401b6fb8acb9b748c4374c90bdcde46a1d9cef906f836341e80d71364e69b9cbb690f44456fd34312a29239811b2238848eab2def296c949ee5fadb4319dc3b6971c7ba4b0bcfb7f772d9c8021291d297d65e5b5f3afdeaafe690e9b951a7b71c3cbc3fe1eedf9db25369777180869c6286f864c500f5171308caf354cc1cd4b36f0b9986abd21b06777e6271b71517acc43750c7a9129fc3c1e12d6a723ad1f2b4dcbcce12e5afb381121cc6e96c4635d2e6ef08cafe039da4076b06ebde300e6284938e394d34075c975e6ddd86c9656ff38b8fe1fec1e3508b94d05ca18004fffb68827d51d5bde7150669140b2f616f4dcc14c404a93d2a54407e5a553b41ce807a8ba450f54a20f1f31ef4bd4acd3efbe9fb1c4678c8eddd15936d9b3e5cc691810a13fb884f55832a7420bb883a738a361ce944b8af0570fabe569c7d56617524a444327133c459a6ded3051a2c719fa0b754cdda175eca83496605a049e56b48e67c9cb8015e82ba3459c8416fcc7c4a130c0d5253f0b6a6f40b2c5238b42828d5248d1380e1bf8d5435f44542258ee0857f5a0c92465df8d990f7f25465e2a00354e3f970f681c3b43b957151c17c9d996e764e31e2e1b2d3da2e47ed00911a08ec23a43320dc8fd47945aee6cd0c146ea1770471daa6ec72ecfd5abedee88e76df54e0b72d9bebb34f08cdf1bb148944c9d38523e56f8feb4fb0d3cdfe4631c2490ca89649ac98d27e5087cd7668dcf61513d6b7423dc62523652909e701f4ed879a2b3a4ab698e2628952f251793f4b0e814f9a82eb38d033f67c9a7012d93697e60b623c8a0d9c39e7d408b72a5e839ae10e76d41a26cc6b55d91be36c2a6c53c95a1d8b27d66028ada77a18de71411db1ba38d972e6a0d0f584ab7e10c1bae64f20f5e52937c21644b1e0e4e2185242b82bf97bbd03a630715db609dfdaec5436517f6b0e600b6a638fc8b2c041db013e92df00e03b155cf2b2ad0e005e8c790c28a29b5a52335a7791cde565561bfd0336acfe14305bf04df81df26793c041bc7d7bf03d18a38703a91ef52eaf37887e17a1995b055ded20fa81ce77e39b29788707360136795796e6a6b4ee4ffbc04da94c9db5b284b1ae5fe9510af71543491a334ea1aba3acedcb99fc7390d6ec497e7bc5de86f584e38d52eebafbbc9de43e37b089554cdb6358ece73c279d3a402436b67d0868f27529a38931b503d4902b2e68c8381a8ab5221817cc6847b2cc9248fba1bb43fb66096d0c99e9853da5000fbc04e6075c5830f735b52dabff9fff2566e0e88d5e949a135509865d85b3ecf053219bd7ac4b9dcf56aa972eba2e4eb049ef58c7110bac7433fba7be77b93ff162bb1595dd9e617e2a59136a9acb5f1958414e5e5facb045f60e3b7ba81184186c8c68664f368f1dacd3ec121a4e4fc3d9e916a89b7a570f009632041a82ee0e235c0f40f35e72bbfe6c11511278aa6ae8e8d510a89f84e637cef63b1f6581ca292c8a2cc95f952cf66678988d47bbf5d93b1397a106aba9818aea6f2acc00ac16b192d6fe51d4486777fec590220724a74074a4fdae31563219ff70aae2d76ee24f4f86b979429f0b6528ca16ab476e6b2eee5c80b4be0a190bb9efe2de06dcfe94841ecd4e595be74be5f8078c4082fbf4d41afdd8f3a00a0febc5910a013bb0747d2174339d513db48d213e932ac10a79ee062c8667813b8017ebf8144cdad81f4f8174b886c552a53dc56f32f11963495be58a6249e08feb13fab9bac145428f0365a3118d95270e617d34d30affd5703299d7aded99fd86c041486ccdbad239f4810c2a420acf42713342ad62efee5e716c33a50c81bc5cf88a5d3b1a45c43b1c2f88396c6a4b8eeaf33e56117fde59877b7ac17c88948926ba550ac3ac32f2df9b9a4b24a1d831c172ee426d99071c0f7ff7f8d3a2c04a13273d17293d25ddb9cc3be354e5448115c0be542f742494d30035186393a9027b6c1431de960f16d29a494b4dba7daae1a538605accbb848908015aa14715e30882dc46c3f00c5041af7d55c5dbdd31ad2606b640b8b8b9dc6f979dd62683f3b761b169c1928a439478bb4e9f7e4da4c7cab88a5c487b93634be77e26935e3c2b7a6b7041ae1d4a50b73ebb597e95bd96139ab8e027262b1c61fa3e24e29eae6be63020c45d217047dfe5757c434495b57a6f971c17a92b01068c", 0x2000, &(0x7f0000000e00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x60, 0xffffffffffffffda, 0xffff, {{0x3ad, 0x100000000, 0x8000, 0x6, 0x9, 0x200, 0x101, 0xfecf}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 2m48.463809637s ago: executing program 2 (id=529): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x80) r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r0, r2}, 0x10) bpf$LINK_DETACH(0xf, 0x0, 0x0) 2m48.276088151s ago: executing program 2 (id=530): r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83) sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0xf0, 0x32, 0x205, 0x70bd2d, 0x25dfdbfc, {}, [{0xc9}]}, 0xf0}, 0x1, 0x0, 0x0, 0x85}, 0x8000) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000)) mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0) syz_read_part_table(0x1053, &(0x7f0000001080)="$eJzsz8EJwlAQBND5MYkBPaQDtRR70H4C9uLBArxaik1YgPhREAtQD+9ddmGGhQ0/dk1K0iRllsdaPvI2mSe5ZVFb3fCWTetNDtsmGZJyWWZKcly90u45+5RxTJtzpvTZlVqvl/enb3wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/uHgAA//+AkQhu") 2m48.189402803s ago: executing program 2 (id=531): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xffe0}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x24040884) sendmsg$nl_route_sched(r0, 0x0, 0x4000000) 2m41.753336461s ago: executing program 3 (id=665): connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x1, 0x3, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xf8}}, 0x10}, 0x1c) syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac95ab194f93f8e795a9b29420f", 0xf}], 0x1}}], 0x1, 0x4000000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x3c}}, 0x4000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800008080b63428e900"/20, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94) r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_misc(r1, &(0x7f0000000040), 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}}) 2m41.684546072s ago: executing program 3 (id=666): r0 = socket(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="680000001000ffff25bd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="1414000021200000400012800c0001006d6163766c616e003000028008000300000000000800010010000000100005800a000400aaaaaaaaaaaa00000a000400aaaaaa", @ANYRES32=r2], 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x8048096) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x26004411}, 0x800) 2m41.653344709s ago: executing program 3 (id=667): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0xfff1, 0xa}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_route={{0xa}, {0x10, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0xe9}, @TCA_ROUTE4_POLICE={0x4}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8c8}, 0x20004804) 2m41.500999361s ago: executing program 3 (id=669): syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file1\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x6, 0x229, &(0x7f00000005c0)="$eJzsmL9rFEEUx79vbm+9FRFtUthYGDCiucvtoaQ5NIJgJULir0oPs4aYS04uK5iAmGBjo52FkMbCf8AihZWFnf+AoIUKgoVXWNjYjMzO3N7k5s49l+t8n2L4zsybH+/tm1csGIb5b/n65dfnp+dnF04BOIBJ7DPj3wsAkda01bP/9OL+yef1CzuvP756t3bw4Zv+/dQSKfcOlP5yvgfg7VwBcdIT9urfSkyazgJEqq9A4ITR10AoG30LAleNjkC4YfRdS7eUfbl8Z7kZlW+3motKzKimqppQNbX++3W2CYumL6WUZM2vb2yuNJrNqG0Jz8wNmMol0sNWJpz4FeGjMydQt+6nonj9yeNt1e/GZsaKXxUCVeNEDYR5Mz6LnW5sdEgs/494vf0Ljv8DvCWTDECWkyUt6j/HEixbHJ7Ot3xKuXPOnTqEPNfA3lVF9KZUJIcuH5Ze/5Y6ifCyc/Gs+aA5zrrU74V8NPgBPAsAjP0ruyKXF10x0aH37tQ3LcTQfJaUfQSNnj+lUe/cfYj5IxZA+ZWOeGP6FsCHXV0/5EvCcas+eVb9qMSr9yrrG5vTy6uNpWgpWgvD2hkCtk6HlaQQ6dape736HCT1aT+CdP/iEFtf+HjQiON2Vbc++QgQx+0w6YfWs5nfbf24aZbFuAjgmO6okuanOxacM8jXNiKxVWrKNWIYhmEYhmEYhmEYhmEYhsnFUVDyFzSD8HJi/ScAAP//bUVZjQ==") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) chdir(&(0x7f0000000040)='./file0\x00') getxattr(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)=@known='user.incfs.metadata\x00', 0x0, 0x0) 2m41.420292943s ago: executing program 3 (id=670): syz_mount_image$iso9660(&(0x7f0000000fc0), &(0x7f0000000000)='./file1\x00', 0x8800, &(0x7f0000000d80)=ANY=[], 0x23, 0x7f3, &(0x7f0000001800)="$eJzs3U9oHOfZAPBnFMmWFfAX8n3kM8ZxxnZKbeoqu1KiVOSQbFYjeRJpV+yuik0pSYhtMJaTEBPS+NDEl6QtLaWnHtNcQy6FHgo9lPbQFgqF5tBLD4VATiWFFkpLCajM7K71x1pJTmQrTX8/Yb2z7z7zzjOzo3l21ruzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEUp+pVKrJwYhYOpsOVp9pNRe2uL8/3s/XNVssNyIp/sXoaBzqdh36v9W77yt+HY8j3VtHYrRoRuPa3ffd89j/Dg/1598ioU/q2A7jkog3iqQuPzcUcTsSuYO+87NbnuWfK8XvuayRt5v5Qm0uS/N2M52emqo8dGa2nc7m81n7XLuTLaT1VlbrNFvpyfqptDo9PZlm4+eaS425mdp81u989MsTlcpU+tT4YlZrtZuNh54ab9fP5PPzeWOujJmovBpFzKPFjvh03kk7WW0hTS9eWr4wuV2qRVB1Xc/+dY/XkQfv+fCVD/526UKxQw4aJOntmBPV6sREdeqR6UcerVSGJyoT6zsqG8SNiBiKKCJuy07LZ92B1YPE7h284VMa6tb/iPnIoxFLcTbSSGOo/L36MxKjMROtaMZCcfsPIxvuv6n+f+Ghv/xuq+WW9futoqiP3qjyh1bvPhxl/T/avXV0QP0vDsob89jZz4FbnePKbyPe62aztv9qvBbX4nI8F8uxHBfi5U+Yzx37Gdph3Gj/kdg6bi6yaEQe7WhGHgtRK3vSXk8a0zEVU1GJZ+JMzEY70piNPOYji3aci3Z0Iiv3qHq0IotadKIZrUjjZNTjVKRRjemYjslII4vxOBfNWIpGzMVM1MpRLsalcrtPbsjrvm8+m7zx+w/fLqZvBFW3WJGkeDJXBP11Xff6/aRXzB+IHdX/A70tuD4iiXR4j2sRu6r/p7LT+F04asPuWCnr//BepwEAAADcRkn56nsSESNxfzk1m89nX9vrtAAAAIBdVL6v+UjRjBRT90dSnP9XNol8/47nBgAAAOyOpPyMXRIRY/FAd6r/canNXgQAAAAA/gOV//9/tGjGIl4vO5z/AwAAwOfMtwZdY/+Dfb1r7LcX9yd39aIXzz6YXKkVU7Urvb5e89UbI3ZmDycHe4OUzdTwtbuTiBiuZ0eS/tUvP97fbT8qRzi8egHCQdf6T1qtkeT64ARi6wTKW/HdONaNOXa+257v39NdythsPp+N15vzj1WT3osjnVdeuPSNiGLp324sHEzi4qXlC+PPv7h8vszlejHK9Su9y8Mnt5DLSm8LxP2br/FI+UGM3nLHusutrF3/oe7sQ1svM1m7zDfjeDfm+Fi3HVu//qPFMqvjj1WjVjs41MnOdl5ZWbP2vSyqn3LN34wT3ZgTJ090m02ymFiXxQs3ZzGxNoudbYstsyj0s3j72Otn//6rZpJNbpfF5KfMAmCvXCyv+rNahQ6UVehfK11F/d9Qd/tXNd/0KPfFn/SOoRuOchdXn2X0519T64Zjd6r7m3GyDPnFye7zieHD6+rKE2VdqWxyRH/p0ku/7h3RH373hz/6+tHf/Hi1um04Rj/RfVYwOIt341Q3stfEvb+8qboVQ1TLLfu9DVX1nWKOdwZW1fb8RDISESv/c+Pu8nGKiInJqcrDlcojEzFSPlXoNYMz3b/zvQSAz5ttv2NnB9/C8/DmZ9XRr3j33nhLwXg8Hy/GcpyP0+WnDSLigc1HHVvzNoTT25y1jq35hpfT25xbrsZObIzdfyKJAbGTa7bY//+gbP5x+x4TALjdjm9Th3dS/0/3zrtj8/PuDbX8VPeLc/tnxzG4lm/mK7d7gwDAf4Gs9VEy1nkrabXyxWeq09PVWudMlraa9afTVj4zl6V5o5O16mdqjbksXWw1O816/wXxmaydtpcWF5sfd9LZZitdbLbzs+U3v6e9r35vZwu1xqtRby/OZ7V2ltabjU6t3kln8nY9XVx6cj5vn8la5cztxayez+b1WidvNtJ2c6lVz8bTtJ1lawLzmazRyWfzYrKRLrbyhVrrekTMLy1k6UzWrrfyxU6zO2B/WXljttlaqA1Y/T/fwU0NAJ8ZV1+7dvm55eULL6+fWEk29mw+8ccdxFyNWNnr1QQA1lhbpQEAAAAAAAAAAAAAgM+mmz+uV/Ru+5G+tRMjcQvBGyb2xyeZ6/M78aX3ug/Lbgy4yTj7tpzrrtWeA+se0329nWXvt88tTzz7+OOXB8U8+fqhM3/KIrYfZ/O/lKt337T3xlsHI/b99Pvdnifu1Jq+H921iOFbmn0l2SJmzw5JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDQvwMAAP//wexOyQ==") openat$rtc(0xffffffffffffff9c, 0x0, 0x8000, 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000180)=ANY=[@ANYBLOB="20000000020000001d"], 0x0) 2m41.003942811s ago: executing program 3 (id=675): prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94) syz_emit_ethernet(0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="910418166421b54fa0aaaa05000442"], 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48) 2m40.947251024s ago: executing program 32 (id=675): prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94) syz_emit_ethernet(0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="910418166421b54fa0aaaa05000442"], 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48) 2m33.076806253s ago: executing program 33 (id=531): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xffe0}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x24040884) sendmsg$nl_route_sched(r0, 0x0, 0x4000000) 1m39.643353878s ago: executing program 5 (id=2348): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000180)={0x0, 0xa6, 0x10}, 0xc) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) r2 = dup(r0) setsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f00000003c0)=@assoc_value={0x0, 0x1ff}, 0x8) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x4, 0x8, 0xff}, 0x9c) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r4, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a) splice(r3, 0x0, r0, 0x0, 0x20000000000002, 0x2) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x806, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c) 1m38.78138969s ago: executing program 5 (id=2360): r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) write$binfmt_script(r1, &(0x7f0000000080)={'#! ', './file1', [{}]}, 0x2) write$binfmt_misc(r1, &(0x7f0000000140)='\t', 0x1) pwrite64(r1, &(0x7f0000000180)="8d2aed3deaee6548c94a8f671c4c6847d7904cf2a8ce22d0b8e3b8fc3aa2fbcb116e71b84e75fc12c6890efa0762d51fd1a3eb7ca5da35fb80abd7c1f977eb8ada0a11b106cbfa5c709c43e1e2560879f78a3413b70db960f5631eba25446c906f8efcdce609dd3ec92280c1624c0087fe03b3983f9bbf11c76a5438be97d18eb82889505b41a7674e263c0247f58e8f8513ccccaeb0d7f5d2f00c0448e4ff539e26b01a7c9854a921cae62ddc6ae20b60e692695f53ccba9c0f5a70e09cca8f4b62fda08e6f5cc894e9d37be470d3fdd2c41eb1455565bf89a243698f4d3b164a9191e7454c69faf892", 0xea, 0x6) close(r1) execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0) 1m38.752729119s ago: executing program 5 (id=2362): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) close(0x3) r1 = socket(0x2, 0x80805, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, 0x0) sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x3}, &(0x7f0000000180)=0x8) 1m38.713112407s ago: executing program 5 (id=2363): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) mprotect(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x1) mount$bind(&(0x7f0000000240)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1a8584c, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) pivot_root(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000000)='./file0/../file0\x00') 1m38.640153284s ago: executing program 5 (id=2365): r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fchdir(0xffffffffffffffff) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) 1m38.312107072s ago: executing program 5 (id=2373): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) close(0x3) r1 = socket(0x2, 0x80805, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, 0x0) sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x3}, &(0x7f0000000180)=0x8) 1m38.297708419s ago: executing program 34 (id=2373): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) close(0x3) r1 = socket(0x2, 0x80805, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, 0x0) sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x3}, &(0x7f0000000180)=0x8) 6.217561629s ago: executing program 6 (id=3651): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x13, &(0x7f0000000e40)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) 6.159756914s ago: executing program 6 (id=3653): syz_usb_connect$hid(0x1, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28de, 0x1142, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x3}}}}}]}}]}}, 0x0) r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) r7 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r7, 0x0, 0x8008000000010, 0x0, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[], 0xa8}}, 0xc000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x0, 0x0, 0x0}, 0x94) r8 = syz_open_dev$usbfs(0x0, 0x204, 0x2) mmap(&(0x7f0000036000/0x4000)=nil, 0x4000, 0x1000002, 0x11012, r8, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x1a, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0xffffffd}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x20044804}, 0x44080) 4.083831566s ago: executing program 0 (id=3661): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000180)={0x0, 0xa6, 0x10}, 0xc) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) r2 = dup(r0) setsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f00000003c0)=@assoc_value={0x0, 0x1ff}, 0x8) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x4, 0x8, 0xff}, 0x9c) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r4, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a) splice(r3, 0x0, r0, 0x0, 0x20000000000002, 0x2) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x806, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c) 3.121076306s ago: executing program 0 (id=3667): mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x8, 0x4010, 0xffffffffffffffff, 0xc9584000) socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000000000002) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socket$inet6_udp(0xa, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x9c5c2000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioprio_get$uid(0x3, 0x0) r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0xffffffff}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x4, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x1}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x30, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x14, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5}]}]}, 0x30}}, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="40000000020101020000000000000000020000042c0002800c0002800500010001000000140001"], 0x40}, 0x1, 0x0, 0x0, 0x20004040}, 0x800) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) ioctl$BTRFS_IOC_RESIZE(r2, 0x50009403, 0x0) 2.547764789s ago: executing program 6 (id=3670): bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$erofs(&(0x7f0000000040), &(0x7f0000000580)='./file2\x00', 0x2000000, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16], 0x5, 0x236, &(0x7f00000027c0)="$eJzsmDGLE0EUx/8z2ewlInI2V9goeOCJXnLZQ7kmnAqClc2dqJUGbz3O7F0kt4IJCAYbG+0sBBsLv4DFFVdZ2PkFBC1UECxMYWFjs/J2ZjezN9HENd29XzH8Z957M/PeZF8RMAyzb/ny+eenJxeWVk8DOIhZTOn1bwVACKWl4f/x+b1Tz+oXX7z+8Ort1qEHu3v3o5Aoyi6U/nK+A+DN+QLC9KQ0+heJWT1ZhUz1FUic1PoqBCpa34QsJvv6ELiu9R1Dt8i/Urm9EfiVW61gjcQCDTUaPBoy+dL9+j2BNT2PoigShn270202gsBvG8LRtiGmXCI9rDlj1a8IgX4PqBv3o/tfe/yoR/OkNgtG/WqQqOkkFiGwoteXMJXURpXEyP+IM9i/YOU/NFtyJcOoJEtK1H9MpFimODyfL3yO0jlnm6aR5xoYRC3DbxcxMFEls87H/i9lTO/96cTCMV4Hw8OX9YPmOPSylUWzEZSyK5LE0zKAib+yLXJlkYiZ/u472/R1VHgkRh8hxv/9lMa9c/Ih/kumyQesVsroNmW+inXsdzcu9n5H9Y/opcAJoz85Rv+ohpt3q9ud7vzGZmPdX/e3PG/xrAAenvGqcSNSo9X3Bv25HPenA8b+xT/4utLF/UYYtmtqdIWLMsKw7cVzz/hsVnZa32/osBCXABxXE2qbbrpjwTpDuMpHxr6k5mwnhmEYhmEYhmEYhmEYhmGYccn84XkUIv4XdASe8v4dAAD//9FzXEo=") statfs(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000780)=""/73) 1.761871948s ago: executing program 0 (id=3672): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x842d80, 0x0) ioctl$PTP_EXTTS_REQUEST2(r0, 0xc0403d11, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000b40), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000440)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000120000000800080003000000180001801400020076657468305f746f5f62617461647600080009"], 0x3c}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0) sched_setscheduler(0x0, 0x4, &(0x7f0000000080)=0x7) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0xfffffffe, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r4}, 0x10) syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) 1.734600158s ago: executing program 1 (id=3674): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001000000010000"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000001000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r3}, 0x10) close(r0) 1.675620217s ago: executing program 6 (id=3677): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000180)={0x0, 0xa6, 0x10}, 0xc) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) r2 = dup(r0) setsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f00000003c0)=@assoc_value={0x0, 0x1ff}, 0x8) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, 0x0, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r4, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a) splice(r3, 0x0, r0, 0x0, 0x20000000000002, 0x2) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x806, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c) 1.579672318s ago: executing program 1 (id=3678): syz_mount_image$exfat(&(0x7f0000000100), &(0x7f0000000240)='./file0\x00', 0x800000, &(0x7f0000000600)=ANY=[], 0x2, 0x14fe, &(0x7f0000002180)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x2040, 0x0) ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r2, 0x8008f511, 0xffffffffffffffff) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x1f) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0x12) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)={0x2c, r5, 0x601, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x18, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2400c005}, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) 907.028062ms ago: executing program 0 (id=3686): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x16, 0x0, 0x4, 0x7, 0x0, 0x1}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="01000000040000000400000008"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000ac0)={{r2}, &(0x7f0000000300), &(0x7f0000000380)}, 0x20) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) 824.008579ms ago: executing program 0 (id=3687): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) 817.116263ms ago: executing program 6 (id=3689): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2000c16, &(0x7f0000000280)={[{@usrquota}, {@nodelalloc}]}, 0xff, 0x25e, &(0x7f0000000e80)="$eJzs3U1IHGcYB/BnZndr1aXY9lIo/YBSSiuIvRV6sZcWhCJSSqEtWErppUULVulNe8olh+QYkuApFwm5xeQYvEguCYGcTOLBXAKJ5BDJIQnZsDsr+JVo3HUnZH4/WOfDd97nHWb+74g4GEBh9UXEUESUIqI/IioRkWxu8HH26WtuznUvjUXUaj/cTxrtsu3MxnG9ETEbEV9FxGKaxF/liOmFX1YfLn/32dGpyqdnFn7u7uhJNq2trny/fnrkyPnhL6evXr87ksRQVLecV/slu+wrJxHvHEaxV0RSznsE7Mfof+du1HP/bkR80sh/JdLILt6xyTcWK/HFqecde/zetfc7OVag/Wq1Sv0ZOFsDCieNiGok6UBEZOtpOjCQ/Qx/s9ST/j0x+W//nxNT43/kPVMB7VKNWPn2YteF3m35v1PK8g+8prJfSq38ODp/q76yXsp7QEBHfJAt6s///t9mPg/5h8KRfygu+Yfikn8oLvmH4pJ/KC75h4J42vxjv0275B+KS/6huA6c/xNPDm9QQEdszj8AUCy1rgO9Ndzel5CBXOQ9/wAAAAAAAAAAAAAAAAAAADvNdS+NbXza02N5zxaXT0asfZM13Vm/1Ph/xBFvNr72PEi29Jjsq8KL/fpRix206GzOb1+/dTvf+lc+zLf+zHjE7P8RMVgu77z/kub9d3Bv7/H9yu8tFnhJybbtr3/qbP3tHs/nW394OeJSff4Z3G3+SeO9xnL3+adav34t1v/nUYsdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0DHPAgAA///B2nXP") mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) bind$unix(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xa, 0x4, 0x7fe2, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0x2000000000000111, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x40}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x1015e, 0x2, 0x0) syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00') mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 778.625497ms ago: executing program 6 (id=3691): syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b0000080039"], 0x15) write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000000480)=ANY=[], 0x298) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x4, 0x8, 0x1}, 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) read$FUSE(0xffffffffffffffff, &(0x7f0000002440)={0x2020}, 0x2020) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r6 = socket$pppl2tp(0x18, 0x1, 0x1) r7 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r6, &(0x7f0000001080)=@pppol2tpv3={0x18, 0x1, {0x3, r7, {0x41, 0x0, @multicast2}, 0x20020003}}, 0x2e) getsockopt$sock_buf(r6, 0x1, 0x1c, &(0x7f0000000040)=""/86, &(0x7f00000000c0)=0x56) memfd_create(0x0, 0x1) 728.111776ms ago: executing program 4 (id=3692): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0xa6, 0x20}, 0xc) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) r2 = dup(r0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x4, 0x8, 0xff}, 0x9c) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r4, 0x0, 0x0) splice(r3, 0x0, r0, 0x0, 0x20000000000002, 0x2) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x6, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c) 381.452459ms ago: executing program 1 (id=3693): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket(0x10, 0x3, 0x0) connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x68, 0x30, 0x829, 0x20000, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_PRIORITY={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0) 374.781769ms ago: executing program 4 (id=3694): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10) statx(0xffffffffffffff9c, 0x0, 0x0, 0x100, 0x0) 323.968556ms ago: executing program 1 (id=3695): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x10}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) syz_clone(0x102311, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) readv(r2, &(0x7f0000000640)=[{&(0x7f0000000400)=""/244, 0xf4}], 0x1) 323.731353ms ago: executing program 4 (id=3696): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000001200)=@base={0x2, 0x4, 0x5, 0x143, 0x1014}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff0000001100a200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bf"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10) syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x1291021, 0x0, 0x0, 0x0, 0x0) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x8011, 0x0) 323.141958ms ago: executing program 4 (id=3697): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000180)=ANY=[@ANYBLOB='iocharset=cp850,fmask=00000000000000000000236,errors=remount-ro,iocharset=iso8859-7,fmask=00000000000000000000005,dmask=00000000000000000000000,gid=', @ANYRESHEX=0x0, @ANYBLOB=',dmask=00000000000000000000001,errors=continue,uid=', @ANYRESHEX=0x0, @ANYBLOB=',hash,obj_role=,subj_role=iso8859-7,fowner=', @ANYRESDEC=0x0, @ANYBLOB='\'\x00em_u,\x00'], 0xfd, 0x153c, &(0x7f0000000440)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k0uiyTJJUkuSZIkSW4JSZMcSUgMuSUNSUguQ3IZQnKZmDTu9/slIUmaJAnJLVn/z5T5q1Pnf875nX7H/5x5vp/P+7GeWftZ+9me97L3npdvug6r1aR29UZEBP8S/OWPRACIBYBBAHANAAQAUD6ufFzmfE6Jif/aTtif66GUK10Bu5K4/9kb9z974/5nb9z/7I37n71x/7M37n/2xv1nLDvbMqPgtfzIvg++/5+d8ef/f5GM0uO+WFf6+m4AMf9oCvf/Px/+C7nc//9awT+yEfc/e+P+/7dY909uH/u/VAf7T8Kv/+wgx9+c4f5nb9x/xrKzX98LjoUrfz/63/2ASPb+HciVfv4xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMsezvrLFABkja90XYwxxhhjjDHGGPvz+BxXugLGGGOMMcYYY4z970MQIEFBADGQA2IhJ+QCARCTNX8txMF1kBeuh3yQHwpAQYiHQlAYNBiwQBBCESgKUbgBisGNUBxKQEkoBQ5KQxm4CcrCzVAOboHycCtUgNugIlSCylAFboeqcAdUgzuhOtwFNaAm1ILacDfUgXugLtwL9eA+qA/3QwN4ABrCg9AIHoLG8DA0gUegKTwKzaA5tICW0Op/lP8C9IQXoRf0hkToA33hJegH/WEADIRB8DIMhldgCLwKSTAUhsFrMBxehxHwBoyEUTAa3oQx8BaMhXEwHiZAMkyESfA2TIZ3YApMhWkwHVJgBsyEd2EWzIY58B7MhfdhHsyHBbAQUuEDWASLIQ0+hCXwEaTDUlgGy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW2AbbYQfshF3wMeyGT2AP7IV98Cnsh8/+yfwzf5XfDQEBBQpUqDAGYzAWYzEX5sLcmBvzYB6MYATjMA7zYl7Mh/mwABbAeIzHwlgYDRokJCyCRTCKUSyGxbA4FseSWBIdOiyDZbAs3ozlsByWx/JYAStgRayElbAKVsGqWBWrYTWsjtWxBtbAWlgL78a7sQ/WxbpYD+thfayfdXsKG2EjbIyNsQk2wabYFJthM2yBLbAVtsLW2BrbYBtsh+2wPbbHDtgBEzABO2JH7ISdsDN2xi7YBbtiV+yG3bF7xgs5AF/EF7E31hB9sC/2xX6YlGMADsSB+DIOxlfwFXwVk3AoDsPX8DV8HUfgaRyJo3A0jsaq4i0ci+OQxARMxmSchJNwMk7GKTgVp+J0TMEZOBNn4iycjbPxPZyL7+P7OB/n40JMxVRchIsxDdNwCZ7BdFyKy3A5rsCVuAJX4xpcjetwPa7DjbgRN+Nm3IpbcTtux524Ez9GBYCf4F7ci0m4H/fjATyAB/EgHsJDmIEZeBgP4xE8gkfxKB7DY3gcT+BJPIGn8BSexjN4Fs/ieTyPF/C5+K8af1xibRKITEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEXpFX5BP5RAFRQMSLeFFYFBZGGEEizHynEFERFcVEMVFcFBclRUnhhBNlRBlRVpQV5UQ5UV7cKiqI20RFUUm0dVVEFVFVtHPVxJ2iuqguaoiaopaoLWqLOqKOqCvqinqinqgv6osG4gHRUPTBAfiQyOxMEzEUm4ph2Ew0F/LSO1RrMQLbiLainXhCjMKR2EG0dgniadFRjMVO4i9iHD4ruogJ2FU8L7qJ7qKHeEH0FG1cL9FbTME+oq+Yjv1EfzFADBSzsKZ4D+fmrCVeFUliqBgmXhML8XUxQrwhRopRYrR4U4wRb4mxYpwYLyaIZDFRTBJvi8niHTFFTBXTxHSRImaImeJdMUvMFnPEe2KueF/ME/PFArFQpIoPxCKxWKSJD8US8ZFIF0vFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQO8Uu8bHYLT4Re8ResU98KvaLz8QB8bk4KL4Qh8SXIkN8JQ6Lr8UR8Y04Kr4Vx8R34rg4IU6K78Up8YM4Lc6Is+KcOC9+FBfET+Ki8AIkSiGlVDKQMTKHjJU5ZS55lcwtg6z3fxknr5N55fUyn8wvC8iCMl4WkoWllkZaSTKURWRRGZU3yGLyRllclpAlZSnpZGlZRt4ky8qbZTl5iywvb5UV5G2yoqwkK8sq8nZZVd4hIfLLPmrImrKWrC3vlolwj6wr75X15H2yvrxfNpAPyIbyQdlIPiQby4dlE/mIbCoflc1kc9lCtpSt5GOytXxctpFtZTv5hGwvn5Qd5FMyQT4tO0p/6SnyrOwin5Nd5fOym+wue8if5EXpZS/ZW0IfkH3lS7Kf7C8HyIFykHxZDpavyCHyVZkkh8ph8jU5XL4uR8g35Eg5So6Wb8ox8i05Vo6T4+UEmSwnyknybTlZviOnyKlympwuU+QMOeDSSnOk/Lv5b/9B/pCf975ZbpFb5Ta5Xe6QO+Uu+bHcLXfLPXKP3Cf3yf1yvzwgD8iD8qA8JA/JDJkhD8vD8og8Io/Ko/KYPCaPyxPynPxenpI/yNPyjDwjz8nz8ry8cOnvABQqoaRSKlAxKoeKVTlVLnWVyq2uVnnUNSqirlVx6jqVV12v8qn8qoAqqOJVIVVYaWWUVaRCVUQVVVF1A156wqiSqpRyqrQqo276Z/JVMXWjKq5K/CY/q77Ev1FfK9VKtVatVRvVRrVT7VR71V51UB1UgkpQHVVH1Ul1Up1VZ9VFdVFdVVfVTXVTPVQP1VP1VL1UL5WoElVf9ZLqp/qrAWqgGqReFpnHMEQNUUkqSQ1Tw9RwNVyNUCPUSDVSjVaj1Rg1Ro1VY9V4NV4lq2Q1SU1Sk9VkNUVNUdPUNJWiUtRMNVPNUrPUHDVHzVVz1Tw1Ty1QC1SqSlWL1CKVptLUErVEpaulaqlarparlWqlWq1Wq7VqrVqv1quNaqNKV1vUFrVNbVM71A61S+1Su9VutUftUfvUPrVf7VcH1AF1UB1Uh9QhlaEy1GF1WB1RR9RRdVQdU8fUcXVcnVQn1Sl1Sp1Wp9VZdVadV+fVBXVBXVQXM0/7AhGIQAUqiAligtggNsgV5ApyB7mDPEGeIBJEgrggLsgbXB/kC/IHBYKCQXxQKCgc6MAENhCXmh4NbgiKBTcGxYMSQcmgVOCC0kGZ4KagbHBzUC64JSgf3BpUCG4LKgaVgspBleD2oGpwR1AtuDOoHtwV1AhqBrWC2sHdQZ3gnqBucG9QL7gvqB/cHzQIHggaBg8GjYKHgsbBw0GT4JGgafBo0CxoHrQIWgat/tT1vT+d/3HXS/fWibqP7qtf0v10fz1AD9SD9Mt6sH5FD9Gv6iQ9VA/Tr+nh+nU9Qr+hR+pRerR+U4/Rb+mxepweryfoZD1RT9Jv68n6HT1FT9XT9HSdomfomfpdPUvP1nP0e3qufl/P0/P1Ar1Qp+oP9CK9WKfpD/US/ZFO10v1Mr1cr9Ar9Sq9Wq/Ra/U6vV5v0Bv1Jr1Zb9Fb9Ta9Xe/QO/Uu/bHerT/Re/RevU9/qvfrz/QB/bk+qL/Qh/SXOkN/pQ/rr/UR/Y0+qr/Vx/R3+rg+oU/q7/Up/YM+rc/os/qcPq9/1Bf0T/qi9pkn95kf70YZZWJMjIk1sSaXyWVym9wmj8ljIiZi4kycyWvymnwmnylgCph4E28Km8ImExkyRUwREzVRU8wUM8VNcVPSlDTOOFPGlDFlTVlTzpQz5U15U8FUMBVNRVPZVDa3m9vNHeYOc6e509xl7jI1TU1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTDPTwrQwrUwr09q0Nm1MG9POtDPtTXvTwXQwCSbBdDQdTSfTyXQ2nU0X08V0NV1NN9PN9DA9TE/T0/QyvUyiSTR9TV/Tz/QzA8wAM8gMMoPNYDPEDDFJJskMM8PMcDPcjDAjzEgzyozOPFE1b5mxZpwZbyaYZJNsJplJZrKZbKaYKWaamWZSTIqZaWaaWWaWmWPmmLlmrpln5pkFZoFJNalmkVlk0kyaWWKWmHSTbpaZZWaFWWFWmVVmjVlj1pl1ZgNsMJvMJrPFbDHbzDazw+wwu8wus9vsNnvMHrPP7DP7zX5zwBwwB81Bc8gcMhkmwxw2h80Rc8QcNUfNsdjMWo+bk+akOWVOmdPmtDlrzprzJv+lz0tvYm1Om8teZXPbq20ee43967iALWjjbSFb2Gqbz+b/TWystcVtCVvSlrLOlrZl7E2/iyvaSrayrWJvt1XtHbba7+I69h5b195r69n7bG1792/i+vZ+28A+YhsiAtjmtrFtaZvYR2xT+6htZpvbFralbW+ftB3sUzbBPm072md+Fy+yi+0au9aus+vtHrvXnrXn7BH7jT1vf7S9bG87yL5sB9tX7BD7qk2yQ38Xj7Zv2jH2LTvWjrPj7YTfxdPsdJtiZ9iZ9l0LMPs38Sw726baD+xcm2bn2fl2gV34c5xZU5r90C6xH9l0G8Ayu9yusCvtKrv6/9a63G60m+xmu9t+YrfZ7XaH3Wl3ZZ0I2712n/3U7ref2cP2a3vQfmEP2aM2w371c5x5fEftt/aY/c4etyfsSfu9PWV/UFnZmcf+vf3JXrTeAiEBSVIUUAzloFjKSbnoKspNV1MeuoYidC3F0XWUl66nfJSfClBBiqdCVJg0GbJEFFIRKkpRuoGyyitJpchRaSpDN1FZupnK0S1Unm6lCnQbVaRKVJmq0O1Ule6ganQnVae7qAbVpFpUm+6mOnQP1aV7qR7dR/XpfmpAD1BDepAa0UPUmB6mJvQINaVHqRk1pxbUklrRY9SaHqc21Jba0RPUnp6kDvQUJdDT1JGeoU70F+pMz1IXeo660vPUjbpTD3qBetKL1It6UyL1ob70EvWj/jSABtIgepkG0ys0hF6lJBpKw+g1Gk6v0wh6g0bSKBpNb9IYeovG0jgaTxMomSbSJHqbJtM7NIWm0jSaTik0g2bSuzSLZtMceo/m0vs0j+bTAlpIqfQBLaLFlEYf0hL6iNJpKS2j5bSCVtIqWk1raC2to/W0gTbSJtpMW2grbaPttIN20i76mHbTJ7SH9tI++pT202d0gD6ng/QFHaIvKYO+osP0NR2hb+gofet703d0nE7QSfqeTtEPdJrO0Fk6R+fpR7pAP9FF8gQhhiKUoQqDMCbMEcaGOcNc4VVh7vDqME94TRgJrw3jwuvCvOH1Yb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hMXCG8PiYYmwZFgqdGHpsEx4U1g2vDksF94Slg9vDSuEt4UVw0rhI/dVCW8Pq4Z3hNXCO8Pq4V1hjbBmWCusHd4d1gnvCeuG94b1wvvCcuH9YYPwgbBh+GDYKHwobBw+HDYJHwmbho+GzcLmYYuwZdgqfCxsHT4etgnbhu3Cq8L24ZNhh/CpMCF8OuwYPvPz/P2Ls+af+N18Ytgn7Bu+FL4Uen+vXBBdGE2NfhBdFF0cTYt+GF0S/SiaHl0aXRZdHl0RXRldFV0dXRNdG10XXR/dEN0Y3RTdHPW+dg5w6ISTTrnAxbgcLtbldLncVS63u9rlcde4iLvWxbnrXF53vcvn8rsCrqCLd4VcYaedcdaRC10RV9RF3Q2umLvRFXclXElXyjlX2pVxLV0r18q1do+7Nq6ta+eecE+4J92T7in3lHvadXTPuE7uL66ze9Z1cc+559zzrpvr7nq4F1xPNzHPL6/JRNfX9XX9XD83wA1wg9wgN9gNdkPcEJfkktwwN8wNd8PdCDfCjXQj3Wg32o1xY9xYN9aNd+Ndskt2k9wkN9lNdlPcFDfNTXMpLsXNdDPdLDfLVZ39y17muXlugVvgUl2qW+QyzxnT3BK3xKW7dLfMLXMr3Aq3yq1ya9wat86tcxvcBrfJbXJb3Ba3zW1zO9wOt8vtcrvdbrfHX/PLom6/O+AOuIPuoDvkvnQZ7it32H3tjrhv3FH3rTvmvnPH3Ql30n3vTrkf3Gl3xp1159x596O74H5yF513yZGJkUmRtyOTI+9EpkSmRqZFpkdSIjMiMyPvRmZFZkfmRN6LzI28H5kXmR9ZEFkYSY18EFkUWRxJi3wYWRL5KJIeWRpZFlkeWRFZGfG+0LbQF/FFfdTf4Iv5G31xX8KX9KW886V9GX+TL+tv9uX8Lb68v9VX8Lf5ir6Sr+wf9c18c9/Ct/St/GO+tX/ct/FtfTv/hG/vn/Qd/FM+wT/tO/pnfCf/F9/ZP+u7+Od8V/+87+a7+x7+Bd/Tv+h7+d4+0ffxff1Lvp/v7wf4gX6Qf9kP9q/4If5Vn+SH+mH+NT/cv+5H+Df8SD/Kj45504/JukSGCT7ZT/ST/Nt+sn/HT/FT/TQ/3af4GX6mf9fP8rP9HP+en+vf9/P8fL/AL/Sp/gO/yC/2af5Dv8R/5NP90qybxn6VX+3X+LV+nV/vN/iNfpPf7Lf4rX6b3+53+J1+l//Y7/af+D1+r9/nP/X7/Wf+gP/cH/Rf+EP+S5/hv/KH/df+iP/GH/Xf+mP+O3/cn/Anfaw/5X/wp/0Zf9af8+f9j/6C/8lf5H+zxhhjjDH2D5l4eSh+O/PL7fw+f5AjfrVxXwC4envBjF/PZ55Rbsj3y7i/iG8fAYCne3d9KOtRo0ZiYuKlbdMlBEXnA2T9JijTz189uBQvhXbwJCRAWyj7h/X3F93P0x+tj5fXj94KkOtXObFwOb68/ucAmPgH6z/2xOhFFcKzcX+7/uh8gOJFL+fkhMvxUmj38/2VtlDub9Sfv/Uf1n95/ZxfJAO0+VVObrgcX66/DDwOz0DCb7ZkjDHGGGOMMcZ+0V9U7px1/Zn1jc8/uj6PV5dzcsDl+O9dnzPGGGOMMcYYY+zKe7Z7j6ceS0ho2/mfH1T7eRAL/8P0vzdoCn/ygjz4fw+8B8j6iQKAf3FBgMyB/HcexdZ/y76SLr10/npqxTkfwP8frfwzBlf4jYkxxhhjjDH2p7t80v/bn6srVRBjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZYN/Tv+O7ErfYyMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYlfZ/AgAA//+JpPwy") r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x1ff) 304.562163ms ago: executing program 4 (id=3698): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x9, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000080000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000380)='tlb_flush\x00', r1}, 0x18) mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) 283.967473ms ago: executing program 4 (id=3699): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000180)={0x0, 0xa6, 0x10}, 0xc) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) r2 = dup(r0) setsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f00000003c0)=@assoc_value={0x0, 0x1ff}, 0x8) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, 0x0, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r4, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a) splice(r3, 0x0, r0, 0x0, 0x20000000000002, 0x2) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x806, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c) 277.021008ms ago: executing program 7 (id=3700): personality(0x400000a) 207.999753ms ago: executing program 7 (id=3701): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2000c16, &(0x7f0000000280)={[{@usrquota}, {@nodelalloc}]}, 0xff, 0x25e, &(0x7f0000000e80)="$eJzs3U1IHGcYB/BnZndr1aXY9lIo/YBSSiuIvRV6sZcWhCJSSqEtWErppUULVulNe8olh+QYkuApFwm5xeQYvEguCYGcTOLBXAKJ5BDJIQnZsDsr+JVo3HUnZH4/WOfDd97nHWb+74g4GEBh9UXEUESUIqI/IioRkWxu8HH26WtuznUvjUXUaj/cTxrtsu3MxnG9ETEbEV9FxGKaxF/liOmFX1YfLn/32dGpyqdnFn7u7uhJNq2trny/fnrkyPnhL6evXr87ksRQVLecV/slu+wrJxHvHEaxV0RSznsE7Mfof+du1HP/bkR80sh/JdLILt6xyTcWK/HFqecde/zetfc7OVag/Wq1Sv0ZOFsDCieNiGok6UBEZOtpOjCQ/Qx/s9ST/j0x+W//nxNT43/kPVMB7VKNWPn2YteF3m35v1PK8g+8prJfSq38ODp/q76yXsp7QEBHfJAt6s///t9mPg/5h8KRfygu+Yfikn8oLvmH4pJ/KC75h4J42vxjv0275B+KS/6huA6c/xNPDm9QQEdszj8AUCy1rgO9Ndzel5CBXOQ9/wAAAAAAAAAAAAAAAAAAADvNdS+NbXza02N5zxaXT0asfZM13Vm/1Ph/xBFvNr72PEi29Jjsq8KL/fpRix206GzOb1+/dTvf+lc+zLf+zHjE7P8RMVgu77z/kub9d3Bv7/H9yu8tFnhJybbtr3/qbP3tHs/nW394OeJSff4Z3G3+SeO9xnL3+adav34t1v/nUYsdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0DHPAgAA///B2nXP") mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) bind$unix(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xa, 0x4, 0x7fe2, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0x2000000000000111, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x40}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x1015e, 0x2, 0x0) syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00') mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 205.641594ms ago: executing program 7 (id=3702): r0 = syz_open_dev$usbmon(&(0x7f0000000380), 0xc1d, 0x2ac80) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000400)={0x0, 0x0, 0x4}) 180.563732ms ago: executing program 1 (id=3703): r0 = socket(0x10, 0x803, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) getsockname$packet(r0, 0x0, 0x0) 149.739261ms ago: executing program 7 (id=3704): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0xa6, 0x20}, 0xc) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) r2 = dup(r0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x4, 0x8, 0xff}, 0x9c) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r4, 0x0, 0x0) splice(r3, 0x0, r0, 0x0, 0x20000000000002, 0x2) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x6, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c) 140.275726ms ago: executing program 1 (id=3705): socket$nl_generic(0x10, 0x3, 0x10) syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x10, &(0x7f0000000600), 0x1, 0x59d, &(0x7f0000001100)="$eJzs3c9vFGUfAPDvs7stlAItb97kfZGDTUiERG1pwWiMiRDx5sEfJJ5IrG0hhAUaWhNBjJDgf6B/gIk3E2M8EmOIevHqzcSriSESA714WzO7s2WB3f7cMsh8PsnQ55mnk+8zu3z7zDw7MxtAaY1l/1Qi9kbEfIoY6WirRd441vq9u3euzCzduTKTotF4568UKV/X/v2U/xzON94eEb/8kOI/1YfjLly6fHa6Xp+7mNcnFs/NTyxcuvz8mXPTp+dOz52fmnxx8oUjh6eOHOrLfu6KiJ/Gj9eun3pt3zczX+755LuvbqQ4Gjvz9s796JexGFt+TTplr+tL/Q5WkGq+P51vcaoV2CHWpf3+DUTE/2IkqnHvzRuJT98qtHPAlmqkiAZQUkn+Q0m1jwOy89/2UuwRCfCo3D7WmgC4m1pze0vL+V9rzQ3G9ubcwI6lFJ3TOiki+jEzl8WYfyaNZEts0Twc0N3VaxHx/27jf2rm5mhzFj/L/8p9+V+JiDfzn9n6tzcYf+yBuvyHR2cz+f9eR/6/v8H48h8AAAAAAAD65+axiHiu2+d/leXrf6LL9T/DEXG0D/FX//yvcqsPYYAubh+LeCUi2tf+LXXkf260mtd2Na8HGEinztTnDkXE7og4GAPbsvrkCjHG9v080LOt4/q/bMnit68FzPtxq7bt/m1mpxenN7PPQMvtaxFP1brlf1oe/1OX8T8b++fXGKNx/NUfe7Wtnv/AVml8EXGg6/h/78kVaeXnc0w0jwcm2kcFD/vo5I1ve8WX/1CcbPzfsXL+j6bO5/UsrD/Gx3/+ton87378P5hONB85M5iv+3B6cfHiZMRgeuPh9VPr7zM8idr50M6XLP8P7u9+/r/S8f9QRFxdY8wT379+vVeb8R+KM3QtYnZd4//6C/vf/fzvXvHXNv4faY7pB/M15v9gZWtN0KL7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/RpWI2BmpMr5crlTGxyOGI+K/saNSv7Cw+OypCx+cn83amt//X2l/0+9Iq57a3/8/2lGfeqB+OCL2RMRn1aFmfXzmQn226J0HAAAAAAAAAAAAAAAAAACAx8Rwj/v/M39Ui+4dsOVqRXcAKIz8h/KS/1Be8h/KS/5Decl/KC/5D+Ul/6G85D+UV7Xx9cmi+wAAAAAAAPTNnqdv/poi4urLQ80lM5i3DRTaM2CrHS26A0BhPOIHysulf1Beq53jmwOAJ19apX37hrcEAAAAAAAAAAAAAPrlwF73/0NZVYruAFCY3vf/ezIAPOnc/w/l5RwfcP8/AAAAAAAAAAAAADz+Fi5dPjtdr89d3Ghh2+Y2V1BYa+H33a3/s49Lf9ZfiNSHjHtEhaL/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG3/BAAA//9r5fVk") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write(0xffffffffffffffff, &(0x7f0000000000)="240000005800410f9c00f4f90085b3a85c91fddf080001000501009f080002", 0x1f) r2 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r2, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b) 128.4784ms ago: executing program 7 (id=3706): syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x2008098, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00'], 0x1, 0x1e6, &(0x7f0000000280)="$eJzs3L9qFF0YB+CTfPlMjCSkErTxoI02i6a2EYkgLijqin9AmJCJLrvuhp0pdiVFaiuvQ0QbO0G8gdyFXRBCqtg4optkTUyCkDUr5nmaeWd+zOG8DByGMzArl18+q81npfkkD8NjQ2EshBDWh8JUGA6blsKFt/fXXtx58PDGlXJ5ZnTjcoxx8syHR4uvz37MT9x7N/l+NCxPPV5Znf60fHL51MrXu0+rWaxmsdHMYxJnm808ma2nca6a1Uox3qqnSZbGaiNLW9vy+XpzYaETk8bcxPhCK82ymDQ6sZZ2Yt6MeasTkydJtRFLpVKcGA8cROXVelGE1aIoitGlUBTFoCfEIfP8j7bNRf12jGMhfF5qV9qV7rGbX7tenrkYf5jq3bXWblf+28ovdfO4Pf8/jG/k07vmx8L5c938e3b1ZnlHfjzM/fn2AQAAAADgn1SKW37d3x/aON0171Y/fR/YsX8/Ek6PHFITAAAAwL6yzvNaUq+nrYMVIfRnnF4xEvo8oELxFxdvwl7Rl6Iofn+cxX5NbNArEwAA0G+9l/5BzwQAAAAAAAAAAAAAAAAAAACOrv79w2x4z2jQPQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7OdbAAAA//8qhW2D") syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 28.05621ms ago: executing program 7 (id=3707): sendmsg$NL80211_CMD_START_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x82}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x802}, 0x0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, &(0x7f00000001c0)) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002eb0e00000000000000000105000600200000000a00000040010000000500e50000070000001f00001a000000030000a95a6e870200010000e9ff070040000200000000050005000000cc580a"], 0x80}}, 0x0) sendmmsg(r3, &(0x7f0000000180), 0x400008a, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) io_submit(0x0, 0x0, 0x0) 0s ago: executing program 0 (id=3708): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10) setxattr$trusted_overlay_upper(&(0x7f0000000280)='./file0\x00', &(0x7f0000000300), 0x0, 0x31, 0x7) r4 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r4, 0x0, 0x0) connect$inet(r4, &(0x7f0000000200)={0x2, 0x0, @multicast2}, 0x10) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x0) kernel console output (not intermixed with test programs): nonexistent [ 76.484042][ T9692] fuse: Unknown parameter '0x0000000000000003' [ 76.543039][ T9696] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 76.543073][ T9696] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 76.744082][ T9714] mmap: syz.4.1219 (9714) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 76.789461][ T9720] overlayfs: missing 'lowerdir' [ 76.834176][ T31] audit: type=1326 audit(76.810:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9723 comm="syz.4.1223" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8095b3a8 code=0x7ffc0000 [ 77.646529][ T9794] overlayfs: missing 'workdir' [ 77.716342][ T9802] fuse: Unknown parameter 'fd0x0000000000000003' [ 77.859552][ T9817] overlayfs: missing 'workdir' [ 78.000982][ T9830] fuse: Unknown parameter 'fd0x0000000000000003' [ 78.519913][ T9857] overlayfs: missing 'workdir' [ 78.693380][ T9867] fuse: Unknown parameter 'fd0x0000000000000003' [ 80.815153][ T31] kauditd_printk_skb: 8 callbacks suppressed [ 80.817062][ T31] audit: type=1326 audit(80.790:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10026 comm="syz.1.1330" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d75b3a8 code=0x0 [ 81.492349][ T31] audit: type=1326 audit(81.460:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10081 comm="syz.5.1350" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa535b3a8 code=0x7ffc0000 [ 81.496941][ T31] audit: type=1326 audit(81.460:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10081 comm="syz.5.1350" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa535b3a8 code=0x7ffc0000 [ 81.501203][ T31] audit: type=1326 audit(81.470:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10081 comm="syz.5.1350" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa535b3a8 code=0x7ffc0000 [ 81.512448][ T31] audit: type=1326 audit(81.480:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10081 comm="syz.5.1350" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa535b3a8 code=0x7ffc0000 [ 81.512498][ T31] audit: type=1326 audit(81.480:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10081 comm="syz.5.1350" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=132 compat=0 ip=0xffffa535b3a8 code=0x7ffc0000 [ 81.512533][ T31] audit: type=1326 audit(81.480:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10081 comm="syz.5.1350" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa535b3a8 code=0x7ffc0000 [ 81.512559][ T31] audit: type=1326 audit(81.480:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10081 comm="syz.5.1350" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa535b3a8 code=0x7ffc0000 [ 81.512582][ T31] audit: type=1326 audit(81.480:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10081 comm="syz.5.1350" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=436 compat=0 ip=0xffffa535b3a8 code=0x7ffc0000 [ 81.512603][ T31] audit: type=1326 audit(81.480:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10081 comm="syz.5.1350" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=94 compat=0 ip=0xffffa535b3a8 code=0x7ffc0000 [ 85.791030][T10372] loop6: detected capacity change from 0 to 128 [ 85.887855][T10390] loop6: detected capacity change from 0 to 764 [ 86.255145][T10434] loop5: detected capacity change from 0 to 128 [ 86.465651][T10465] loop6: detected capacity change from 0 to 128 [ 86.482708][T10467] loop5: detected capacity change from 0 to 16 [ 86.484522][T10465] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 86.484569][T10465] FAT-fs (loop6): Filesystem has been set read-only [ 86.487996][T10467] erofs (device loop5): mounted with root inode @ nid 36. [ 86.497154][T10467] syz.5.1512: attempt to access beyond end of device [ 86.497154][T10467] loop5: rw=524288, sector=56, nr_sectors = 968 limit=16 [ 86.500120][ T8627] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 86.502125][T10467] syz.5.1512: attempt to access beyond end of device [ 86.502125][T10467] loop5: rw=524288, sector=0, nr_sectors = 1024 limit=16 [ 86.505160][T10467] syz.5.1512: attempt to access beyond end of device [ 86.505160][T10467] loop5: rw=524288, sector=0, nr_sectors = 568 limit=16 [ 86.545880][T10472] netlink: 'syz.5.1514': attribute type 4 has an invalid length. [ 86.603070][T10478] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 86.729474][T10400] overlayfs: statfs failed on './file0' [ 86.908105][T10498] loop4: detected capacity change from 0 to 136 [ 86.927694][T10498] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 87.420401][T10479] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 87.423911][T10479] block device autoloading is deprecated and will be removed. [ 87.527133][T10563] syzkaller0: entered promiscuous mode [ 87.528294][T10563] syzkaller0: entered allmulticast mode [ 87.982118][T10600] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1570'. [ 88.793960][T10633] loop5: detected capacity change from 0 to 256 [ 89.183902][T10650] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1591'. [ 89.205865][ T31] kauditd_printk_skb: 12 callbacks suppressed [ 89.205909][ T31] audit: type=1326 audit(89.180:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10654 comm="syz.4.1593" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8095b3a8 code=0x7ffc0000 [ 89.211179][ T31] audit: type=1326 audit(89.180:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10654 comm="syz.4.1593" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8095b3a8 code=0x7ffc0000 [ 89.217256][ T31] audit: type=1326 audit(89.190:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10654 comm="syz.4.1593" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff8095b3a8 code=0x7ffc0000 [ 89.220956][ T31] audit: type=1326 audit(89.190:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10654 comm="syz.4.1593" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8095b3a8 code=0x7ffc0000 [ 89.226180][ T31] audit: type=1326 audit(89.200:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10654 comm="syz.4.1593" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8095b3a8 code=0x7ffc0000 [ 89.230055][ T31] audit: type=1326 audit(89.200:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10654 comm="syz.4.1593" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=52 compat=0 ip=0xffff8095b3a8 code=0x7ffc0000 [ 89.234276][ T31] audit: type=1326 audit(89.210:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10654 comm="syz.4.1593" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8095b3a8 code=0x7ffc0000 [ 89.704292][ T31] audit: type=1326 audit(89.680:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10693 comm="syz.4.1609" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8095b3a8 code=0x7ffc0000 [ 89.710250][ T31] audit: type=1326 audit(89.680:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10693 comm="syz.4.1609" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8095b3a8 code=0x7ffc0000 [ 89.713532][ T31] audit: type=1326 audit(89.680:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10693 comm="syz.4.1609" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff8095b3a8 code=0x7ffc0000 [ 89.736904][T10696] loop4: detected capacity change from 0 to 128 [ 89.739771][T10696] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 89.754715][ T8890] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 90.146281][T10722] loop5: detected capacity change from 0 to 164 [ 90.153435][T10722] Unable to read rock-ridge attributes [ 90.156365][T10722] Unable to read rock-ridge attributes [ 90.973047][T10793] loop6: detected capacity change from 0 to 256 [ 90.973534][T10793] vfat: Deprecated parameter 'posix' [ 90.973543][T10793] FAT-fs: "posix" option is obsolete, not supported now [ 91.233178][T10809] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1660'. [ 91.415044][T10826] loop4: detected capacity change from 0 to 256 [ 91.446924][T10828] netlink: 'syz.4.1669': attribute type 13 has an invalid length. [ 91.448479][T10828] netlink: 'syz.4.1669': attribute type 17 has an invalid length. [ 91.451794][T10828] gretap0: refused to change device tx_queue_len [ 91.454427][T10828] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 91.641931][T10848] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 91.641972][T10848] overlayfs: failed to set xattr on upper [ 91.643658][T10848] overlayfs: ...falling back to redirect_dir=nofollow. [ 91.643682][T10848] overlayfs: ...falling back to index=off. [ 91.643702][T10848] overlayfs: ...falling back to uuid=null. [ 91.783491][T10856] ./file0: Can't lookup blockdev [ 92.083425][T10879] loop5: detected capacity change from 0 to 136 [ 92.511501][T10894] loop0: detected capacity change from 0 to 256 [ 92.566464][T10903] loop4: detected capacity change from 0 to 136 [ 92.572813][T10901] loop5: detected capacity change from 0 to 512 [ 92.683951][ T6169] loop2: p1 p2 p3 p4[DM] [ 92.684073][ T6169] loop2: p1 size 835329 extends beyond EOD, truncated [ 92.685138][ T6169] loop2: p2 size 327680 extends beyond EOD, truncated [ 92.685516][ T6169] loop2: p3 start 1052673 is beyond EOD, truncated [ 92.685524][ T6169] loop2: p4 size 262144 extends beyond EOD, truncated [ 93.571427][T10951] loop4: detected capacity change from 0 to 136 [ 93.624942][T10957] loop4: detected capacity change from 0 to 512 [ 93.649331][T10959] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1729'. [ 93.649366][T10959] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1729'. [ 93.776469][T10973] loop4: detected capacity change from 0 to 136 [ 93.864885][T10981] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1740'. [ 94.215301][T11015] fuse: Unknown parameter 'group_i00000000000000000000' [ 94.422899][T11022] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1757'. [ 94.424989][T11022] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 94.758639][T11040] loop0: detected capacity change from 0 to 136 [ 94.829240][T11044] fuse: Unknown parameter 'group_i00000000000000000000' [ 94.981299][T11062] loop0: detected capacity change from 0 to 136 [ 95.050281][T11071] fuse: Unknown parameter 'group_i00000000000000000000' [ 95.162092][T11089] loop0: detected capacity change from 0 to 136 [ 95.265788][T11103] fuse: Unknown parameter 'group_id00000000000000000000' [ 95.440934][T11122] loop0: detected capacity change from 0 to 136 [ 95.545738][T11132] fuse: Unknown parameter 'group_id00000000000000000000' [ 96.006606][T11156] fuse: Unknown parameter 'group_id00000000000000000000' [ 96.163360][T11178] fuse: Bad value for 'user_id' [ 96.164293][T11178] fuse: Bad value for 'user_id' [ 96.382072][T11204] fuse: Bad value for 'user_id' [ 96.382099][T11204] fuse: Bad value for 'user_id' [ 96.979578][T11228] fuse: Bad value for 'user_id' [ 96.980507][T11228] fuse: Bad value for 'user_id' [ 97.498960][T11252] fuse: Bad value for 'fd' [ 98.332078][T11277] fuse: Bad value for 'fd' [ 99.047816][T11302] fuse: Bad value for 'fd' [ 99.080795][T11306] loop1: detected capacity change from 0 to 136 [ 99.461478][T11330] fuse: Bad value for 'fd' [ 99.525951][T11334] loop5: detected capacity change from 0 to 136 [ 100.046538][ T6169] loop2: p1 p2 p3 p4[DM] [ 100.047676][ T6169] loop2: p1 size 835329 extends beyond EOD, truncated [ 100.050040][ T6169] loop2: p2 size 327680 extends beyond EOD, truncated [ 100.052557][ T6169] loop2: p3 start 1052673 is beyond EOD, truncated [ 100.054437][ T6169] loop2: p4 size 262144 extends beyond EOD, truncated [ 100.060559][T11354] fuse: Bad value for 'fd' [ 100.188591][T11371] loop1: detected capacity change from 0 to 136 [ 100.266151][T11378] fuse: Bad value for 'fd' [ 100.389186][ T6169] loop2: p1 p2 p3 p4[DM] [ 100.389265][ T6169] loop2: p1 size 835329 extends beyond EOD, truncated [ 100.390398][ T6169] loop2: p2 size 327680 extends beyond EOD, truncated [ 100.390721][ T6169] loop2: p3 start 1052673 is beyond EOD, truncated [ 100.390728][ T6169] loop2: p4 size 262144 extends beyond EOD, truncated [ 100.738411][T11404] loop5: detected capacity change from 0 to 136 [ 100.750821][T11404] overlayfs: missing 'lowerdir' [ 100.778142][T11406] fuse: Invalid rootmode [ 101.030630][T11427] loop5: detected capacity change from 0 to 136 [ 101.039070][T11427] overlayfs: missing 'lowerdir' [ 101.059661][T11429] fuse: Invalid rootmode [ 101.212062][T11450] loop1: detected capacity change from 0 to 136 [ 101.219930][T11450] overlayfs: missing 'lowerdir' [ 101.235323][T11451] fuse: Invalid rootmode [ 102.070576][T11479] loop4: detected capacity change from 0 to 136 [ 102.074011][T11479] overlay: Unknown parameter '/' [ 102.125669][T11483] loop6: detected capacity change from 0 to 256 [ 102.139316][ T6169] loop2: p1 p2 p3 p4[DM] [ 102.140408][ T6169] loop2: p1 size 835329 extends beyond EOD, truncated [ 102.144488][ T6169] loop2: p2 size 327680 extends beyond EOD, truncated [ 102.147622][ T6169] loop2: p3 start 1052673 is beyond EOD, truncated [ 102.149114][ T6169] loop2: p4 size 262144 extends beyond EOD, truncated [ 102.319539][T11505] loop6: detected capacity change from 0 to 136 [ 102.328180][T11505] overlay: Unknown parameter '/' [ 103.119383][T11519] loop0: detected capacity change from 0 to 136 [ 103.160213][T11522] loop0: detected capacity change from 0 to 128 [ 103.338517][T11542] loop0: detected capacity change from 0 to 136 [ 104.134371][T11567] loop6: detected capacity change from 0 to 256 [ 104.273347][T11573] loop6: detected capacity change from 0 to 136 [ 104.282019][T11573] overlayfs: missing 'lowerdir' [ 104.845854][T11599] loop4: detected capacity change from 0 to 136 [ 104.854644][T11599] overlayfs: missing 'lowerdir' [ 105.384293][T11631] loop1: detected capacity change from 0 to 256 [ 105.445167][T11636] fuse: Unknown parameter 'user_id00000000000000000000' [ 105.520440][ T6169] loop2: p1 p2 p3 p4[DM] [ 105.520522][ T6169] loop2: p1 size 835329 extends beyond EOD, truncated [ 105.520927][ T6169] loop2: p2 size 327680 extends beyond EOD, truncated [ 105.521529][ T6169] loop2: p3 start 1052673 is beyond EOD, truncated [ 105.521553][ T6169] loop2: p4 size 262144 extends beyond EOD, truncated [ 105.834082][T11663] fuse: Bad value for 'fd' [ 106.186233][T11702] loop4: detected capacity change from 0 to 136 [ 106.196802][T11702] overlay: Unknown parameter '/' [ 107.044634][T11753] overlayfs: upper fs does not support file handles, falling back to index=off. [ 107.097391][T11760] loop0: detected capacity change from 0 to 256 [ 107.216456][ T6169] loop2: p1 p2 p3 p4[DM] [ 107.216541][ T6169] loop2: p1 size 835329 extends beyond EOD, truncated [ 107.218729][ T6169] loop2: p2 size 327680 extends beyond EOD, truncated [ 107.221426][ T6169] loop2: p3 start 1052673 is beyond EOD, truncated [ 107.221459][ T6169] loop2: p4 size 262144 extends beyond EOD, truncated [ 107.445659][T11794] loop4: detected capacity change from 0 to 256 [ 107.585627][ T6169] loop2: p1 p2 p3 p4[DM] [ 107.585712][ T6169] loop2: p1 size 835329 extends beyond EOD, truncated [ 107.588727][ T6169] loop2: p2 size 327680 extends beyond EOD, truncated [ 107.591549][ T6169] loop2: p3 start 1052673 is beyond EOD, truncated [ 107.591581][ T6169] loop2: p4 size 262144 extends beyond EOD, truncated [ 107.851854][ T6169] loop2: p1 p2 p3 p4[DM] [ 107.851955][ T6169] loop2: p1 size 835329 extends beyond EOD, truncated [ 107.854876][ T6169] loop2: p2 size 327680 extends beyond EOD, truncated [ 107.855275][ T6169] loop2: p3 start 1052673 is beyond EOD, truncated [ 107.855284][ T6169] loop2: p4 size 262144 extends beyond EOD, truncated [ 108.199387][T11851] overlayfs: statfs failed on './file0' [ 108.268833][ T6169] loop2: p1 p2 p3 p4[DM] [ 108.268923][ T6169] loop2: p1 size 835329 extends beyond EOD, truncated [ 108.269977][ T6169] loop2: p2 size 327680 extends beyond EOD, truncated [ 108.271580][ T6169] loop2: p3 start 1052673 is beyond EOD, truncated [ 108.271590][ T6169] loop2: p4 size 262144 extends beyond EOD, truncated [ 108.546336][T11878] loop4: detected capacity change from 0 to 128 [ 108.552460][T11878] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 108.791078][T11895] loop6: detected capacity change from 0 to 256 [ 108.860099][T11902] fuse: Bad value for 'fd' [ 108.916072][ T6169] loop2: p1 p2 p3 p4[DM] [ 108.916170][ T6169] loop2: p1 size 835329 extends beyond EOD, truncated [ 108.922590][ T6169] loop2: p2 size 327680 extends beyond EOD, truncated [ 108.924517][ T6169] loop2: p3 start 1052673 is beyond EOD, truncated [ 108.924549][ T6169] loop2: p4 size 262144 extends beyond EOD, truncated [ 108.969350][T11916] fuse: Unknown parameter 'fd00000000000000000005' [ 109.101258][T11936] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2170'. [ 109.101857][T11936] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2170'. [ 109.250058][T11948] fuse: Unknown parameter 'fd00000000000000000005' [ 109.362509][ T31] kauditd_printk_skb: 7 callbacks suppressed [ 109.362541][ T31] audit: type=1326 audit(109.340:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11958 comm="syz.0.2181" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffbc95b3a8 code=0x0 [ 109.503244][T11962] netlink: 'syz.4.2182': attribute type 4 has an invalid length. [ 110.060587][T11974] fuse: Bad value for 'fd' [ 110.170578][T11986] overlayfs: statfs failed on './file0' [ 110.234947][T11992] loop0: detected capacity change from 0 to 256 [ 110.409332][T11999] fuse: Bad value for 'fd' [ 111.186263][T12022] loop5: detected capacity change from 0 to 256 [ 111.284240][T12024] fuse: Bad value for 'fd' [ 111.652946][T12056] loop0: detected capacity change from 0 to 256 [ 113.096974][T12123] loop4: detected capacity change from 0 to 256 [ 113.117642][ T6169] loop2: p1 p2 p3 p4[DM] [ 113.118920][ T6169] loop2: p1 size 835329 extends beyond EOD, truncated [ 113.121121][ T6169] loop2: p2 size 327680 extends beyond EOD, truncated [ 113.130265][ T6169] loop2: p3 start 1052673 is beyond EOD, truncated [ 113.130595][ T6169] loop2: p4 size 262144 extends beyond EOD, truncated [ 113.250053][T12131] loop4: detected capacity change from 0 to 164 [ 113.255436][T12131] Unable to read rock-ridge attributes [ 113.260574][T12131] Unable to read rock-ridge attributes [ 113.841344][ T31] audit: type=1326 audit(113.810:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12161 comm="syz.0.2273" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffbc95b3a8 code=0x0 [ 114.376650][T12188] capability: warning: `syz.4.2285' uses 32-bit capabilities (legacy support in use) [ 114.520661][T12202] fuse: Bad value for 'group_id' [ 114.521765][T12202] fuse: Bad value for 'group_id' [ 114.675011][T12208] loop4: detected capacity change from 0 to 256 [ 114.678055][T12208] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 114.834433][T12224] fuse: Bad value for 'group_id' [ 114.834465][T12224] fuse: Bad value for 'group_id' [ 115.345856][T12261] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2319'. [ 115.365867][T12263] 8021q: VLANs not supported on gre0 [ 115.495369][T12271] fuse: Unknown parameter './file0' [ 115.577682][T12276] loop6: detected capacity change from 0 to 128 [ 115.579500][T12276] FAT-fs (loop6): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 115.784862][T12302] fuse: Unknown parameter './file0' [ 116.051107][T12329] tmpfs: Unknown parameter 'nr_blo' [ 116.065247][T12331] fuse: Unknown parameter './file0' [ 116.361789][T12346] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2353'. [ 116.781998][T12357] fuse: Bad value for 'group_id' [ 116.783253][T12357] fuse: Bad value for 'group_id' [ 116.799734][T12359] tmpfs: Unknown parameter 'nr_blo' [ 117.222347][T12382] tmpfs: Unknown parameter 'nr_blo' [ 117.466739][ T6534] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 117.467633][ T6534] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 117.467913][ T6534] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 117.468440][ T6534] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 117.468637][ T6534] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 117.902605][T12392] chnl_net:caif_netlink_parms(): no params data found [ 117.939772][T12392] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.939849][T12392] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.939915][T12392] bridge_slave_0: entered allmulticast mode [ 117.940342][T12392] bridge_slave_0: entered promiscuous mode [ 117.941113][T12392] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.941156][T12392] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.941203][T12392] bridge_slave_1: entered allmulticast mode [ 117.941619][T12392] bridge_slave_1: entered promiscuous mode [ 117.952680][T12392] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 117.956032][T12392] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 118.000951][T12392] team0: Port device team_slave_0 added [ 118.001763][T12392] team0: Port device team_slave_1 added [ 118.010122][T12392] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 118.010146][T12392] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 118.010519][T12392] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 118.012062][T12392] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 118.012072][T12392] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 118.012083][T12392] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 118.038227][T12392] hsr_slave_0: entered promiscuous mode [ 118.042255][T12392] hsr_slave_1: entered promiscuous mode [ 118.042532][T12392] debugfs: 'hsr0' already exists in 'hsr' [ 118.042545][T12392] Cannot create hsr debugfs directory [ 118.144309][T12392] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 118.147133][T12392] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 118.151154][T12392] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 118.153694][T12392] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 118.185355][T12392] 8021q: adding VLAN 0 to HW filter on device bond0 [ 118.190984][T12392] 8021q: adding VLAN 0 to HW filter on device team0 [ 118.196175][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 118.196222][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 118.207133][ T8891] bridge0: port 2(bridge_slave_1) entered blocking state [ 118.207178][ T8891] bridge0: port 2(bridge_slave_1) entered forwarding state [ 118.294744][T12392] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 118.429837][T12392] veth0_vlan: entered promiscuous mode [ 118.431415][T12392] veth1_vlan: entered promiscuous mode [ 118.446703][T12392] veth0_macvtap: entered promiscuous mode [ 118.449771][T12392] veth1_macvtap: entered promiscuous mode [ 118.455474][T12392] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 118.459889][T12392] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 118.467029][ T5119] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.467091][ T5119] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.467115][ T5119] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.467135][ T5119] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.497732][T12454] fuse: Unknown parameter 'group_i00000000000000000000' [ 118.498014][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.498023][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.515176][ T8890] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.515209][ T8890] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.593265][T12458] loop7: detected capacity change from 0 to 8192 [ 118.914775][T12484] fuse: Unknown parameter 'group_i00000000000000000000' [ 119.291660][T12500] loop1: detected capacity change from 0 to 8192 [ 119.338527][T12502] loop1: detected capacity change from 0 to 8192 [ 119.544888][ T6122] Bluetooth: hci1: command tx timeout [ 119.707470][T12517] fuse: Unknown parameter 'group_i00000000000000000000' [ 119.848390][T12528] loop4: detected capacity change from 0 to 8192 [ 120.014679][T12543] IPv6: NLM_F_CREATE should be specified when creating new route [ 120.058764][T12549] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2428'. [ 120.083231][T12551] 9pnet_fd: Insufficient options for proto=fd [ 120.197202][T12567] fuse: Bad value for 'fd' [ 120.199026][T12565] loop4: detected capacity change from 0 to 2048 [ 120.223010][ T6677] loop4: p1 p3 p4 [ 120.224631][ T6677] loop4: p4 size 589824 extends beyond EOD, truncated [ 120.229340][T12565] loop4: p1 p3 p4 [ 120.231550][T12565] loop4: p4 size 589824 extends beyond EOD, truncated [ 120.240917][T12565] erofs (device loop4p1): cannot find valid erofs superblock [ 120.348271][T12583] tmpfs: Bad value for 'nr_blocks' [ 120.373228][ T6724] udevd[6724]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 120.378035][ T6518] udevd[6518]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 120.379045][ T6677] udevd[6677]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 120.414866][ T6677] udevd[6677]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 120.418050][ T6520] udevd[6520]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 120.425386][ T6724] udevd[6724]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 121.007602][T12626] loop4: detected capacity change from 0 to 256 [ 121.018075][T12626] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 121.018114][T12626] FAT-fs (loop4): Filesystem has been set read-only [ 121.019106][T12626] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 121.019133][T12626] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 121.020463][T12626] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 121.123749][T12641] 9pnet_fd: Insufficient options for proto=fd [ 121.139981][T12643] syz.0.2472 uses obsolete (PF_INET,SOCK_PACKET) [ 121.188323][T12649] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 121.223599][T12639] loop4: detected capacity change from 0 to 8192 [ 121.268343][T12639] netlink: 'syz.4.2469': attribute type 12 has an invalid length. [ 121.297763][T12663] 9pnet_fd: Insufficient options for proto=fd [ 121.324420][T12666] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2483'. [ 121.520282][T12678] 9pnet_fd: Insufficient options for proto=fd [ 121.622459][ T6122] Bluetooth: hci1: command tx timeout [ 121.625270][T12693] 9pnet_fd: Insufficient options for proto=fd [ 121.659153][T12700] loop7: detected capacity change from 0 to 256 [ 121.661834][T12694] erspan0: entered promiscuous mode [ 121.664160][T12700] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 121.664188][T12700] FAT-fs (loop7): Filesystem has been set read-only [ 121.664655][T12700] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 121.664684][T12700] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 121.665031][T12700] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 121.676705][T12694] vlan2: entered promiscuous mode [ 121.690205][T12703] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2499'. [ 122.741104][T12765] fuse: Bad value for 'user_id' [ 122.741136][T12765] fuse: Bad value for 'user_id' [ 122.926097][T12781] 9pnet_fd: Insufficient options for proto=fd [ 122.948919][T12783] evm: overlay not supported [ 122.999803][T12789] fuse: Bad value for 'user_id' [ 122.999840][T12789] fuse: Bad value for 'user_id' [ 123.088777][T12800] overlayfs: failed to resolve './file2': -2 [ 123.115531][T12804] 9pnet_fd: Insufficient options for proto=fd [ 123.489643][T12814] fuse: Bad value for 'fd' [ 123.704899][ T6122] Bluetooth: hci1: command tx timeout [ 123.842028][T12837] fuse: Bad value for 'fd' [ 123.865667][T12839] loop7: detected capacity change from 0 to 128 [ 124.220242][T12859] fuse: Bad value for 'fd' [ 124.313817][ T6534] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 124.315159][ T6534] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 124.315502][ T6534] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 124.315846][ T6534] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 124.316076][ T6534] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 124.604025][ T8890] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 124.683001][ T8890] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 124.715228][T12862] chnl_net:caif_netlink_parms(): no params data found [ 124.731924][ T8890] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 124.772345][ T8890] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 124.786561][T12862] bridge0: port 1(bridge_slave_0) entered blocking state [ 124.787105][T12862] bridge0: port 1(bridge_slave_0) entered disabled state [ 124.787204][T12862] bridge_slave_0: entered allmulticast mode [ 124.787738][T12862] bridge_slave_0: entered promiscuous mode [ 124.789669][T12862] bridge0: port 2(bridge_slave_1) entered blocking state [ 124.790344][T12862] bridge0: port 2(bridge_slave_1) entered disabled state [ 124.790410][T12862] bridge_slave_1: entered allmulticast mode [ 124.790827][T12862] bridge_slave_1: entered promiscuous mode [ 124.810940][T12862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 124.818982][T12862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 124.849543][T12862] team0: Port device team_slave_0 added [ 124.851711][T12862] team0: Port device team_slave_1 added [ 124.874732][T12862] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 124.874760][T12862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 124.876302][T12862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 124.876932][T12862] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 124.876939][T12862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 124.876953][T12862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 124.910664][T12862] hsr_slave_0: entered promiscuous mode [ 124.911019][T12862] hsr_slave_1: entered promiscuous mode [ 124.911210][T12862] debugfs: 'hsr0' already exists in 'hsr' [ 124.911225][T12862] Cannot create hsr debugfs directory [ 124.998406][ T8890] bridge_slave_1: left allmulticast mode [ 124.998443][ T8890] bridge_slave_1: left promiscuous mode [ 124.998539][ T8890] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.002779][ T8890] bridge_slave_0: left allmulticast mode [ 125.002805][ T8890] bridge_slave_0: left promiscuous mode [ 125.002871][ T8890] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.287702][ T8890] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 125.318951][T12916] loop0: detected capacity change from 0 to 1764 [ 125.328243][ T8890] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 125.343830][ T8890] bond0 (unregistering): Released all slaves [ 125.782253][ T6122] Bluetooth: hci1: command tx timeout [ 125.943466][ T2409] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.943510][ T2409] ieee802154 phy1 wpan1: encryption failed: -22 [ 126.342675][ T6122] Bluetooth: hci3: command tx timeout [ 126.701473][ T8890] hsr_slave_0: left promiscuous mode [ 126.714792][ T8890] hsr_slave_1: left promiscuous mode [ 126.715160][ T8890] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 126.715172][ T8890] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 126.731127][ T8890] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 126.731159][ T8890] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 126.757182][ T8890] veth1_macvtap: left promiscuous mode [ 126.757239][ T8890] veth0_macvtap: left promiscuous mode [ 126.757290][ T8890] veth1_vlan: left promiscuous mode [ 126.757325][ T8890] veth0_vlan: left promiscuous mode [ 126.804020][T13012] 9pnet_fd: Insufficient options for proto=fd [ 126.981133][ T8890] team0 (unregistering): Port device team_slave_1 removed [ 126.995521][ T8890] team0 (unregistering): Port device team_slave_0 removed [ 127.163952][T12862] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 127.170560][T12862] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 127.177949][T12862] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 127.179233][T13024] loop7: detected capacity change from 0 to 128 [ 127.181539][T12862] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 127.250633][T12862] 8021q: adding VLAN 0 to HW filter on device bond0 [ 127.256486][T12862] 8021q: adding VLAN 0 to HW filter on device team0 [ 127.266409][ T2019] bridge0: port 1(bridge_slave_0) entered blocking state [ 127.266453][ T2019] bridge0: port 1(bridge_slave_0) entered forwarding state [ 127.271326][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 127.271371][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 127.345861][T12862] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 127.455932][T12862] veth0_vlan: entered promiscuous mode [ 127.458016][T12862] veth1_vlan: entered promiscuous mode [ 127.468312][T12862] veth0_macvtap: entered promiscuous mode [ 127.469383][T12862] veth1_macvtap: entered promiscuous mode [ 127.477138][T12862] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 127.478917][T12862] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 127.481905][ T41] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.481959][ T41] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.481977][ T41] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.481992][ T41] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.521282][ T8890] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.521312][ T8890] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.539326][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.539360][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 128.425886][ T6122] Bluetooth: hci3: command tx timeout [ 128.444470][T13074] overlayfs: missing 'lowerdir' [ 128.455384][T13075] loop0: detected capacity change from 0 to 128 [ 128.576995][T13091] fuse: Unknown parameter 'user_id00000000000000000000' [ 128.644169][T13104] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 128.644207][T13104] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 128.711590][T13118] fuse: Unknown parameter 'user_id00000000000000000000' [ 128.870957][T13135] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.872027][T13135] bridge0: port 1(bridge_slave_0) entered disabled state [ 129.088507][T13135] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 129.090454][T13135] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 129.373556][ T2019] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.374174][ T2019] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.374213][ T2019] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.374232][ T2019] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.861513][T13225] loop1: detected capacity change from 0 to 128 [ 130.249846][T13252] loop6: detected capacity change from 0 to 128 [ 130.503235][ T6122] Bluetooth: hci3: command tx timeout [ 131.052504][T13328] fuse: Unknown parameter 'group_i00000000000000000000' [ 131.111305][ T31] audit: type=1326 audit(131.080:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13333 comm="syz.6.2756" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffa595b3a8 code=0x0 [ 131.157312][T13341] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 131.540478][T13373] loop1: detected capacity change from 0 to 256 [ 132.110987][T13398] fuse: Unknown parameter 'fd0x0000000000000003' [ 132.208855][T13401] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 132.372151][T13413] fuse: Unknown parameter 'group_id00000000000000000000' [ 132.431911][T13422] fuse: Unknown parameter 'fd0x0000000000000003' [ 132.582515][ T6122] Bluetooth: hci3: command tx timeout [ 132.959852][T13447] fuse: Bad value for 'user_id' [ 132.959881][T13447] fuse: Bad value for 'user_id' [ 133.020527][T13455] loop7: detected capacity change from 0 to 128 [ 133.051819][T13457] loop6: detected capacity change from 0 to 8192 [ 133.390783][T13477] devtmpfs: Cannot disable swap on remount [ 133.486074][T13483] loop4: detected capacity change from 0 to 8192 [ 133.564257][T13489] fuse: Bad value for 'fd' [ 133.694910][T13494] loop4: detected capacity change from 0 to 512 [ 133.695259][T13494] msdos: Bad value for 'time_offset' [ 134.172580][T13518] fuse: Bad value for 'fd' [ 134.220616][T13515] loop7: detected capacity change from 0 to 8192 [ 134.416706][T13533] loop0: detected capacity change from 0 to 128 [ 134.597534][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 134.658817][T13543] fuse: Bad value for 'fd' [ 134.686412][T13545] sctp: [Deprecated]: syz.4.2845 (pid 13545) Use of struct sctp_assoc_value in delayed_ack socket option. [ 134.686412][T13545] Use struct sctp_sack_info instead [ 135.163491][T13553] 9pnet_fd: Insufficient options for proto=fd [ 135.187033][T13555] loop1: detected capacity change from 0 to 512 [ 135.206769][T13555] EXT4-fs (loop1): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 135.218658][T13562] netlink: 72 bytes leftover after parsing attributes in process `syz.7.2852'. [ 135.218699][T13562] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2852'. [ 135.218709][T13562] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2852'. [ 135.230958][T13560] loop6: detected capacity change from 0 to 128 [ 135.247520][T13564] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 135.250730][T13564] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 135.268195][T13555] Quota error (device loop1): v2_read_file_info: Free block number 58381 out of range (1, 6). [ 135.268246][T13555] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 135.305517][ T6527] EXT4-fs (loop1): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 135.353834][T13571] sctp: [Deprecated]: syz.1.2856 (pid 13571) Use of struct sctp_assoc_value in delayed_ack socket option. [ 135.353834][T13571] Use struct sctp_sack_info instead [ 135.618075][T13581] 9pnet_fd: Insufficient options for proto=fd [ 135.702106][T13589] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2864'. [ 135.815006][T13595] loop7: detected capacity change from 0 to 128 [ 135.859429][T13597] loop7: detected capacity change from 0 to 8192 [ 135.868445][T13597] fuse: Bad value for 'fd' [ 136.504229][T13619] loop1: detected capacity change from 0 to 8192 [ 136.508252][T13619] fuse: Bad value for 'fd' [ 136.662391][ T6122] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 136.700704][T13638] loop0: detected capacity change from 0 to 128 [ 136.764253][T13641] loop1: detected capacity change from 0 to 128 [ 136.774876][T13641] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 137.295695][T13653] loop4: detected capacity change from 0 to 8192 [ 137.672241][ T31] audit: type=1326 audit(137.640:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13669 comm="syz.6.2898" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa595b3a8 code=0x7ffc0000 [ 137.672287][ T31] audit: type=1326 audit(137.640:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13669 comm="syz.6.2898" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa595b3a8 code=0x7ffc0000 [ 137.672315][ T31] audit: type=1326 audit(137.640:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13669 comm="syz.6.2898" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=31 compat=0 ip=0xffffa595b3a8 code=0x7ffc0000 [ 137.672332][ T31] audit: type=1326 audit(137.640:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13669 comm="syz.6.2898" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa595b3a8 code=0x7ffc0000 [ 137.672350][ T31] audit: type=1326 audit(137.640:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13669 comm="syz.6.2898" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa595b3a8 code=0x7ffc0000 [ 137.678196][ T6527] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 137.680896][T13672] loop7: detected capacity change from 0 to 128 [ 138.418486][T13700] loop6: detected capacity change from 0 to 256 [ 138.418874][T13700] exfat: Unknown parameter '184467440737095516150xffffffffffffffff000000000000000009740xffffffffffffffff©úJ¦ <´¬ª¿Ã:}”>œ“ÂÅ [ 138.418874][T13700] ×r¹é›O¼¦¬ª¡ŸÈb(ˆ@Q¸!I BǪ1¶ÀGöWDó™#BÙ[Ü÷ï·#õÍ„àÈ#~Ä1ê`ÕìF‘>±Nä¤6b¤Ÿ¯C†ZωϥnÂQmÏÅQµ§ý“ob𧽼 [ 138.418874][T13700] IÆ5åÇf}~LúèÇÞE`Ã' [ 138.420769][T13700] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2909'. [ 138.421606][T13700] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2909'. [ 138.421751][T13700] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2909'. [ 138.421860][T13700] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2909'. [ 138.816827][T13705] loop4: detected capacity change from 0 to 128 [ 138.969086][T13716] 9pnet_fd: Insufficient options for proto=fd [ 139.312129][T13736] loop7: detected capacity change from 0 to 128 [ 139.488395][T13732] loop6: detected capacity change from 0 to 40427 [ 139.519785][T13732] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12 [ 139.519827][T13732] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 139.531851][T13732] F2FS-fs (loop6): invalid crc value [ 139.625717][T13732] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 139.682162][T13752] 9pnet_fd: Insufficient options for proto=fd [ 139.697374][T13732] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 139.699200][T13732] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 139.732848][T13729] syz.6.2924: attempt to access beyond end of device [ 139.732848][T13729] loop6: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 139.776600][ T8627] syz-executor: attempt to access beyond end of device [ 139.776600][ T8627] loop6: rw=2051, sector=45096, nr_sectors = 8 limit=40427 [ 139.777506][ T8627] F2FS-fs (loop6): Issue discard(5637, 5637, 1) failed, ret: -5 [ 139.823727][T13758] loop4: detected capacity change from 0 to 256 [ 139.833595][T13758] FAT-fs (loop4): Directory bread(block 64) failed [ 139.833629][T13758] FAT-fs (loop4): Directory bread(block 65) failed [ 139.833654][T13758] FAT-fs (loop4): Directory bread(block 66) failed [ 139.833666][T13758] FAT-fs (loop4): Directory bread(block 67) failed [ 139.833691][T13758] FAT-fs (loop4): Directory bread(block 68) failed [ 139.833701][T13758] FAT-fs (loop4): Directory bread(block 69) failed [ 139.833723][T13758] FAT-fs (loop4): Directory bread(block 70) failed [ 139.833733][T13758] FAT-fs (loop4): Directory bread(block 71) failed [ 139.833752][T13758] FAT-fs (loop4): Directory bread(block 72) failed [ 139.833762][T13758] FAT-fs (loop4): Directory bread(block 73) failed [ 140.271180][T13771] loop1: detected capacity change from 0 to 128 [ 140.344039][T13776] 9pnet_fd: Insufficient options for proto=fd [ 140.360719][T13778] fuse: Bad value for 'fd' [ 140.438545][T13786] 8021q: VLANs not supported on ip6gre0 [ 140.447762][T13782] loop6: detected capacity change from 0 to 1024 [ 140.453629][T13782] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 140.456247][T13782] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 140.458646][T13782] EXT4-fs (loop6): invalid journal inode [ 140.460113][T13782] EXT4-fs (loop6): can't get journal size [ 140.461782][T13782] EXT4-fs (loop6): corrupt root inode, run e2fsck [ 140.463131][T13782] EXT4-fs (loop6): mount failed [ 140.489294][T13789] sctp: [Deprecated]: syz.0.2945 (pid 13789) Use of struct sctp_assoc_value in delayed_ack socket option. [ 140.489294][T13789] Use struct sctp_sack_info instead [ 140.575506][T13801] fuse: Bad value for 'fd' [ 141.465974][T13822] loop6: detected capacity change from 0 to 128 [ 141.491968][T13822] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 141.562283][T13827] sctp: [Deprecated]: syz.0.2958 (pid 13827) Use of struct sctp_assoc_value in delayed_ack socket option. [ 141.562283][T13827] Use struct sctp_sack_info instead [ 141.932279][T13844] overlayfs: failed to resolve './file1': -2 [ 141.973361][T13841] fuse: Bad value for 'fd' [ 142.479643][ T8627] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 143.487879][ T31] audit: type=1326 audit(143.460:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13883 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbc95b3a8 code=0x7ffc0000 [ 143.491809][ T31] audit: type=1326 audit(143.460:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13883 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbc95b3a8 code=0x7ffc0000 [ 143.524655][ T31] audit: type=1326 audit(143.480:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13883 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbc95b3a8 code=0x7ffc0000 [ 143.524697][ T31] audit: type=1326 audit(143.480:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13883 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbc95b3a8 code=0x7ffc0000 [ 143.524729][ T31] audit: type=1326 audit(143.480:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13883 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbc95b3a8 code=0x7ffc0000 [ 143.524746][ T31] audit: type=1326 audit(143.480:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13883 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbc95b3a8 code=0x7ffc0000 [ 143.524764][ T31] audit: type=1326 audit(143.480:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13883 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbc95b3a8 code=0x7ffc0000 [ 143.524779][ T31] audit: type=1326 audit(143.480:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13883 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbc95b3a8 code=0x7ffc0000 [ 143.524795][ T31] audit: type=1326 audit(143.490:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13883 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffbc959794 code=0x7ffc0000 [ 143.524810][ T31] audit: type=1326 audit(143.490:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13883 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbc95b3a8 code=0x7ffc0000 [ 145.509062][T13932] fuse: Bad value for 'fd' [ 145.674701][T13978] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 145.674925][T13978] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 145.837452][ T6122] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 145.839678][ T6122] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 145.841653][ T6122] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 145.843962][ T6122] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 145.846610][ T6122] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 146.059490][T13995] chnl_net:caif_netlink_parms(): no params data found [ 146.323709][T13995] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.323754][T13995] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.323832][T13995] bridge_slave_0: entered allmulticast mode [ 146.324302][T13995] bridge_slave_0: entered promiscuous mode [ 146.324962][T13995] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.324993][T13995] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.325052][T13995] bridge_slave_1: entered allmulticast mode [ 146.325445][T13995] bridge_slave_1: entered promiscuous mode [ 146.373874][T13995] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 146.374907][T13995] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 146.404606][T13995] team0: Port device team_slave_0 added [ 146.410009][T13995] team0: Port device team_slave_1 added [ 146.442733][T13995] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 146.444205][T13995] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 146.448949][T13995] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 146.451800][T13995] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 146.453720][T13995] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 146.458867][T13995] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 146.485678][T13995] hsr_slave_0: entered promiscuous mode [ 146.487996][T13995] hsr_slave_1: entered promiscuous mode [ 146.490397][T13995] debugfs: 'hsr0' already exists in 'hsr' [ 146.491488][T13995] Cannot create hsr debugfs directory [ 146.708124][T14018] loop6: detected capacity change from 0 to 16 [ 146.717962][T14018] erofs (device loop6): unidentified algorithms fff0, please upgrade kernel [ 146.818056][T13995] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.908035][T13995] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.990878][T13995] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.089858][T13995] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.125595][T14042] sctp: [Deprecated]: syz.6.3008 (pid 14042) Use of struct sctp_assoc_value in delayed_ack socket option. [ 147.125595][T14042] Use struct sctp_sack_info instead [ 147.229031][T14044] loop1: detected capacity change from 0 to 16 [ 147.240448][T14044] erofs (device loop1): mounted with root inode @ nid 36. [ 147.277525][T14044] erofs (device loop1): xattr_isize 12 of nid 46 is not supported yet [ 147.277735][T14044] erofs (device loop1): xattr_isize 12 of nid 46 is not supported yet [ 147.277813][T14044] erofs (device loop1): xattr_isize 12 of nid 46 is not supported yet [ 147.311741][T14044] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2 [ 147.311977][T14044] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 147.509004][T13995] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 147.515499][T13995] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 147.518356][T14050] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3011'. [ 147.524797][T13995] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 147.530125][T13995] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 147.587527][T13995] 8021q: adding VLAN 0 to HW filter on device bond0 [ 147.596222][T13995] 8021q: adding VLAN 0 to HW filter on device team0 [ 147.600906][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 147.600955][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 147.607475][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.607522][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 147.700687][T13995] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 147.724870][T13995] veth0_vlan: entered promiscuous mode [ 147.728577][T13995] veth1_vlan: entered promiscuous mode [ 147.751367][T13995] veth0_macvtap: entered promiscuous mode [ 147.755058][T13995] veth1_macvtap: entered promiscuous mode [ 147.766711][T13995] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 147.769516][T14068] fuse: Bad value for 'group_id' [ 147.769539][T14068] fuse: Bad value for 'group_id' [ 147.773001][T13995] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 147.803805][T13067] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.803853][T13067] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.803872][T13067] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.803893][T13067] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.820455][T13960] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 147.820487][T13960] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 147.837613][T13960] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 147.837645][T13960] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 147.862417][ T6122] Bluetooth: hci4: command tx timeout [ 147.897532][T14070] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2992'. [ 147.959993][T14072] loop7: detected capacity change from 0 to 8192 [ 147.992693][T14076] loop0: detected capacity change from 0 to 128 [ 148.231718][T14091] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2 [ 148.231808][T14091] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 148.502561][ T6122] Bluetooth: hci0: command 0x0406 tx timeout [ 148.931464][ T31] kauditd_printk_skb: 31 callbacks suppressed [ 148.933176][ T31] audit: type=1326 audit(148.760:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14109 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 148.933203][ T31] audit: type=1326 audit(148.760:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14109 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 148.933226][ T31] audit: type=1326 audit(148.760:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14109 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 148.933245][ T31] audit: type=1326 audit(148.760:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14109 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 148.933262][ T31] audit: type=1326 audit(148.760:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14109 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 148.933278][ T31] audit: type=1326 audit(148.770:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14109 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 148.933293][ T31] audit: type=1326 audit(148.770:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14109 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 148.933308][ T31] audit: type=1326 audit(148.770:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14109 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 149.024456][T14116] loop6: detected capacity change from 0 to 8192 [ 149.458836][T14140] loop4: detected capacity change from 0 to 128 [ 149.495313][T14142] loop0: detected capacity change from 0 to 8192 [ 149.942349][ T6534] Bluetooth: hci4: command tx timeout [ 150.295922][T14163] sctp: [Deprecated]: syz.7.3050 (pid 14163) Use of struct sctp_assoc_value in delayed_ack socket option. [ 150.295922][T14163] Use struct sctp_sack_info instead [ 150.310208][T14165] sch_tbf: peakrate 2147483647 is lower than or equals to rate 2831599472947593698 ! [ 150.407191][T14175] loop4: detected capacity change from 0 to 512 [ 150.421586][T14175] Quota error (device loop4): v2_read_file_info: Number of blocks too big for quota file size (6144 > 256). [ 150.421703][T14175] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 150.428551][T14175] EXT4-fs (loop4): mount failed [ 150.474954][T14180] loop6: detected capacity change from 0 to 8192 [ 150.528069][T14190] sctp: [Deprecated]: syz.4.3061 (pid 14190) Use of struct sctp_assoc_value in delayed_ack socket option. [ 150.528069][T14190] Use struct sctp_sack_info instead [ 151.117372][T14202] loop1: detected capacity change from 0 to 40427 [ 151.122034][T14202] F2FS-fs (loop1): invalid crc value [ 151.141049][T14202] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 151.143289][T14202] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 151.163730][ T6527] syz-executor: attempt to access beyond end of device [ 151.163730][ T6527] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 151.167557][ T6527] CPU: 1 UID: 0 PID: 6527 Comm: syz-executor Not tainted syzkaller #0 PREEMPT [ 151.167576][ T6527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 151.167584][ T6527] Call trace: [ 151.167588][ T6527] show_stack+0x2c/0x3c (C) [ 151.167606][ T6527] __dump_stack+0x30/0x40 [ 151.167614][ T6527] dump_stack_lvl+0xd8/0x12c [ 151.167620][ T6527] dump_stack+0x1c/0x28 [ 151.167626][ T6527] f2fs_handle_critical_error+0x34c/0x4b8 [ 151.167634][ T6527] f2fs_stop_checkpoint+0x5c/0x70 [ 151.167639][ T6527] f2fs_write_end_io+0x768/0xa70 [ 151.167646][ T6527] bio_endio+0x858/0x894 [ 151.167654][ T6527] submit_bio_noacct+0x158/0x177c [ 151.167659][ T6527] submit_bio+0x3b4/0x550 [ 151.167665][ T6527] f2fs_submit_write_bio+0x13c/0x324 [ 151.167671][ T6527] __submit_merged_bio+0x254/0x704 [ 151.167677][ T6527] __submit_merged_write_cond+0x23c/0x4ac [ 151.167683][ T6527] f2fs_write_data_pages+0x1d28/0x2634 [ 151.167689][ T6527] do_writepages+0x270/0x468 [ 151.167697][ T6527] filemap_fdatawrite+0x14c/0x1f4 [ 151.167704][ T6527] f2fs_sync_dirty_inodes+0x2b8/0x788 [ 151.167710][ T6527] f2fs_write_checkpoint+0x690/0x16a0 [ 151.167715][ T6527] kill_f2fs_super+0x21c/0x584 [ 151.167721][ T6527] deactivate_locked_super+0xc4/0x12c [ 151.167727][ T6527] deactivate_super+0xe0/0x100 [ 151.167731][ T6527] cleanup_mnt+0x31c/0x3ac [ 151.167737][ T6527] __cleanup_mnt+0x20/0x30 [ 151.167742][ T6527] task_work_run+0x1dc/0x260 [ 151.167749][ T6527] exit_to_user_mode_loop+0xfc/0x168 [ 151.167755][ T6527] el0_svc+0x170/0x254 [ 151.167764][ T6527] el0t_64_sync_handler+0x84/0x12c [ 151.167770][ T6527] el0t_64_sync+0x198/0x19c [ 151.171386][ T6527] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 151.319647][T14210] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3067' sets config #0 [ 151.319869][T14210] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3067' sets config #1 [ 151.339254][T14212] loop1: detected capacity change from 0 to 128 [ 151.491084][T14223] loop1: detected capacity change from 0 to 8192 [ 151.786968][T14261] loop0: detected capacity change from 0 to 8192 [ 151.850427][T14265] futex_wake_op: syz.0.3090 tries to shift op by 32; fix this program [ 152.035161][ T6534] Bluetooth: hci4: command tx timeout [ 152.044839][T14283] loop0: detected capacity change from 0 to 8192 [ 152.213561][T14292] fuse: Unknown parameter 'user_id00000000000000000000' [ 152.679302][T14308] loop4: detected capacity change from 0 to 8192 [ 152.734722][T14316] fuse: Bad value for 'fd' [ 152.761088][T14318] loop4: detected capacity change from 0 to 512 [ 152.820492][T14318] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 152.945683][T14329] fuse: Unknown parameter '01777777777777777777777' [ 153.303316][ T31] audit: type=1326 audit(152.920:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14319 comm="syz.6.3115" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa595b3a8 code=0x7ffc0000 [ 153.641708][T12862] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.733976][T14349] fuse: Bad value for 'fd' [ 153.740871][T14344] loop1: detected capacity change from 0 to 8192 [ 153.760865][T14352] loop6: detected capacity change from 0 to 128 [ 153.780372][T14352] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 154.103284][ T6534] Bluetooth: hci4: command tx timeout [ 154.301791][T14367] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3127'. [ 154.354342][T14366] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 154.379872][T14366] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3131'. [ 154.558034][T14379] fuse: Bad value for 'fd' [ 154.626405][ T8627] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 154.766022][T14387] loop6: detected capacity change from 0 to 40427 [ 154.774373][T14387] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12 [ 154.774403][T14387] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 154.776094][T14387] F2FS-fs (loop6): invalid crc value [ 154.837017][T14387] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 154.841941][T14387] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 154.841985][T14387] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 155.175210][T14404] netlink: 96 bytes leftover after parsing attributes in process `syz.6.3139'. [ 155.444835][T14406] loop1: detected capacity change from 0 to 128 [ 155.451291][T14406] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 155.451443][T14406] FAT-fs (loop1): FAT read failed (blocknr 255) [ 155.532812][T14415] loop7: detected capacity change from 0 to 128 [ 155.539446][T14415] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 156.005635][T14428] sctp: [Deprecated]: syz.6.3149 (pid 14428) Use of struct sctp_assoc_value in delayed_ack socket option. [ 156.005635][T14428] Use struct sctp_sack_info instead [ 156.467633][T12392] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 156.497569][T14438] could not allocate digest TFM handle rmd320 [ 156.689792][T14459] loop1: detected capacity change from 0 to 256 [ 156.708783][T14459] FAT-fs (loop1): Directory bread(block 64) failed [ 156.708821][T14459] FAT-fs (loop1): Directory bread(block 65) failed [ 156.708846][T14459] FAT-fs (loop1): Directory bread(block 66) failed [ 156.708858][T14459] FAT-fs (loop1): Directory bread(block 67) failed [ 156.708909][T14459] FAT-fs (loop1): Directory bread(block 68) failed [ 156.708923][T14459] FAT-fs (loop1): Directory bread(block 69) failed [ 156.709026][T14459] FAT-fs (loop1): Directory bread(block 70) failed [ 156.709047][T14459] FAT-fs (loop1): Directory bread(block 71) failed [ 156.709072][T14459] FAT-fs (loop1): Directory bread(block 72) failed [ 156.709083][T14459] FAT-fs (loop1): Directory bread(block 73) failed [ 157.143835][T14469] loop1: detected capacity change from 0 to 128 [ 157.167176][T14469] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 157.812130][T14486] loop7: detected capacity change from 0 to 8192 [ 158.501026][ T6527] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 158.624614][ T31] kauditd_printk_skb: 28 callbacks suppressed [ 158.624653][ T31] audit: type=1326 audit(158.590:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14493 comm="syz.0.3179" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 158.624678][ T31] audit: type=1326 audit(158.590:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14493 comm="syz.0.3179" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 158.624698][ T31] audit: type=1326 audit(158.590:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14493 comm="syz.0.3179" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=213 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 158.624716][ T31] audit: type=1326 audit(158.590:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14493 comm="syz.0.3179" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 158.624731][ T31] audit: type=1326 audit(158.590:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14493 comm="syz.0.3179" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 158.944019][T14510] fuse: Bad value for 'fd' [ 159.065592][T14518] loop0: detected capacity change from 0 to 128 [ 159.076830][T14518] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 159.785613][T14538] block device autoloading is deprecated and will be removed. [ 159.957565][T13995] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 160.436488][T14552] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3196'. [ 160.701187][ T6637] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 160.957471][T14569] loop6: detected capacity change from 0 to 128 [ 160.965815][ T6637] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 160.965852][ T6637] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.970410][T14569] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 160.980534][ T6637] usb 1-1: config 0 descriptor?? [ 161.800056][T14581] tipc: Started in network mode [ 161.800096][T14581] tipc: Node identity f64160fd1bec, cluster identity 4711 [ 161.800732][T14581] tipc: Enabled bearer , priority 0 [ 161.802112][T14580] tipc: Resetting bearer [ 161.823423][ T8627] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 162.626215][ T6637] usb 1-1: Cannot set autoneg [ 162.635150][ T6637] MOSCHIP usb-ethernet driver 1-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 162.644444][ T6637] usb 1-1: USB disconnect, device number 2 [ 162.658412][T14614] netlink: 216 bytes leftover after parsing attributes in process `syz.1.3216'. [ 162.660242][T14614] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3216'. [ 162.868179][T14619] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 162.869035][T14619] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 162.938325][ T9] tipc: Node number set to 3987562749 [ 164.041555][T14580] tipc: Disabling bearer [ 164.091175][T14628] loop6: detected capacity change from 0 to 128 [ 164.105117][T14628] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 164.117564][T14632] loop4: detected capacity change from 0 to 1024 [ 164.189158][T14632] Quota error (device loop4): do_check_range: Getting block 64 out of range 1-5 [ 164.189279][T14632] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 164.189288][T14632] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.3221: Failed to acquire dquot type 0 [ 164.202785][T14632] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 164.207663][T14632] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #13: comm syz.4.3221: corrupted inode contents [ 164.211153][T14632] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #13: comm syz.4.3221: mark_inode_dirty error [ 164.211456][T14632] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #13: comm syz.4.3221: corrupted inode contents [ 164.211604][T14632] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #13: comm syz.4.3221: mark_inode_dirty error [ 164.216603][T14632] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #13: comm syz.4.3221: corrupted inode contents [ 164.217459][T14632] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 164.219050][T14632] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #13: comm syz.4.3221: corrupted inode contents [ 164.219411][T14632] EXT4-fs error (device loop4): ext4_truncate:4666: inode #13: comm syz.4.3221: mark_inode_dirty error [ 164.219638][T14632] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 164.224208][T14632] EXT4-fs (loop4): 1 truncate cleaned up [ 164.225204][T14632] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 164.556165][T14642] loop7: detected capacity change from 0 to 256 [ 164.577770][T14642] FAT-fs (loop7): Directory bread(block 64) failed [ 164.577800][T14642] FAT-fs (loop7): Directory bread(block 65) failed [ 164.577839][T14642] FAT-fs (loop7): Directory bread(block 66) failed [ 164.577858][T14642] FAT-fs (loop7): Directory bread(block 67) failed [ 164.577884][T14642] FAT-fs (loop7): Directory bread(block 68) failed [ 164.577901][T14642] FAT-fs (loop7): Directory bread(block 69) failed [ 164.577926][T14642] FAT-fs (loop7): Directory bread(block 70) failed [ 164.577940][T14642] FAT-fs (loop7): Directory bread(block 71) failed [ 164.577962][T14642] FAT-fs (loop7): Directory bread(block 72) failed [ 164.577975][T14642] FAT-fs (loop7): Directory bread(block 73) failed [ 164.683105][T14644] netlink: 79 bytes leftover after parsing attributes in process `syz.4.3221'. [ 164.940984][T14652] loop7: detected capacity change from 0 to 256 [ 164.941372][T14652] exfat: Unknown parameter 'ervors' [ 165.023001][T14654] netlink: 'syz.0.3226': attribute type 3 has an invalid length. [ 165.023942][T14654] netlink: 'syz.0.3226': attribute type 3 has an invalid length. [ 165.034021][T14654] vhci_hcd: invalid port number 96 [ 165.034202][T14654] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 165.186340][T12862] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.265331][ T8627] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 165.378442][T14662] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3227'. [ 165.570458][T14661] loop4: detected capacity change from 0 to 8192 [ 165.570837][T14661] vfat: Unknown parameter '' [ 166.033983][T14684] sch_fq: defrate 53322 ignored. [ 166.040889][T14682] loop6: detected capacity change from 0 to 256 [ 166.054125][T14682] FAT-fs (loop6): Directory bread(block 64) failed [ 166.054162][T14682] FAT-fs (loop6): Directory bread(block 65) failed [ 166.054185][T14682] FAT-fs (loop6): Directory bread(block 66) failed [ 166.054195][T14682] FAT-fs (loop6): Directory bread(block 67) failed [ 166.054216][T14682] FAT-fs (loop6): Directory bread(block 68) failed [ 166.054226][T14682] FAT-fs (loop6): Directory bread(block 69) failed [ 166.054247][T14682] FAT-fs (loop6): Directory bread(block 70) failed [ 166.054257][T14682] FAT-fs (loop6): Directory bread(block 71) failed [ 166.054275][T14682] FAT-fs (loop6): Directory bread(block 72) failed [ 166.054285][T14682] FAT-fs (loop6): Directory bread(block 73) failed [ 166.068286][T14686] overlayfs: missing 'workdir' [ 166.260076][T14708] loop6: detected capacity change from 0 to 8192 [ 166.279326][T14713] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3249'. [ 166.338908][T14716] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3250'. [ 166.341010][T14720] overlayfs: missing 'workdir' [ 166.356133][T14716] loop7: detected capacity change from 0 to 4096 [ 166.359118][T14716] EXT4-fs (loop7): Test dummy encryption mode enabled [ 166.369773][T14716] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 166.385707][T14716] fscrypt: AES-256-XTS using implementation "xts-aes-ce" [ 166.443401][T12392] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.501623][T14732] loop7: detected capacity change from 0 to 256 [ 166.520081][T14732] FAT-fs (loop7): Directory bread(block 64) failed [ 166.521391][T14732] FAT-fs (loop7): Directory bread(block 65) failed [ 166.523842][T14732] FAT-fs (loop7): Directory bread(block 66) failed [ 166.526626][T14732] FAT-fs (loop7): Directory bread(block 67) failed [ 166.526811][T14732] FAT-fs (loop7): Directory bread(block 68) failed [ 166.526830][T14732] FAT-fs (loop7): Directory bread(block 69) failed [ 166.526861][T14732] FAT-fs (loop7): Directory bread(block 70) failed [ 166.526878][T14732] FAT-fs (loop7): Directory bread(block 71) failed [ 166.526910][T14732] FAT-fs (loop7): Directory bread(block 72) failed [ 166.526927][T14732] FAT-fs (loop7): Directory bread(block 73) failed [ 166.617165][T14740] tipc: Enabled bearer , priority 0 [ 166.618648][T14739] tipc: Resetting bearer [ 166.688519][T14742] netlink: 'syz.7.3261': attribute type 4 has an invalid length. [ 166.688555][T14742] netlink: 3657 bytes leftover after parsing attributes in process `syz.7.3261'. [ 166.809611][T14743] kernel profiling enabled (shift: 5) [ 166.849234][T14745] loop1: detected capacity change from 0 to 128 [ 166.896670][T14747] overlayfs: missing 'lowerdir' [ 166.936770][ T31] audit: type=1326 audit(166.910:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14748 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d75b3a8 code=0x7ffc0000 [ 166.940320][ T31] audit: type=1326 audit(166.910:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14748 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d75b3a8 code=0x7ffc0000 [ 166.940363][ T31] audit: type=1326 audit(166.910:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14748 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8d75b3a8 code=0x7ffc0000 [ 166.940383][ T31] audit: type=1326 audit(166.910:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14748 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d75b3a8 code=0x7ffc0000 [ 166.940401][ T31] audit: type=1326 audit(166.910:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14748 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d75b3a8 code=0x7ffc0000 [ 166.940417][ T31] audit: type=1326 audit(166.910:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14748 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8d75b3a8 code=0x7ffc0000 [ 166.940433][ T31] audit: type=1326 audit(166.910:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14748 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d75b3a8 code=0x7ffc0000 [ 166.940448][ T31] audit: type=1326 audit(166.910:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14748 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d75b3a8 code=0x7ffc0000 [ 167.259126][T14756] loop0: detected capacity change from 0 to 128 [ 167.268097][T14756] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 167.517868][T14761] overlayfs: failed to resolve './file1': -2 [ 167.672640][T14739] tipc: Disabling bearer [ 167.720991][T14764] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 167.735772][ T12] Bluetooth: hci2: Frame reassembly failed (-84) [ 167.906282][T14781] loop7: detected capacity change from 0 to 256 [ 167.909723][T14781] FAT-fs (loop7): bogus number of FAT sectors [ 167.909770][T14781] FAT-fs (loop7): Can't find a valid FAT filesystem [ 167.935650][T14780] loop4: detected capacity change from 0 to 8192 [ 167.991173][T14783] pim6reg1: entered promiscuous mode [ 167.991201][T14783] pim6reg1: entered allmulticast mode [ 168.120713][T13995] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 168.767727][T14799] 9pnet_fd: Insufficient options for proto=fd [ 169.051328][T14803] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 169.218477][ T31] kauditd_printk_skb: 14 callbacks suppressed [ 169.220558][ T31] audit: type=1326 audit(169.190:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14810 comm="syz.1.3288" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d75b3a8 code=0x7fc00000 [ 169.224277][ T31] audit: type=1326 audit(169.190:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14810 comm="syz.1.3288" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffff8d75b3a8 code=0x7fc00000 [ 169.228108][ T31] audit: type=1326 audit(169.190:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14810 comm="syz.1.3288" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d75b3a8 code=0x7fc00000 [ 169.232622][ T31] audit: type=1326 audit(169.190:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14810 comm="syz.1.3288" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d75b3a8 code=0x7fc00000 [ 169.237092][ T31] audit: type=1326 audit(169.190:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14810 comm="syz.1.3288" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d75b3a8 code=0x7fc00000 [ 169.241623][ T31] audit: type=1326 audit(169.190:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14810 comm="syz.1.3288" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d75b3a8 code=0x7fc00000 [ 169.245464][ T31] audit: type=1326 audit(169.190:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14810 comm="syz.1.3288" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d75b3a8 code=0x7fc00000 [ 169.249544][ T31] audit: type=1326 audit(169.190:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14810 comm="syz.1.3288" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d75b3a8 code=0x7fc00000 [ 169.254147][ T31] audit: type=1326 audit(169.190:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14810 comm="syz.1.3288" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d75b3a8 code=0x7fc00000 [ 169.254203][ T31] audit: type=1326 audit(169.190:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14810 comm="syz.1.3288" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d75b3a8 code=0x7fc00000 [ 169.492488][T14825] loop4: detected capacity change from 0 to 512 [ 169.633737][T14825] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 169.633797][T14825] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 169.711607][T14825] EXT4-fs (loop4): 1 truncate cleaned up [ 169.716102][T14825] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 169.782817][ T6122] Bluetooth: hci2: command 0x1003 tx timeout [ 169.852531][ T6534] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 170.351472][T12862] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.471506][T14849] loop7: detected capacity change from 0 to 256 [ 170.474440][T14849] exfat: Deprecated parameter 'utf8' [ 170.490554][T14849] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 170.529639][T14853] netlink: 104 bytes leftover after parsing attributes in process `syz.7.3302'. [ 170.853970][T14877] netlink: 165 bytes leftover after parsing attributes in process `syz.4.3304'. [ 171.145672][T14890] loop1: detected capacity change from 0 to 256 [ 171.207110][T14890] FAT-fs (loop1): Directory bread(block 64) failed [ 171.207153][T14890] FAT-fs (loop1): Directory bread(block 65) failed [ 171.207182][T14890] FAT-fs (loop1): Directory bread(block 66) failed [ 171.207193][T14890] FAT-fs (loop1): Directory bread(block 67) failed [ 171.207218][T14890] FAT-fs (loop1): Directory bread(block 68) failed [ 171.207228][T14890] FAT-fs (loop1): Directory bread(block 69) failed [ 171.207248][T14890] FAT-fs (loop1): Directory bread(block 70) failed [ 171.207258][T14890] FAT-fs (loop1): Directory bread(block 71) failed [ 171.207277][T14890] FAT-fs (loop1): Directory bread(block 72) failed [ 171.207287][T14890] FAT-fs (loop1): Directory bread(block 73) failed [ 172.132286][T14939] loop4: detected capacity change from 0 to 512 [ 172.895951][T14939] EXT4-fs (loop4): blocks per group (95) and clusters per group (32768) inconsistent [ 173.737284][T14937] netlink: 'syz.4.3318': attribute type 4 has an invalid length. [ 173.841285][T14947] syz.7.3319 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 173.909228][T14952] netlink: 100 bytes leftover after parsing attributes in process `syz.1.3320'. [ 174.086324][T14972] loop7: detected capacity change from 0 to 512 [ 174.092047][T14976] binder: 14958:14976 tried to acquire reference to desc 0, got 1 instead [ 174.102044][T14972] EXT4-fs error (device loop7): ext4_orphan_get:1392: inode #15: comm syz.7.3327: casefold flag without casefold feature [ 174.102462][T14972] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.3327: couldn't read orphan inode 15 (err -117) [ 174.104096][T14972] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 174.201774][ T1817] binder: release 14958:14976 transaction 12 out, still active [ 174.238853][ T1817] binder: undelivered TRANSACTION_COMPLETE [ 174.240651][ T1817] binder: send failed reply for transaction 5 to 14958:14976 [ 174.308574][ T31] kauditd_printk_skb: 365 callbacks suppressed [ 174.308610][ T31] audit: type=1326 audit(175.271:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14971 comm="syz.7.3327" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x0 [ 174.473141][ T1817] binder: undelivered TRANSACTION_COMPLETE [ 174.474227][ T1817] binder: undelivered TRANSACTION_ERROR: 29189 [ 174.475346][ T1817] binder: send failed reply for transaction 12, target dead [ 174.850830][T14990] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3330'. [ 174.937574][T12392] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.013701][T14994] 9pnet_fd: Insufficient options for proto=fd [ 175.097593][T14999] binder: 14998:14999 ioctl c018620c 20000000 returned -1 [ 175.099732][T14992] loop1: detected capacity change from 0 to 256 [ 175.119985][T14992] FAT-fs (loop1): Directory bread(block 64) failed [ 175.120021][T14992] FAT-fs (loop1): Directory bread(block 65) failed [ 175.120054][T14992] FAT-fs (loop1): Directory bread(block 66) failed [ 175.120068][T14992] FAT-fs (loop1): Directory bread(block 67) failed [ 175.120091][T14992] FAT-fs (loop1): Directory bread(block 68) failed [ 175.120101][T14992] FAT-fs (loop1): Directory bread(block 69) failed [ 175.120123][T14992] FAT-fs (loop1): Directory bread(block 70) failed [ 175.120132][T14992] FAT-fs (loop1): Directory bread(block 71) failed [ 175.120152][T14992] FAT-fs (loop1): Directory bread(block 72) failed [ 175.120161][T14992] FAT-fs (loop1): Directory bread(block 73) failed [ 175.174704][T15001] loop7: detected capacity change from 0 to 8192 [ 175.193684][T15001] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 175.403312][T15016] 9pnet_fd: Insufficient options for proto=fd [ 177.032804][T15031] loop7: detected capacity change from 0 to 256 [ 177.038302][T15031] FAT-fs (loop7): Directory bread(block 64) failed [ 177.038342][T15031] FAT-fs (loop7): Directory bread(block 65) failed [ 177.038367][T15031] FAT-fs (loop7): Directory bread(block 66) failed [ 177.038381][T15031] FAT-fs (loop7): Directory bread(block 67) failed [ 177.038404][T15031] FAT-fs (loop7): Directory bread(block 68) failed [ 177.038418][T15031] FAT-fs (loop7): Directory bread(block 69) failed [ 177.038442][T15031] FAT-fs (loop7): Directory bread(block 70) failed [ 177.038455][T15031] FAT-fs (loop7): Directory bread(block 71) failed [ 177.038478][T15031] FAT-fs (loop7): Directory bread(block 72) failed [ 177.038492][T15031] FAT-fs (loop7): Directory bread(block 73) failed [ 178.236066][T15053] 9pnet_fd: Insufficient options for proto=fd [ 178.823800][T15071] loop6: detected capacity change from 0 to 512 [ 178.824438][T15071] EXT4-fs: Ignoring removed mblk_io_submit option [ 178.840607][T15071] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 178.848994][T15071] EXT4-fs (loop6): can't mount with data_err=abort, fs mounted w/o journal [ 179.568133][ T6578] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 179.569905][ T6578] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 179.571387][ T6578] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 179.571418][ T6578] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 179.571432][ T6578] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 179.571444][ T6578] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 179.571454][ T6578] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 179.571465][ T6578] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 179.571474][ T6578] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 179.571484][ T6578] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 179.599576][ T6578] hid-generic 0000:0006:0007.0001: hidraw0: HID v0.0b Device [syz1] on syz1 [ 179.620194][T15080] binder: 15077:15080 got transaction to invalid handle, 3 [ 179.620227][T15080] binder: 15077:15080 cannot find target node [ 179.620248][T15080] binder: 15077:15080 transaction call to 0:0 failed 14/29201/-22, code 0 size 0-0 line 3151 [ 179.648898][ T6578] binder: undelivered TRANSACTION_ERROR: 29201 [ 179.693265][T15083] 9pnet_fd: Insufficient options for proto=fd [ 179.790591][T15087] fido_id[15087]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 179.831517][T15089] syzkaller0: entered promiscuous mode [ 179.831553][T15089] syzkaller0: entered allmulticast mode [ 180.194142][T15093] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3363'. [ 180.578740][T15109] binder: 15108:15109 got transaction to invalid handle, 3 [ 180.578773][T15109] binder: 15108:15109 cannot find target node [ 180.578793][T15109] binder: 15108:15109 transaction call to 0:0 failed 16/29201/-22, code 0 size 0-0 line 3151 [ 180.583944][ T26] binder: undelivered TRANSACTION_ERROR: 29201 [ 180.689378][T15116] loop1: detected capacity change from 0 to 512 [ 180.689812][T15116] EXT4-fs: Ignoring removed mblk_io_submit option [ 180.719321][T15116] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 180.728289][T15116] EXT4-fs (loop1): can't mount with data_err=abort, fs mounted w/o journal [ 181.648653][T15115] 9pnet_fd: Insufficient options for proto=fd [ 181.686317][ T6637] hid-generic 0005:0003:FFFFFF63.0002: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on syz1 [ 181.778498][T15126] fido_id[15126]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 182.462387][ T6122] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 182.464200][ T6122] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 182.467498][ T6122] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 182.469449][ T6122] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 182.470538][ T6122] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 183.163884][T15148] loop7: detected capacity change from 0 to 128 [ 183.177105][T15150] 9pnet_fd: Insufficient options for proto=fd [ 183.190098][T15148] syz.7.3391: attempt to access beyond end of device [ 183.190098][T15148] loop7: rw=2049, sector=154, nr_sectors = 6 limit=128 [ 183.191498][T15148] syz.7.3391: attempt to access beyond end of device [ 183.191498][T15148] loop7: rw=2049, sector=158, nr_sectors = 2 limit=128 [ 183.191580][T15148] Buffer I/O error on dev loop7, logical block 79, lost async page write [ 183.191613][T15148] syz.7.3391: attempt to access beyond end of device [ 183.191613][T15148] loop7: rw=2049, sector=160, nr_sectors = 2 limit=128 [ 183.191621][T15148] Buffer I/O error on dev loop7, logical block 80, lost async page write [ 183.192661][T15148] syz.7.3391: attempt to access beyond end of device [ 183.192661][T15148] loop7: rw=2049, sector=162, nr_sectors = 6 limit=128 [ 183.193362][T15148] syz.7.3391: attempt to access beyond end of device [ 183.193362][T15148] loop7: rw=2049, sector=166, nr_sectors = 2 limit=128 [ 183.193375][T15148] Buffer I/O error on dev loop7, logical block 83, lost async page write [ 183.193398][T15148] syz.7.3391: attempt to access beyond end of device [ 183.193398][T15148] loop7: rw=2049, sector=168, nr_sectors = 2 limit=128 [ 183.193407][T15148] Buffer I/O error on dev loop7, logical block 84, lost async page write [ 183.193533][T15148] syz.7.3391: attempt to access beyond end of device [ 183.193533][T15148] loop7: rw=2049, sector=186, nr_sectors = 6 limit=128 [ 183.193798][T15148] syz.7.3391: attempt to access beyond end of device [ 183.193798][T15148] loop7: rw=2049, sector=190, nr_sectors = 2 limit=128 [ 183.193807][T15148] Buffer I/O error on dev loop7, logical block 95, lost async page write [ 183.193828][T15148] syz.7.3391: attempt to access beyond end of device [ 183.193828][T15148] loop7: rw=2049, sector=192, nr_sectors = 2 limit=128 [ 183.193836][T15148] Buffer I/O error on dev loop7, logical block 96, lost async page write [ 183.193950][T15148] syz.7.3391: attempt to access beyond end of device [ 183.193950][T15148] loop7: rw=2049, sector=194, nr_sectors = 6 limit=128 [ 183.194142][T15148] Buffer I/O error on dev loop7, logical block 99, lost async page write [ 183.194163][T15148] Buffer I/O error on dev loop7, logical block 100, lost async page write [ 183.194449][T15148] Buffer I/O error on dev loop7, logical block 111, lost async page write [ 183.194472][T15148] Buffer I/O error on dev loop7, logical block 112, lost async page write [ 183.470660][ T31] audit: type=1326 audit(184.431:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15161 comm="syz.7.3398" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 183.471045][ T31] audit: type=1326 audit(184.431:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15161 comm="syz.7.3398" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=430 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 183.471154][ T31] audit: type=1326 audit(184.431:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15161 comm="syz.7.3398" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 183.471340][ T31] audit: type=1326 audit(184.431:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15161 comm="syz.7.3398" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=431 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 183.471412][ T31] audit: type=1326 audit(184.431:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15161 comm="syz.7.3398" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 183.538972][T15172] 9pnet_fd: Insufficient options for proto=fd [ 183.640592][T15136] chnl_net:caif_netlink_parms(): no params data found [ 183.641992][T15185] loop6: detected capacity change from 0 to 512 [ 183.650000][T15185] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 183.651922][ T31] audit: type=1326 audit(184.611:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15186 comm="syz.0.3408" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 183.652397][ T31] audit: type=1326 audit(184.611:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15186 comm="syz.0.3408" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=226 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 183.655694][ T31] audit: type=1326 audit(184.621:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15186 comm="syz.0.3408" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 183.655714][ T31] audit: type=1326 audit(184.621:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15186 comm="syz.0.3408" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55b3a8 code=0x7ffc0000 [ 183.674161][T15185] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 183.679178][T15185] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 183.684991][T15184] loop4: detected capacity change from 0 to 8192 [ 183.685606][T15185] EXT4-fs (loop6): 1 truncate cleaned up [ 183.686054][T15185] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 183.717040][ T8627] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.751178][T15136] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.751250][T15136] bridge0: port 1(bridge_slave_0) entered disabled state [ 183.751346][T15136] bridge_slave_0: entered allmulticast mode [ 183.758871][T15136] bridge_slave_0: entered promiscuous mode [ 183.761464][T15136] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.766372][T15136] bridge0: port 2(bridge_slave_1) entered disabled state [ 183.767934][T15136] bridge_slave_1: entered allmulticast mode [ 183.772991][T15136] bridge_slave_1: entered promiscuous mode [ 183.828964][T15136] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 183.836197][T15136] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 184.203656][T15136] team0: Port device team_slave_0 added [ 184.207420][T15136] team0: Port device team_slave_1 added [ 184.225502][T15136] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 184.226767][T15136] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 184.231540][T15136] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 184.235517][T15136] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 184.236877][T15136] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 184.241680][T15136] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 184.247235][T15203] 9pnet_fd: Insufficient options for proto=fd [ 184.258270][T15136] hsr_slave_0: entered promiscuous mode [ 184.259681][T15136] hsr_slave_1: entered promiscuous mode [ 184.261429][T15136] debugfs: 'hsr0' already exists in 'hsr' [ 184.263279][T15136] Cannot create hsr debugfs directory [ 184.491665][T15214] random: crng reseeded on system resumption [ 184.502280][ T6122] Bluetooth: hci2: command tx timeout [ 184.961461][T15136] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 184.969754][T15136] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 184.973447][T15136] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 184.975892][T15136] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 185.092106][T15136] 8021q: adding VLAN 0 to HW filter on device bond0 [ 185.100914][T15136] 8021q: adding VLAN 0 to HW filter on device team0 [ 185.214850][T13069] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.214896][T13069] bridge0: port 1(bridge_slave_0) entered forwarding state [ 185.229077][T13069] bridge0: port 2(bridge_slave_1) entered blocking state [ 185.229126][T13069] bridge0: port 2(bridge_slave_1) entered forwarding state [ 185.426394][T15236] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 185.430086][T15236] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 185.569421][T15136] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 185.634657][T15136] veth0_vlan: entered promiscuous mode [ 185.651698][T15136] veth1_vlan: entered promiscuous mode [ 185.695895][T15136] veth0_macvtap: entered promiscuous mode [ 185.703504][T15136] veth1_macvtap: entered promiscuous mode [ 185.762805][T15136] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 185.780001][T15136] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 185.794322][T13069] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.794960][T13069] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.795417][T13069] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.795838][T13069] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.857898][ T4545] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 185.862137][ T4545] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 185.904546][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 185.904583][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 185.916656][T15240] 9pnet_fd: Insufficient options for proto=fd [ 186.020428][T15248] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 186.020461][T15248] IPv6: NLM_F_CREATE should be set when creating new route [ 186.582265][ T6122] Bluetooth: hci2: command tx timeout [ 186.950881][T15259] loop4: detected capacity change from 0 to 512 [ 187.036406][T15259] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.3428: casefold flag without casefold feature [ 187.038742][T15259] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.3428: couldn't read orphan inode 15 (err -117) [ 187.041502][T15259] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 187.141908][T15265] loop7: detected capacity change from 0 to 512 [ 187.234400][T15265] EXT4-fs (loop7): 1 orphan inode deleted [ 187.238477][T15265] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 187.416293][ T2409] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.416372][ T2409] ieee802154 phy1 wpan1: encryption failed: -22 [ 187.592286][ T5119] bridge_slave_1: left allmulticast mode [ 187.594263][ T5119] bridge_slave_1: left promiscuous mode [ 187.598187][ T5119] bridge0: port 2(bridge_slave_1) entered disabled state [ 187.861208][ T5119] bridge_slave_0: left allmulticast mode [ 187.861247][ T5119] bridge_slave_0: left promiscuous mode [ 187.862214][ T5119] bridge0: port 1(bridge_slave_0) entered disabled state [ 187.981852][T13960] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 187.984958][T13960] EXT4-fs error (device loop7): ext4_release_dquot:6973: comm kworker/u8:14: Failed to release dquot type 1 [ 188.005399][T12862] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.010662][T12392] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.069991][T15272] 9pnet_fd: Insufficient options for proto=fd [ 188.317736][T15282] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3434'. [ 188.662308][ T6122] Bluetooth: hci2: command tx timeout [ 188.718220][ T5119] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 188.744320][ T5119] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 188.772911][ T5119] bond0 (unregistering): Released all slaves [ 188.869745][T15290] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.869904][T15290] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.048921][T15304] 9pnet_fd: Insufficient options for proto=fd [ 189.093825][T15290] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 189.097796][T15290] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 189.462689][ T6122] Bluetooth: hci5: command 0x0406 tx timeout [ 189.608236][T13960] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.609530][T13960] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.609560][T13960] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.609584][T13960] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.943854][ T5119] hsr_slave_0: left promiscuous mode [ 189.944951][ T5119] hsr_slave_1: left promiscuous mode [ 189.945166][ T5119] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 189.947419][ T5119] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 189.997017][T15330] 9pnet_fd: Insufficient options for proto=fd [ 190.058879][T15338] binder: 15337:15338 unknown command 0 [ 190.060163][T15338] binder: 15337:15338 ioctl c0306201 20000640 returned -22 [ 190.062068][ T6578] binder: undelivered freeze notification, 0000000000000000 [ 190.114733][ T31] audit: type=1326 audit(191.081:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15333 comm="syz.7.3458" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 190.115501][ T31] audit: type=1326 audit(191.081:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15333 comm="syz.7.3458" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=75 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 190.115567][ T31] audit: type=1326 audit(191.081:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15333 comm="syz.7.3458" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 190.166503][T15345] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 190.166709][T15345] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 190.297408][ T5119] team0 (unregistering): Port device team_slave_1 removed [ 190.316356][ T5119] team0 (unregistering): Port device team_slave_0 removed [ 190.534396][T15347] fuse: Unknown parameter 'user_i00000000000000000000' [ 190.723131][T15360] binder: 15348:15360 tried to acquire reference to desc 0, got 1 instead [ 190.723477][T15360] binder: 15348:15360 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 30) [ 190.723501][T15360] binder: 15360 RLIMIT_NICE not set [ 190.723522][T15360] binder: 15360 RLIMIT_NICE not set [ 190.723539][T15360] binder: send failed reply for transaction 23 to 15348:15360 [ 190.723561][T15360] binder: 15348:15360 ioctl c0306201 20000180 returned -14 [ 190.724017][T15360] binder_alloc: 15348: binder_alloc_buf, no vma [ 190.724030][T15360] binder: cannot allocate buffer: vma cleared, target dead or dying [ 190.724061][T15360] binder: 15348:15360 transaction call to 15348:0 failed 30/29189/-3, code 0 size 0-0 line 3335 [ 190.745403][ T6534] Bluetooth: hci2: command tx timeout [ 191.132393][ T6578] binder: undelivered TRANSACTION_COMPLETE [ 191.133555][ T6578] binder: undelivered TRANSACTION_ERROR: 29201 [ 191.153451][ T6578] binder: undelivered TRANSACTION_ERROR: 29189 [ 191.229279][T15372] overlayfs: missing 'lowerdir' [ 192.254279][T15385] fuse: Unknown parameter 'user_i00000000000000000000' [ 192.735026][T15399] loop7: detected capacity change from 0 to 1024 [ 192.768143][T15399] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 192.785574][ T31] audit: type=1326 audit(193.751:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15407 comm="syz.6.3485" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffffa595b3a8 code=0x0 [ 192.789325][T15399] EXT4-fs (loop7): Online defrag not supported with bigalloc [ 192.834911][T12392] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.968292][T15420] fuse: Unknown parameter 'user_i00000000000000000000' [ 193.543009][T15436] netlink: 'syz.1.3496': attribute type 4 has an invalid length. [ 193.547568][T15436] netlink: 'syz.1.3496': attribute type 4 has an invalid length. [ 194.011566][T15451] fuse: Unknown parameter 'user_id00000000000000000000' [ 194.088513][T15458] loop7: detected capacity change from 0 to 256 [ 194.093647][T15458] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 194.095834][T15458] exFAT-fs (loop7): Medium has reported failures. Some data may be lost. [ 194.105794][T15458] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 194.158519][T15460] binder: 15455:15460 tried to acquire reference to desc 0, got 1 instead [ 194.159142][T15460] binder: 15455:15460 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 30) [ 194.159675][T15460] binder: 15460 RLIMIT_NICE not set [ 194.209717][T15462] binder: 15455:15462 got transaction to invalid handle, 3 [ 194.209756][T15462] binder: 15455:15462 cannot find target node [ 194.210293][T15462] binder: 15455:15462 transaction call to 0:0 failed 35/29201/-22, code 0 size 0-0 line 3151 [ 194.529806][T15469] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 194.531626][T15469] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 194.563006][ T10] binder: undelivered TRANSACTION_ERROR: 29201 [ 194.649638][T15485] fuse: Unknown parameter 'user_id00000000000000000000' [ 195.150486][T15518] fuse: Unknown parameter 'user_id00000000000000000000' [ 196.180530][T15557] 9pnet: Could not find request transport: fd0x0000000000000003 [ 196.201390][T15562] binder: 15552:15562 got transaction to invalid handle, 1 [ 196.201422][T15562] binder: 15552:15562 cannot find target node [ 196.201431][T15562] binder: 15552:15562 transaction call to 0:0 failed 39/29201/-22, code 0 size 72-24 line 3151 [ 196.206103][T15562] binder: 15552:15562 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 30) [ 196.206125][T15562] binder: 15562 RLIMIT_NICE not set [ 196.255904][T15570] binder: 15552:15570 got transaction to invalid handle, 3 [ 196.255937][T15570] binder: 15552:15570 cannot find target node [ 196.255962][T15570] binder: 15552:15570 transaction call to 0:0 failed 40/29201/-22, code 0 size 0-0 line 3151 [ 196.332814][ T10] binder: undelivered TRANSACTION_ERROR: 29201 [ 196.356424][ T10] binder: undelivered TRANSACTION_ERROR: 29201 [ 196.661695][ T31] audit: type=1326 audit(197.621:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15601 comm="syz.4.3543" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8135b3a8 code=0x7ffc0000 [ 196.665791][ T31] audit: type=1326 audit(197.641:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15601 comm="syz.4.3543" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8135b3a8 code=0x7ffc0000 [ 196.669651][ T31] audit: type=1326 audit(197.641:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15601 comm="syz.4.3543" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8135b3a8 code=0x7ffc0000 [ 196.676283][ T31] audit: type=1326 audit(197.641:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15601 comm="syz.4.3543" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8135b3a8 code=0x7ffc0000 [ 196.676341][ T31] audit: type=1326 audit(197.641:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15601 comm="syz.4.3543" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8135b3a8 code=0x7ffc0000 [ 196.683832][ T31] audit: type=1326 audit(197.641:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15601 comm="syz.4.3543" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8135b3a8 code=0x7ffc0000 [ 196.683920][ T31] audit: type=1326 audit(197.641:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15601 comm="syz.4.3543" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8135b3a8 code=0x7ffc0000 [ 196.683992][ T31] audit: type=1326 audit(197.641:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15601 comm="syz.4.3543" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8135b3a8 code=0x7ffc0000 [ 196.684020][ T31] audit: type=1326 audit(197.641:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15601 comm="syz.4.3543" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8135b3a8 code=0x7ffc0000 [ 196.684040][ T31] audit: type=1326 audit(197.641:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15601 comm="syz.4.3543" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=5 compat=0 ip=0xffff8135b3a8 code=0x7ffc0000 [ 196.804825][T15613] 9pnet: Could not find request transport: fd0x0000000000000003 [ 197.182311][ T10] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 197.752499][ T10] usb 1-1: Using ep0 maxpacket: 32 [ 197.754207][ T10] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 197.754235][ T10] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 197.754250][ T10] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 197.754273][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 197.754285][ T10] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 197.754296][ T10] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 197.754306][ T10] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 197.754323][ T10] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 197.754334][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.764024][ T10] usb 1-1: config 0 descriptor?? [ 197.853909][T15636] tipc: Failed to remove unknown binding: 66,1,1/3987562749:3160657200/3160657202 [ 197.853950][T15636] tipc: Failed to remove unknown binding: 66,1,1/3987562749:3160657200/3160657202 [ 198.535680][T15653] netlink: 'syz.6.3560': attribute type 3 has an invalid length. [ 198.535769][T15653] netlink: 'syz.6.3560': attribute type 3 has an invalid length. [ 198.738368][ T1817] usb 1-1: USB disconnect, device number 3 [ 198.994986][T15669] loop7: detected capacity change from 0 to 1024 [ 198.999813][T15669] EXT4-fs: Ignoring removed orlov option [ 199.000850][T15669] EXT4-fs: Ignoring removed nomblk_io_submit option [ 199.005728][T15669] EXT4-fs (loop7): Cannot use DAX on a filesystem that may contain inline data [ 199.087218][T15669] loop7: detected capacity change from 0 to 512 [ 199.098265][T15669] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102] [ 199.099775][T15669] System zones: 1-12 [ 199.105920][T15669] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.3567: error while reading EA inode 32 err=-116 [ 199.109544][T15669] EXT4-fs (loop7): Remounting filesystem read-only [ 199.111022][T15669] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 199.111064][T15669] EXT4-fs (loop7): 1 orphan inode deleted [ 199.111494][T15669] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 199.122815][T12392] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.452832][T15691] loop7: detected capacity change from 0 to 16 [ 199.465395][T15691] erofs (device loop7): mounted with root inode @ nid 36. [ 199.474342][T15691] erofs (device loop7): xattr_isize 12 of nid 46 is not supported yet [ 199.474427][T15691] erofs (device loop7): xattr_isize 12 of nid 46 is not supported yet [ 199.474498][T15691] erofs (device loop7): xattr_isize 12 of nid 46 is not supported yet [ 199.967266][T15699] macsec1: entered promiscuous mode [ 199.967343][T15699] bridge0: entered promiscuous mode [ 200.305681][T15708] bridge0: port 3(syz_tun) entered blocking state [ 200.305739][T15708] bridge0: port 3(syz_tun) entered disabled state [ 200.305944][T15708] syz_tun: entered allmulticast mode [ 200.307002][T15708] syz_tun: entered promiscuous mode [ 200.307294][T15708] bridge0: port 3(syz_tun) entered blocking state [ 200.307352][T15708] bridge0: port 3(syz_tun) entered forwarding state [ 200.785334][T15714] netlink: 72 bytes leftover after parsing attributes in process `syz.6.3583'. [ 200.819425][T15719] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 200.819614][T15719] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 201.414817][T15735] loop7: detected capacity change from 0 to 16 [ 201.461272][T15735] erofs (device loop7): mounted with root inode @ nid 36. [ 201.468356][T15735] erofs (device loop7): xattr_isize 12 of nid 46 is not supported yet [ 201.468419][T15735] erofs (device loop7): xattr_isize 12 of nid 46 is not supported yet [ 201.468480][T15735] erofs (device loop7): xattr_isize 12 of nid 46 is not supported yet [ 201.751488][ T31] kauditd_printk_skb: 43 callbacks suppressed [ 201.751533][ T31] audit: type=1326 audit(202.711:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15739 comm="syz.1.3593" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8455b3a8 code=0x7ffc0000 [ 201.751626][ T31] audit: type=1326 audit(202.711:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15739 comm="syz.1.3593" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8455b3a8 code=0x7ffc0000 [ 201.751921][ T31] audit: type=1326 audit(202.711:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15739 comm="syz.1.3593" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=102 compat=0 ip=0xffff8455b3a8 code=0x7ffc0000 [ 201.751993][ T31] audit: type=1326 audit(202.711:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15739 comm="syz.1.3593" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8455b3a8 code=0x7ffc0000 [ 201.752056][ T31] audit: type=1326 audit(202.711:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15739 comm="syz.1.3593" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8455b3a8 code=0x7ffc0000 [ 201.785647][T15743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 201.786743][T15743] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 203.324690][ T6600] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 203.480928][ T6600] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 203.480967][ T6600] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 203.481005][ T6600] usb 1-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 203.481020][ T6600] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.549402][ T6600] usb 1-1: config 0 descriptor?? [ 204.204721][T15797] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 204.204749][T15797] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 204.204773][T15797] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 204.341121][T15800] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 204.343311][T15800] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 204.470500][ T6600] hid_parser_main: 151 callbacks suppressed [ 204.476283][ T6600] hid-led 0003:1D34:000A.0003: unknown main item tag 0x2 [ 204.531495][T15809] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 204.531690][T15809] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 204.629621][T15809] loop7: detected capacity change from 0 to 40427 [ 204.636947][T15809] F2FS-fs (loop7): Invalid Fs Meta Ino: node(1) meta(15) root(3) [ 204.636980][T15809] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 204.639032][T15809] F2FS-fs (loop7): invalid crc value [ 204.644792][T15809] F2FS-fs (loop7): NAT is corrupt, run fsck to fix it [ 204.649327][T15809] F2FS-fs (loop7): Failed to initialize F2FS node manager (-117) [ 204.668308][ T6600] hid-led 0003:1D34:000A.0003: probe with driver hid-led failed with error -71 [ 204.678582][ T6600] usb 1-1: USB disconnect, device number 4 [ 205.752522][ T6600] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 206.431437][ T6600] usb 1-1: Using ep0 maxpacket: 16 [ 206.433519][ T6600] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 206.435197][ T6600] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 206.438839][ T6600] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 206.440580][ T6600] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 206.442132][ T6600] usb 1-1: Product: syz [ 206.445503][ T6600] usb 1-1: Manufacturer: syz [ 206.446325][ T6600] usb 1-1: SerialNumber: syz [ 207.220117][ T6600] usb 1-1: 0:2 : does not exist [ 208.144147][ T6600] usb 1-1: 5:0: failed to get current value for ch 0 (-22) [ 208.192135][ T6600] usb 1-1: USB disconnect, device number 5 [ 208.274835][ T6677] udevd[6677]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 208.643014][T15873] pim6reg1: entered promiscuous mode [ 208.644219][T15873] pim6reg1: entered allmulticast mode [ 208.834675][T15892] loop7: detected capacity change from 0 to 16 [ 208.840364][T15892] erofs (device loop7): mounted with root inode @ nid 36. [ 208.844353][T15892] erofs (device loop7): xattr_isize 12 of nid 46 is not supported yet [ 208.844423][T15892] erofs (device loop7): xattr_isize 12 of nid 46 is not supported yet [ 208.844498][T15892] erofs (device loop7): xattr_isize 12 of nid 46 is not supported yet [ 209.500011][T15904] 9pnet_fd: Insufficient options for proto=fd [ 211.376605][T15931] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 212.120088][T15920] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 212.123015][T15929] lo: entered promiscuous mode [ 212.123047][T15929] lo: entered allmulticast mode [ 212.125393][T15929] tunl0: entered promiscuous mode [ 212.125415][T15929] tunl0: entered allmulticast mode [ 212.125649][T15929] gre0: entered promiscuous mode [ 212.125657][T15929] gre0: entered allmulticast mode [ 212.125880][T15929] gretap0: entered promiscuous mode [ 212.125888][T15929] gretap0: entered allmulticast mode [ 212.126174][T15929] erspan0: entered promiscuous mode [ 212.126181][T15929] erspan0: entered allmulticast mode [ 212.126439][T15929] ip_vti0: entered promiscuous mode [ 212.126445][T15929] ip_vti0: entered allmulticast mode [ 212.126659][T15929] ip6_vti0: entered promiscuous mode [ 212.126665][T15929] ip6_vti0: entered allmulticast mode [ 212.126865][T15929] sit0: entered promiscuous mode [ 212.126872][T15929] sit0: entered allmulticast mode [ 212.127079][T15929] ip6tnl0: entered promiscuous mode [ 212.127088][T15929] ip6tnl0: entered allmulticast mode [ 212.127274][T15929] ip6gre0: entered promiscuous mode [ 212.127281][T15929] ip6gre0: entered allmulticast mode [ 212.127461][T15929] ip6gretap0: entered promiscuous mode [ 212.127468][T15929] ip6gretap0: entered allmulticast mode [ 212.127693][T15929] bridge0: entered promiscuous mode [ 212.127702][T15929] bridge0: entered allmulticast mode [ 212.127954][T15929] vcan0: entered promiscuous mode [ 212.127961][T15929] vcan0: entered allmulticast mode [ 212.128070][T15929] bond0: entered promiscuous mode [ 212.128076][T15929] bond_slave_0: entered promiscuous mode [ 212.128120][T15929] bond_slave_1: entered promiscuous mode [ 212.128156][T15929] bond0: entered allmulticast mode [ 212.128160][T15929] bond_slave_0: entered allmulticast mode [ 212.128165][T15929] bond_slave_1: entered allmulticast mode [ 212.129527][T15929] team0: entered promiscuous mode [ 212.129535][T15929] team_slave_0: entered promiscuous mode [ 212.129576][T15929] team_slave_1: entered promiscuous mode [ 212.129616][T15929] team0: entered allmulticast mode [ 212.129621][T15929] team_slave_0: entered allmulticast mode [ 212.129625][T15929] team_slave_1: entered allmulticast mode [ 212.129994][T15929] dummy0: entered promiscuous mode [ 212.130001][T15929] dummy0: entered allmulticast mode [ 212.130195][T15929] nlmon0: entered promiscuous mode [ 212.130201][T15929] nlmon0: entered allmulticast mode [ 212.153049][T15929] caif0: entered promiscuous mode [ 212.153058][T15929] caif0: entered allmulticast mode [ 212.153066][T15929] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 212.828649][T15956] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3667'. [ 213.975992][T15971] fuse: Unknown parameter 'use00000000000000000000' [ 214.008180][T15977] loop7: detected capacity change from 0 to 128 [ 214.016386][T15977] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 214.150377][T12392] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 214.224574][ T31] audit: type=1326 audit(215.171:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15988 comm="syz.7.3679" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 214.224613][ T31] audit: type=1326 audit(215.171:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15988 comm="syz.7.3679" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 214.224641][ T31] audit: type=1326 audit(215.171:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15988 comm="syz.7.3679" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=223 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 214.224658][ T31] audit: type=1326 audit(215.171:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15988 comm="syz.7.3679" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 214.568679][T15997] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 214.568852][T15997] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 214.931512][T16012] overlayfs: failed to clone upperpath [ 215.476687][T16039] loop7: detected capacity change from 0 to 128 [ 215.486047][T16039] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 215.515540][T12392] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 215.604550][T16052] loop7: detected capacity change from 0 to 128 [ 215.723478][T16053] netlink: 79 bytes leftover after parsing attributes in process `syz.1.3705'. [ 215.869410][T16060] ================================================================== [ 215.869428][T16060] BUG: KASAN: use-after-free in __xfrm_state_insert+0x794/0x11a4 [ 215.869448][T16060] Read of size 1 at addr ffff0000f7811cb0 by task syz.7.3707/16060 [ 215.869456][T16060] [ 215.869460][T16060] CPU: 1 UID: 0 PID: 16060 Comm: syz.7.3707 Not tainted syzkaller #0 PREEMPT [ 215.869468][T16060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 215.869473][T16060] Call trace: [ 215.869476][T16060] show_stack+0x2c/0x3c (C) [ 215.869485][T16060] __dump_stack+0x30/0x40 [ 215.869492][T16060] dump_stack_lvl+0xd8/0x12c [ 215.869498][T16060] print_address_description+0xa8/0x238 [ 215.869508][T16060] print_report+0x68/0x84 [ 215.869517][T16060] kasan_report+0xb0/0x110 [ 215.869528][T16060] __asan_report_load1_noabort+0x20/0x2c [ 215.869536][T16060] __xfrm_state_insert+0x794/0x11a4 [ 215.869543][T16060] xfrm_state_insert+0x5c/0x78 [ 215.869551][T16060] ipcomp6_init_state+0x4b8/0x778 [ 215.869558][T16060] __xfrm_init_state+0x8c4/0x12b8 [ 215.869566][T16060] xfrm_init_state+0x24/0xbc [ 215.869574][T16060] pfkey_add+0x1460/0x224c [ 215.869581][T16060] pfkey_sendmsg+0x9c0/0xd74 [ 215.869587][T16060] ____sys_sendmsg+0x490/0x7b8 [ 215.869599][T16060] ___sys_sendmsg+0x204/0x278 [ 215.869604][T16060] __sys_sendmmsg+0x1f4/0x548 [ 215.869609][T16060] __arm64_sys_sendmmsg+0xa0/0xbc [ 215.869614][T16060] invoke_syscall+0x98/0x254 [ 215.869621][T16060] el0_svc_common+0x130/0x23c [ 215.869627][T16060] do_el0_svc+0x48/0x58 [ 215.869633][T16060] el0_svc+0x5c/0x254 [ 215.869644][T16060] el0t_64_sync_handler+0x84/0x12c [ 215.869654][T16060] el0t_64_sync+0x198/0x19c [ 215.869661][T16060] [ 215.869663][T16060] The buggy address belongs to the physical page: [ 215.869667][T16060] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x137811 [ 215.869674][T16060] flags: 0x5ffc00000000000(node=0|zone=2|lastcpupid=0x7ff) [ 215.869683][T16060] raw: 05ffc00000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 215.869689][T16060] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000 [ 215.869692][T16060] page dumped because: kasan: bad access detected [ 215.869695][T16060] [ 215.869697][T16060] Memory state around the buggy address: [ 215.869700][T16060] ffff0000f7811b80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 215.869705][T16060] ffff0000f7811c00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 215.869709][T16060] >ffff0000f7811c80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 215.869712][T16060] ^ [ 215.869716][T16060] ffff0000f7811d00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 215.869720][T16060] ffff0000f7811d80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 215.869723][T16060] ================================================================== [ 215.869742][T16060] Disabling lock debugging due to kernel taint [ 215.869757][T16060] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 215.869765][T16060] Mem abort info: [ 215.869770][T16060] ESR = 0x0000000096000046 [ 215.869777][T16060] EC = 0x25: DABT (current EL), IL = 32 bits [ 215.869784][T16060] SET = 0, FnV = 0 [ 215.869789][T16060] EA = 0, S1PTW = 0 [ 215.869795][T16060] FSC = 0x06: level 2 translation fault [ 215.869801][T16060] Data abort info: [ 215.869806][T16060] ISV = 0, ISS = 0x00000046, ISS2 = 0x00000000 [ 215.869812][T16060] CM = 0, WnR = 1, TnD = 0, TagAccess = 0 [ 215.869819][T16060] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 215.869826][T16060] user pgtable: 4k pages, 48-bit VAs, pgdp=000000012f63b000 [ 215.869834][T16060] [0000000000000000] pgd=0800000134a75403, p4d=0800000134a75403, pud=080000013fe96403, pmd=0000000000000000 [ 215.869864][T16060] Internal error: Oops: 0000000096000046 [#1] SMP [ 215.925989][T16060] Modules linked in: [ 215.926651][T16060] CPU: 1 UID: 0 PID: 16060 Comm: syz.7.3707 Tainted: G B syzkaller #0 PREEMPT [ 215.928412][T16060] Tainted: [B]=BAD_PAGE [ 215.929104][T16060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 215.930660][T16060] pstate: 03400005 (nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) [ 215.931911][T16060] pc : __xfrm_state_insert+0xe00/0x11a4 [ 215.932780][T16060] lr : __xfrm_state_insert+0xe00/0x11a4 [ 215.933626][T16060] sp : ffff8000a1da71d0 [ 215.934353][T16060] x29: ffff8000a1da7200 x28: dfff800000000000 x27: 1fffe0001ef02336 [ 215.935684][T16060] x26: ffff0000cc4b8470 x25: 0000000000000000 x24: ffff0000cc4b8468 [ 215.936988][T16060] x23: ffff0000f78119b0 x22: ffff0000cc4b8770 x21: ffff0000f78119a8 [ 215.938317][T16060] x20: ffff0000cc59a440 x19: ffff0000cc4b8440 x18: 1fffe00033793888 [ 215.939653][T16060] x17: 3d3d3d3d3d3d3d3d x16: ffff80008b020820 x15: 0000000000000001 [ 215.940939][T16060] x14: 1ffff00012613f04 x13: 0000000000000000 x12: 0000000000000000 [ 215.942156][T16060] x11: 0000000000080000 x10: fffffffffffffff8 x9 : ffff8000975d78e0 [ 215.943373][T16060] x8 : 0000000000000001 x7 : 0000000000000001 x6 : ffff80008056536c [ 215.944688][T16060] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff800089d8c6f8 [ 215.946004][T16060] x2 : 0000000000000001 x1 : 0000000000000008 x0 : 0000000000000001 [ 215.947299][T16060] Call trace: [ 215.947817][T16060] __xfrm_state_insert+0xe00/0x11a4 (P) [ 215.948632][T16060] xfrm_state_insert+0x5c/0x78 [ 215.949346][T16060] ipcomp6_init_state+0x4b8/0x778 [ 215.950161][T16060] __xfrm_init_state+0x8c4/0x12b8 [ 215.950926][T16060] xfrm_init_state+0x24/0xbc [ 215.951692][T16060] pfkey_add+0x1460/0x224c [ 215.952407][T16060] pfkey_sendmsg+0x9c0/0xd74 [ 215.953151][T16060] ____sys_sendmsg+0x490/0x7b8 [ 215.953922][T16060] ___sys_sendmsg+0x204/0x278 [ 215.954666][T16060] __sys_sendmmsg+0x1f4/0x548 [ 215.955394][T16060] __arm64_sys_sendmmsg+0xa0/0xbc [ 215.956198][T16060] invoke_syscall+0x98/0x254 [ 215.956915][T16060] el0_svc_common+0x130/0x23c [ 215.957632][T16060] do_el0_svc+0x48/0x58 [ 215.958343][T16060] el0_svc+0x5c/0x254 [ 215.959042][T16060] el0t_64_sync_handler+0x84/0x12c [ 215.959806][T16060] el0t_64_sync+0x198/0x19c [ 215.960530][T16060] Code: aa1903e0 52800101 f9000315 9790e35b (c89fff38) [ 215.961673][T16060] ---[ end trace 0000000000000000 ]--- [ 216.284184][T16060] Kernel panic - not syncing: Oops: Fatal exception in interrupt [ 216.285306][T16060] SMP: stopping secondary CPUs [ 216.286028][T16060] Kernel Offset: disabled [ 216.286759][T16060] CPU features: 0x080000,0000f000,21381141,5427fea7 [ 216.287896][T16060] Memory Limit: none [ 216.592298][T16060] Rebooting in 86400 seconds..