last executing test programs: 13.474191127s ago: executing program 2 (id=1201): socket(0x840000000002, 0x3, 0xfa) syz_open_dev$tty1(0xc, 0x4, 0x2) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) getsockopt$inet6_tcp_buf(r0, 0x106, 0x1a, 0x0, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) socket$can_j1939(0x1d, 0x2, 0x7) read$rfkill(0xffffffffffffffff, 0x0, 0x0) 12.550240743s ago: executing program 4 (id=1204): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x81}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file3\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_DEL_MIF(r3, 0x29, 0xc8, 0x0, 0xc000000) setsockopt$MRT6_ADD_MFC_PROXY(r3, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x1}, 0x5c) r4 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_FLUSH(r4, 0x29, 0xd4, &(0x7f0000000180)=0x5, 0x4) 12.321549102s ago: executing program 2 (id=1206): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x101005, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff3, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6364, 0x5, 0xfffffffd, 0x40000006}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0xe}, {0x2, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x3}}]}, 0x38}}, 0x4008000) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 10.75541898s ago: executing program 4 (id=1208): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='environ\x00') preadv(r3, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0xc002a0, 0x0) 9.665251399s ago: executing program 4 (id=1212): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x4000000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0) 9.654685879s ago: executing program 0 (id=1213): r0 = socket$rxrpc(0x21, 0x2, 0xa) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bind$rxrpc(r0, &(0x7f0000000000)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e22, 0x80000000, @mcast1, 0x4}}, 0x24) r4 = syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5883, 0x8, 0x0, 0xfffffdfc}, &(0x7f00000000c0)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0) 8.314451219s ago: executing program 4 (id=1215): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x5, 0xb}, {0xb}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x2404c020}, 0x4008000) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 8.314229989s ago: executing program 2 (id=1216): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xf0, &(0x7f0000000100)={&(0x7f0000000280)=@newlink={0x20, 0x10, 0x401, 0x0, 0x0, {0x0, 0x48, 0x0, r1, 0x21eae}}, 0x20}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x26e1, 0x0) close(r3) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$SIOCSIFHWADDR(r3, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="060000000010"}) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) r4 = socket$kcm(0x10, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$kcm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) 8.147906573s ago: executing program 0 (id=1217): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, 0x0, &(0x7f0000000180)) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x101540, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETOFFLOAD(r4, 0x400454c9, 0xba98575a95aeb70d) ioctl$TUNSETLINK(r4, 0x400454cd, 0x301) getsockopt$bt_hci(r3, 0x84, 0x80, 0x0, &(0x7f00000010c0)) 8.051529911s ago: executing program 1 (id=1218): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) io_uring_setup(0xdac, &(0x7f0000000180)) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r3, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @private2}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000280)={r4, 0x8}, &(0x7f00000002c0)=0x8) 6.549279414s ago: executing program 1 (id=1219): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x281}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) unshare(0x22020600) r3 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f0000000000)='cpu.stat\x00', 0x300, 0x0) read$FUSE(r5, &(0x7f0000000480)={0x2020}, 0x2020) 6.043446056s ago: executing program 0 (id=1220): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0xf, 0xb, 0x4}}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850) r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r7) socket$unix(0x1, 0x1, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 5.563700704s ago: executing program 1 (id=1221): syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[], 0x14}}, 0x0) 5.355133041s ago: executing program 3 (id=1223): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3}) r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000340)={0xda2, 0x8166, 0x6}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000140)={0x9, 0x1002, 0x800}) dup(r2) close_range(r0, 0xffffffffffffffff, 0x0) 5.324721674s ago: executing program 3 (id=1224): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000003c0)={{r3, 0xffffffffffffffff}, &(0x7f0000000500), &(0x7f00000000c0)='%pS \x00'}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000240)={r4}, 0x4) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x11, &(0x7f0000000540)=ANY=[@ANYBLOB="180200000000000000000000030000008500000017000000b7080000000000007b8af8ff00000000b7080000000000807b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000080)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc09b6f2609", 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 4.51963772s ago: executing program 1 (id=1225): syz_mount_image$exfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x2, 0x1509, &(0x7f0000001c40)="$eJzs3Au0jtXWOPA511oPm8Sb5L7mmg9vclkkSS4JiSRJjiS5JSRJkoTEJrckJCH3JPeQ3EJyv99yT5IjSZKQkGT9h079nXM63+l83znn842z52+MZ+w19/vO+c5nz733+zxrjL2/7jCoSr2qleowM/xT8E8fUgEgBQD6AkAWAIgAoGTWklkBh0IGjan/3IuIf60Hpl7pDsSVJPNP22T+aZvMP22T+adtMv+0Teaftsn80zaZvxBp2dZpua6RI+0e/3v7/yD7///nyPv/f5DDRUd/vr7odR3/Gyky/7RN5p+2yfzTNpl/2ibzT9tk/v/hIoCKf+dhmX/aJvMXIi270vvPclzZ40p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPy6vtJ9CSGEEEIIIYQQ4l8npP/zKN2Va0QIIYQQQgghhBD/RggKNBiIIB2khxTIABnhKsgEV0NmyAIJuAaywrWQDa6D7JADckIuyA15IC9YIHDAEEM+yA9JuB4KwA1QEApBYSgCHopCMbgRisNNUAJuhpJwC5SCW6E0lIGyUA5ug/JwO1SAilAJ7oDKcCdUgapwF1SDu6E63AM14F6oCfdBLbgfasMfoA48AHXhQagHD0F9eBgaQENoBI2hyf8o/3noAi9AV+gGqdAdesCL0BN6QW/oA33hJegHL0N/eAUGwEAYBK/CYHgNhsDrMBSGwXB4A0bASBgFo2EMjIVx8CaMh7dgArwNE2ESTIYpMBWmwXR4B2bATJgF78JseA/mwFyYB/NhAbwPC2ERLIYPYAl8CEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+Ej2AbbYQfshF2wG/bAx7AXPoF98Cnsh8/+Oj/L388/+1f5HREQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jArJgVs2E2zI7ZMSfmxNyYG/NiXiQkZGTMh/kwiUksgAWwIBbEwlgYPXoshsWwON6EJbAElsSSWApLYWksg2WwHJbD8lgeK2AFrISVsDJWxipYBe/Cu/BurI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT2sj/WxATbARtgIm2ATbIpNsRk2wxbYAltiS2yFrbA1tsY22AbbYltsh+2wPbbHDtgBO2In7ITP4/P4Ar6A3bCy6o49sAf2xJ7YG/tgH3wJ++HL+DK+ggNwIA7CV/FVfA2H4BkcisNwOA7H8mokjsLRyGosjsNxOB7H4wScgBNxEk7CKTgVp+F0nI4zcCbOxHdxNr6H7+FcnIvzcQEuwIW4CBfjYlyCZ3EpLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAt+hB/hdtyOO3En7sbd+DF+jJ/gJzgA9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwv4bO4v6+4utG4AqEuMMiqdSqdSVIrKqDKqTCqTyqwyq4RKqKwqq8qmsqnsKrvKqXKq3Cq3yqvyKlKkWMUqn8qnkiqpCqgCqqAqqAqrwsorr4qpYqq4Kq5KqBKqpLpFlVK3qtKqjGruy6lyqrxq4SuoiqqSqqQqqztVFVVVVVXVVDVVXVVXNVQNVVPVVLXU/aq26o698QF1aTL11ECsrwZhA9VQNVKN1Wv4iGqqhmAz1Vy1UI+pYTgUW6mmvrV6UrVRo7CtelqNxmdUezUWO6jnVEfVSXVWz6suqpnv+ut2p5qCPVUv1Vv1UTPwTnVpYlXUK2qAGqgGqVfVfHxNDVGvq6FqmBqu3lAj1Eg1So1WY9RYNU69qcart9QE9baaqCapyWqKmqqmqenqHTVDzVSz1LtqtnpPzVFz1Tw1Xy1Q76uFapFarD5QS9SHaqlapparFWqlWqVWqzVqrVqn1qsNaqPapDarLWqr+khtU9vVDrVT7VK71R71sdqrPlH71Kdqv/pMHVB/VAfV5+qQ+kIdVl+qI+ordVR9rY6pb9Rx9a06oU6qU+o7dVp9r86os+qc+kGdVz+qC+ondVEFBRq10lobHel0Or1O0Rl0Rn2VBn21zqyz6IS+RmfV1+ps+jqdXefQOXUunVvn0Xm11aSdZh3rfDq/TurrdQF9gy6oC+nCuoj2uqgupm/UxfVNuoS+WZfUt+hS+lZdWpfRZXU5fZsur2/XFXRFXUnfoSvrO3UVXVXfpavpu3V1fY+uoe/VNfV9upa+X9fWf9B19AO6rn5Q19MP6fr6Yd1AN9SNdGPdRD+im+pHdTPdXLfQj+mW+nHdSj+hW+sndRv9lG6rn9bt9DO6vX5Wd9DP6Y66k+6sf9IXddBddTedqrvrHvpF3VP30r11H91Xv6T76Zd1f/2KHqAH6kH6VT1Yv6aH6Nf1UD1MD9dv6BF6pB6lR+sxeqwep9/U4/VbeoJ+W0/Uk/RkPUVP1dN0718qzfoH8t/6G/n9f371LXqr/khv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+gv9On9ff6jD6rz+of9Hl9Xl/45WsABo0y2hgTmXQmvUkxGUxGc5XJZK42mU0WkzDXmKzmWpPNXGeymxwmp8llcps8Jq+xhowzbGKTz+Q3SXO9KWBuMAVNIVPYFDHeFDXFzI3/dP7v9dfENDFNTVPTzDQzLUwL09K0NK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1Xk2pSTQ/zoulpepnepo/pa14y/Uw/09/0NwPMADPIDDKDzWAzxAwxQ81QM9wMNyPMCDPKjDJjzBgzzowz4814M8FMMBPNRDPZTDZTzVQz3Uw3M8wMM8vMMrPNbDPHzDHzzDyzwCwwC81Cs9gsNkvMErPULDPLzAqzwqwyq8was8asM+vMBrPBbDKbzFKz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWFzxBwxR81Rc8wcM8fNcXPCnDCnzClz2pw2Z8wZc86cM+fNeXPBXDAXzcVLl32RilRkIhOli9JFKVFKlDHKGGWKMkWZo8xRIkpEWaOsUbbouih7lCPKGeWKckd5olSwEUUu4iiO8kX5o2R0fVQguiEqGBWKCkdFIh8VjYpFN0bFo5uiEtHNUcnolqhUdGtUOioTlY3KRbdF5aPbowpRxahSdEdUObozqhJVje6KqkV3R9Wje6Ia0b1Rzei+qFZ0f1Q7+kNUJ3ogqhs9GNWLHorqRw9HDaKGUaOocdTkX1o/hDM5HvVdbTebarvbHvZF29P2sr1tH9vXvmT72Zdtf/uKHWAH2kH2VTvYvmaH2NftUDvMDrdv2BF2pB1lR9sxdqwdZ9+04+1bdoJ92060k+xkO8VOtdPsdPuOnWFn2ln2XTvbvmfn2Ll2np1vF9j37UK7yC62H9gl9kO71C6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9V+ZLfZ7XaH3Wl32d12j/3Y7rWf2H32U7vffmYP2D/ag/Zze8h+YQ/bL+0R+5U9ar+2x+w39rj91p6wJ+0p+509bb+3Z+xZe87+YM/bH+0F+5O9aMOli/tLb+9kyFA6SkcplEIZKSNlokyUmTJTghKUlbJSNspG2Sk75aSclJtyU17KS5cwMeWjfJSkJBWgAlSQClJhKkyePBWjYlScilMJKkElqSSVolJUmkpTWSpLt9FtdDvdThWpIt1Bd9CddCdVpapUjapRdapONagG1aSaVItqUW2qTXWoDtWlulSP6lF9qk8NqAE1okbUhJpQU2pKzagZtaAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSZ+pMXagLdaWulEqp1IN6UE/qSb2pN/WlvtSP+lF/6k8DaAANokE0mAbTEBpCQ2kYDac3aASNpFE0msbQWBpH42g8jacJNIEm0kSaTJNpKk2l6TSdZtAMmkWzaDbNpjk0h+bRPFpAC2ghLaTFtJiW0BJaSktpOS2nlbSSVtNqWktraT2tp420kTbTZtpKW2kbbaMdtIN20S7aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6QSfoFJ2i03SaztAZOkfn6Dz9SBfoJ7pIgVKcgozuKpfJXe0yuywuxWVwl+IIAC7FOV0ul9vlcXmdddldjr+IyTlX0BVyhV0R511RV8zd+Ju4tCvjyrpy7jZX3t3uKvwmrubudtXdPa6Gu9dVdXf9RVzT3edquYdcbfewq+MaurqusavnHnL13cOugWvoGrnGrqV73LVyT7jW7knXxj31m3ihW+TWunVuvdvg9rpP3Dn3gzvqvnbn3Y+uq+vm+rqXXD/3suvvXnED3MDfxMPdG26EG+lGudFujBv7m3iym+KmumluunvHzXAzfxMvcO+72W6xm+Pmunlu/s/xpZ4Wuw/cEvehW+qWueVuhVvpVrnVbs3/73WF2+Q2uy1uj/vYbXPb3Q630+1yu3+OL53HPvep2+8+c0fcV+6g+9wdcsfcYfflz/Gl8zvmvnHH3bfuhDvpTrnv3Gn3vTvjzv58/pfO/Tv3k7voggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5AlfkSnwHVw6Bq3BVvour8d1cne/hGnwv1+T7uBbfz7X5D1yHH+C6/CDX44e4Pj/MDbghN+LG3IQf4ab8KDfj5tyCH+OW/Di34ie4NT/JbfgpbstPczt+htvzs9yBn+OO3Ik78/PchV/grtyNU7k79+AXuSf34t7ch/vyS9yPX+b+/AoP4IE8iF/lwfwaD+HXeSgP4+H8Bo/gkTyKR/MYHsvj+E0ez2/xBH6bJ/IknsxTeCpP4+n8Ds/gmTyL3+XZ/B7P4bk8j+fzAn6fF/IiXswf8BL+kJfyMl7OK3glr+LVvIbX8jpezxt4I2/izbyFt/JHvI238w7eybt4N+/hj3kvf8L7+FPez5/xAf4jH+TP+RB/wYf5Sz7CX/FR/pqP8Td8nL/lE3yST/F3fJq/5zN8ls/xD3yef+QL/BNf5MAQY6xiHZs4itPF6eOUOEOcMb4qzhRfHWeOs8SJ+Jo4a3xtnC2+Ls4e54hzxrni3HGeOG9sY4pdzHEc54vzx8n4+rhAfENcMC4UF46LxD4uGheLb4yLxzfFJeKb45LxLXGp+NYYUsvED91bLr4tLh/fHleIK8aV4jviyvGdcZW4anxXXC2+O64e3xPXiO+NS8T3xbXi++Pa8R/iOvEDcd34wbhe/FBcP344bhA3jBvFjeMm8SNx0/jRuFncPG4RPxa3jB+PW8VPxK3jJ+M28VO/+3hq3D3uEb8YvxiHcI/65T4xuTC5KLk4+UFySfLD5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTm5JZkCFXTg0evvPbGRz6dT+9TfAaf0V/lM/mrfWafxSf8NT6rv9Zn89f57D6Hz+lz+dw+j8/rrSfvPPvY5/P5fdJf7wv4G3xBX8gX9kW890V9Md/YN/FNfFP/qG/mm/sW/jH/mH/cP+6f8E/4J30b/5Rv65/27fwzvr1/1j/rn/MdfSff2T/vu/gXfFffzaf6VN/D9/A9fU/f2/f2fX1f38/38/19fz/AD/CD/CA/2A/2Q/wQP9QP9cP9cD/Cj/Cj/Cg/xo/x4/w4P96P9xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD+74Gw/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/hD/sv/RH/lT/qv/bH/Df+uP/Wn/An/Sn/nT/tv/dn/Fl/zv/gz/sf/QX/k7/ogx+XeDMxPvFWYkLi7cTExKTE5MSUxNTEtMT0xDuJGYmZiVmJdxOzE+8l5iTmJuYl5icWJN5PLEwsSixOfJBYkvgwsTSxLLE8sSKxMrEqEUKebXHIF/KHZLg+FAg3hIKhUCgcigQfioZi4cZQPNwUSoSbQ8lwSygVbg2lQ5lQNjwcGoSGoVFoHJqER0LT8GhoFpqHFuGx0DI8HlqFJ0Lr8GRoE54KbcPToV14JrQPz4YO4bnQMXQKncPzoUt4IXQN3UJq6B56hBdDz9Ar9A59Qt/wUugXXg79wythQBgYBoVXw+DwWhgSXg9Dw7AwPLwRRoSRYVQYHcaEsWFceDOMD2+FCeHtMDFMCpPDlDA1TAvTwzthRpgZZoV3w+zwXpgT5oZ5YX5YEN4PC8OisDh8EJaED8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBR2Ba2hx1hZ9gVdoc94eOwN3wS9oVPw/7wWTgQ/hgOhs/DofBFOBy+DEfCV+Fo+DocC9+E4+HbcCKcDKfCd+F0+D6cCWfDufBDOB9+DBfCT+Gi/M2aEEIIIcQ/RP/O493/xufSAcCvt0Q9AODq7bkO/3XNjdn/tO6lcrdMAMCT3To88OtRuXJqauovz12qIco/FwASf1n/13gZtIDHoTU0h+J/s79eqtN5/p36yVsAMv5ZTgpcji/Xv+m/qP/IY8MXlorPZf079ecCFMx/OScDXI4v1y/xX9TP0fR3+s/w+TiAZn+Wkwkux5frF4NH4Slo/RfPFEIIIYQQQggh/qSXKtvu9+6fL92f5zaXc9LD5fj37s+FEEIIIYQQQghx5T3TqfMTj7Ru3bzdP7bAX/YF/ntZspDFf84iwy8/Ov9X+vk3La7kbyUhhBBCCCHEv8Pli/4r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF2/W/8O7ErfY5CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfb/AgAA//+wBDLo") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x200}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) 4.447319506s ago: executing program 2 (id=1226): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0x1, 0x5, 0x7fffffff}]}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x15, 0xf, &(0x7f00000005c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0xb}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x86}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x2a}}}, &(0x7f0000000080)='GPL\x00', 0x7, 0xff4, &(0x7f0000000cc0)=""/4084, 0x41100, 0x2f}, 0x94) openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000011c0), 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) memfd_create(&(0x7f0000000000)='-&:{-\xaa]{\x00', 0x2) socket(0x2c, 0x3, 0x0) syz_clone3(&(0x7f0000000080)={0x801400, &(0x7f0000000040), 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58) socket$inet6_icmp(0xa, 0x2, 0x3a) syz_open_procfs(0x0, &(0x7f0000000480)='numa_maps\x00') r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={r1, 0x0, 0x3}) writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1) 4.373308922s ago: executing program 3 (id=1227): socket$nl_generic(0x10, 0x3, 0x10) syz_open_dev$tty20(0xc, 0x4, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket$inet6(0xa, 0x2, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[0x0], 0x1}) r2 = socket$phonet_pipe(0x23, 0x5, 0x2) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, 0x0, &(0x7f0000000200)=r2}, 0x1e) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000002c0)}) 4.235173613s ago: executing program 0 (id=1228): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x101005, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff3, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x100, 0x7, 0x6364, 0x5, 0xfffffffd, 0x40000006}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x5, 0x40000000, 0x4, 0x2, 0x1, 0x7}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0xe}, {0x2, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x3}}]}, 0x38}}, 0x4008000) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 4.234801093s ago: executing program 2 (id=1229): pipe2(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = eventfd2(0x0, 0x0) io_setup(0x6, &(0x7f0000000040)=0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000002a00)='./file0\x00', 0x40, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r3, &(0x7f0000006380)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r3, &(0x7f0000000100)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0xa8c05c84}}, 0x50) syz_fuse_handle_req(r3, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x2, {0x0, 0x1e}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1, 0x100) syz_fuse_handle_req(r3, &(0x7f000000c400)="607c424c161248e6b3982c332e5a53f7e1f5674a681b84ca12631a064bd55c491cf009355206951a2bd7448408d17847529a281feb61c58986bfdeca33e6bfb043de23fd616e61626a986afdb65ca23952aa3dd0e592c417ba1fda15c1ff28f4bea097cf92fa58e28cdefe0c716f8068ae774fdc28b8e9e89839d65da279b671a1feeb5619df322a26c6f240bbd2954ea7020fe33312348dce2481d0bca2511b36dba71a83a9cccce465a5a2062a1e69a0fad759d6e5075f9c264bf5dc640b0d7f967a93a489d3158df6cf1f96ef4dbaca47e0b39d59e08def305f695600159dd5c693bf9626badfb15b1a37f668a1c0d2132aefdb6a279135b9f29a8f55a35d66f0ebc18292ba4037ece499b30b585b6d85b61b20ef2d01b85552b5bdf1f96480f1b956c5bc8e95cf6f7ad7d15b87ea864c440dbf571165d117ce49c8c60087509b5376d8fb571bf7bcae5a355fd7cb1cd41106bb4582b0b4bfcf06fecd57d778c7faaf29a9c226d0aa5b5a607b3b33103bf5008e0f3d7c319014a7d5d5a6c91d33965605bcc453bc66962ec1d87f70f839fe01c80e3ae6a07ee6439548c1b19e9885cfe29d60246daf2ebab9805daafad6f60aafffec1249834cacd53e31b7e4b13ef2b3715b37376d211eba089829c9eaf9ca902f0c9e0e14b64962cee19f5e02e69fe9048adbea1bad2dc347f5c2aac4cba17e69e030259f8d3d9390ecef238ffb9562134d1b3cf86e81112bd007fe431a0a480f23262e933f4349af5918315cc8cf483720fdf44d5ac2c5e422b49576ea4e9b07a0cc368fac9fcf57de0721fb3b4c554c84f7898da75690393bb0a53a141432622db4a61efd0c9d633338485e212818042c3549e1f3fe6152c439ccdf1162cbae74d489eab1a730bdc558241a704807242a695376151c784d1df963455381b7cb454a129b30ca158088c34e1b3660702970a47f0a7b9da03782135cdc696b61a7b51b4348c4f0b9e2751b4b92a5890408e179f04790be1b56a7df2e348d66aa9d5af4700ecac39771793a28b54112a9c25a33640054721cf71c89a26de519b11d9159006cec6acf15622c9e52df4f4b4a35c495ca419467b2f98deafbe9d27a6972e94187ee4ae51d39509d79d6bf931b25b01dfdb2d533966a23601110652828c5102d53b6b1c2da81f77a2835817555e7522850c7a3077118b11a4bea17b67cddb9b07b2837ac3396a1a090fc97a7eca264a18bb8b117f6bfa1bdfe7a42174605e48a9c96b0f05bb6452a8636d61e5943444404c28202b8a74ca46927309f188afb8122c0dee378d56d95b7bc2c7d0ee63d06c1f5662aed4ca5976021f2a5f2da25644e117a6af80ffbda568c931424cd85c59fa3256bf5158657419234994284130905ee6694c21fc413c58a93226ef0175a073d8c9c17e1717326b70920e4a9fbb14a44e9badda9bb22283cc8b61242ff082e26a6eb2dc05d02945d8f4e385d7e47e27717d39869de3e28ed9c43d6a0a95662a6a9527e46023a974367efa0b933c4d34714a31436c82647b1f969b204af2cdb817af8b89d2cbb46cab4ea55860df1b58e5b33f4603b4015e14c2a039819b21efc39627c3b95e4bb9b44a7ca13d0f8e0ce0161710ff0fe85cdc3793843fa31e55e5c95120f4bbb15d4d1debf267ad3f0a391dae1bfc847e0b57d7c230f1389297950171f287aa8aaccee8eabc38d5b04cd93ca5e259404b9883af7d2282406574d73cc2f31dbdbecb8574189f957707646d4e2304d3aa0c7899a58c3acd88a1f2267b3b1bb830a6646415e68b903b28bd2520d25da308caa872733918828052ce7e5203df005988b939e6f6c2d8647cc1fe08861490bf0a81e629730b14ec5d8a1926d7a789812cc8f983a9ecb11b821253d1acbb86fb87baaed2a4ad31d341845630cc09dd8360b606317fb0b051c1946518f5be53b7f9b9516ff20191cd8334af50d2d814a372ae75cb69cecd9a0a169e2569bccd80fbb7a2f5fcc7b30ceabb60198cc9470020eebf5ec3f49704ee897213716098974f19b94aa03f292d91431f76bfa5addc08fb2602584aec1c90ba44173db300f641814b6e58989ffe3937ffba080fdb7b2c09d083dce82745b6212c3d7b185cd3d5b32f8498c8a7cf2a3c8f828b2e2bf2dfa4afd06df891e513bc692c44f45a5c0c4a8f1fc405acb7291ae9c2d1a0eb6ed7717a752dd2f38cb5b241fa8c23df1f225eaf28ad59ee7a04c83dcb7a51c44bb53b43e35548c3f8b5d9c5fb2072ab52519f5adc255fb3c2b966f85cbd1d345846878020041b57bbf0072d317755afa133342bf317e4fb9e8cfdc2ae44e5c9f61fe4f4a1d8e760cc07324c72a325746433c464abb619d9e076f532369cf18003f0416c05916ce94bab7b40855a8f0ef754ccf638fd9d443c5cf3fa6819faed3030359f6c79f632ed3eef57d216e927390de8cecc3a2bf44a585a6e8e93eef010845e7161756987afe68604275d8c4f7e9981ef99d4fdece307136e3a297d700a12ecf80d32a4b52c3d25945754cc1f64956749b14250804c7fb07b5206f12d201c4913bbb5a65efcf2b1ae893ff4232bc44c48a73810e0b13b8147b6131bc9461696cbfd5bb23d88768d51d357b51f5cfda761bf2e6101049f1a4ddbd1ac02e68b1eb47bbe72f2cc9d61d97b85c5afc4bb1505d233d31ba134b93104383a3e042e052224792c75aa990ee3fc21500aa643aa0e2b798060e1e8d02bc01c9fd69fe6462846487190c578319404db3a2363458497acc19b4a7cac617172050b4f50b8e9220f2ebbe0fc2606555a5a1b9caab364e4f03f521ae65fdd55134be5b6c1431476e435f6f975361ffd547b6b91fcfb3fbe9aee3eb087d0d53562eb4223546d12f4031b45968422208800b68a825cc3cc2a9c7c5bd2566f5cac43fcf298185fbb7991fc2e6d2106b3d7b90517f77eb157a76c4455a48824e26ba6991b6f5f3594d0159f6f66a6e257bec2ce7fef9ef9461b64b5f37157b4f61fecf173b7ef019d87cfb7c05614b1084682d03bf80f210a2e78715b2a2bd77724ab1c71347736258a23a5376fd16386b3cd3807595062dd3ddf8e57968a72d6ca6e4df5abbfd1978d53644d7926cbaecb4c42c7f2382f41224d960c445a2c609e41220f9279fad5a4abb819573a73d9a2f8c7a4bc7294e4ec39f42a4a7df9f8b49a401401bc9fb816bdd7a01e1218ac400848b059fa85b7b03d0e1fd7607a68469a560b6f924e67354ff7d78a5bf3115a8fe1fa397811635be1905f71e3782c98a20b93bac2925338a482bf490135c73ec33d243b96011e87a3bdf078c57b75427b97f5287bcd22c92cd5dc058b1e2919b932d889f8d1253ea5137c427dca5091d8304e79f27ee5935e197b2fbe7d495d64a910d85d564b4eca20480cd5d52c5a5d83fd5c145844b5e41ed0482cdd860064af4f9d08c37edcb23495f8ab62bb3cc6d8f15d7fe72eca8981bbd01d07d4ba12235d4299674346bbc475521841098aace845ae7d46d3bce0b098d8d1bc05dc1416c1c44d8ef0b7d87ed3ca9bf3b4edeb3305a8ea87c709556679c4e37cdde4d5fa4aba55569dd3804e389206e2447c5ca81f404040be0e08aeaed54fa21e6d21d4897eb516e60406eb324436cd74936f9b214ae26133627aad815ba7f9dd76e2cd984e7e2777437806ad95a8ee9aea7ab8f3f58eba8802bd9aa775aee578d9cdd739f223bb8bcda76b8653d650539bf4fb562cf71bc52849faa9f0749e42515852c29b4dcea9821fa9ebc19f0b299d5a6741393808cfed4af89d790389bce56f757b7c1d6c0fa10a39c3686d0f492ca9701e9ed2ad93947c21ab3cdaf3117e0b46c89046b60293808d0303951317b1bb95db3c5426ef130e7c2a8a0310879c6ad8e054df77655c3e3beab4b058e0a0f8955b490a7319245d1feeb52e12a77215e28c560bb7b59697bd0cf447ca474c22db960a9bece3f147ddb76f5db5bd80bf249a476f8172fba414e30901b0306f9f2176f3698acb81bc20327cc800707d6b0457a3efc74d7d6694e7ff5590ae67b6f6df54de264e351b1824bfbe452e93232b02ee8b367ab500cd7217e0073c132fc936cc309af0cbc57ee5d256f7bae38def34de4e5a77b6c8a97c8d789136f46cec1d852d90f74e04def2fd076639ecda7ea2d74a5690639b3b6152f488dc287d64adf73930253c76d63f4e869628f26f720a176ff7dc48a7f86418f72b90800000000000000950acfbbcc180ee608c6acc7e2892af75b9334688f06f3f7ae5106834f4ad143d497b1e840792365955503822540c895fdb68f3088a17d94f7e5b173ffc4d3a724f28438d2a0c1c74696f702e2f61ef33afb5bd2fdfa067406a7904c3179e434e53bc3cedc4c5178c548650f5b4826a32a4008feace708cee5ba060bd322ba6d0a2e3d069db7c3385845201b124ab7bf9de7353ba2ba1f2c18b3b427b532f39447363bfa2b1ca0e745de7a947ebe3169ef7b707c31cafdb8b1a8ebf3a274f81cce25449f51477461819b2053a8bbca4e46f44b2749bdb9240b495ce742181c2594dfe42a110486d5299ffa766d1b2c50ddc980d3a15aeea321dfdc5aef1333510264351f8e8b7498ced5c70e50e79b8be690a98bd4bccaa8bbae3ac05b631528cc0b1d0bf9c8a1c14da5a9bd44260bcc537833e86e106db62f2c56ec70501a01ddbfd042fd37d39575ab513a786b25fcdf2cc2b57223d13de2fff3abc725650f2321be03732f027f3ab436959928f03af8c9f96f19e1da5c884e9d199f0379b8e9fb3ef3518e117ff044e2cc6b8e9e14d685ff0c4b195b37fa85ff80c5d119f6d31ac3ab307e16f8380afd599eae4a224e89856b8b471fa6e038f5eaca166bea85b27e9748b2d2048f62ed65319fe9d0f23874c494ab525bddf10815a08b1fada0f87796222e10a3563efa8bcff67fc876a1b706a9117747072532673976cb390c35b8ddf911d59cdb00d22a3ed4baafbd8cfbfdf6179ee3de9d969f6029f70f6c3480d85c4a2068756398683400cc1c6280c2333a4155634924ef8831d8295e94c1db27d0d873fddc274cf8636fcedf8c5c4511d26ff1223059485deb6b30bb07afe78fcd800ada038fc7d634f11cc1a3588a4e0a6626b0d0403785e06a6cc4d1aab139e83c476fb18bd1c35a6899776e782bc695cf230965a2b8e2913f36c2065bbed1ad0ce0a1cdf287e177e3c553f22eedc1a537f21ca0c8572ed283e32f5d115761b7dcc0e5ee46485132f1ba962a8eb02b7e5081b8be956dc088eb0cf3fe2f3f117b57e3aaa1fd0d1b60574abc95d6331951425b29560a65afbdc28ac7feb19ce32249f9bd2682bab1266be0bbb47cb1eaa8f6ca8745c6f3749f37f188d4022c4d456b781f7ffef13f5b2b783d04b75bc996156e2bb1d24adb81512661fc46aad337c1167f02449a5ca45d28062814947d81be7b94dcb9823c0b97c1d043c17bd39c4607c0f8f767984486f7174cb03bbc4c9829c5893e50223a4919e9ccc0648317ab28745679fd7babeb36c03d0592204a56f3769c08784114746976363ebb29fe686598b5b6dd314db63b16eec91030f47e49c3a1c19d4e06ddf2e975b03260f0a8b62cd0d65df057c2bddcf856817142913848338c60e855aca9a391688202b990d072fca161d94f2600e378fd3c8a2bd78ede2fa07ed2ed7a4e1ed758816497673b93345363045e07e4d850841d272a41f0daf61c6c84c79155656d3313fa9c7bfa59e9322c25138807e3c149c6c0f898c75511871491ca7ad918357b4e7df8a6b8c569ab5d19d100199c03b34c54e4af091ea534abd4d36f96343ce0f28e8f575b5695afe4c011c5467e5d3ebf72eb3a2ae55e8f97c8c23c96634bcc8897066c019e2922a6842206667b698ef39ec46d0e729845022e54d54acb81192c62f8bd53d09ee800dcb1e253f6d27c508d98ef8b95f2fd13c89d7e7242c5d658deb1fe594d536997d240239e964100ff3cc71659866d085b3d5bc3878f86a9906aae8a01ead30550bb50ee23181cbd2f17d2dd993614b584f21886e8063f37cee9970c795cd0b782f6b5b2cd404dc419279b8a84db5b8b823587413742eaa8e5d404ea27df203e6e9f75822780f41e5f924b1e33b9ee57f3b511207c0612015b4218dc4269531ea374e915376eee68959fc053d00fd0cf5b1bdc5bc8184e9f966e9dde6c30a05fe5d13fb32a4ab0eeca9a8459dea01d892483f8024e1b818a8b05de645aa9e44fcef2f43a799a1aa6961eac7598b27074fd27d6496862c214612b60daec10b632a2a68b7cdc72df1696ae217452308920250b7372b397b84e50ecd4a0b0838d5a96584f9496bef30092a476dac4e28ba38bd11c590c6b57a58316e8f08aafff6a8307299284c49418c9dac0a1009df24b47642fba655a57d7e72d7f37754fecf2e7d1a9549cd7d04f67c368e0cf1a1d6e0588d3a89b43f180250ad051b755b1b87cd9f8441d2f996b1928663c325a6b8126c34c1f25b9e9762019231c90305b503043db1104f5034f8b861aa7bb720ad1f090ee37340fc770cd2d07fbe6046333d3ba23c033189c6bc6c0b08db8634c0de4ad639518977dc4e867167fb2c8d34aae380bffe51064484a849da5b96b31f8e0996dcd53af1668248fc5653b025ecd8ece28efe66b150e6846db69f991456206751522b01852d1a425067dcbe7df6ee136d1baf111d578c03c27fe850e1224235894e5f7e28b7b9899117779ee043228aed882d576f94b444783f66222f50199d8dd735d06ddc17bc29714719f86f228f84783b137d6a7647f1d0acc674c00ba84501b9762ad282e18c2c12e2384b44145ac723fdd44f0bdec2029d7245d0df6d79c7fd3a4d929d6c8b267260660bc3c76b26f374177188df2f6bd52a5e6df4249c9c418432cd238229293038c298cc7a643bc7781d4e19868b78cd6428fe5695bfc5a031ec18240caabd76cd9a1bbad5a308a150cb5dc5734854939a11fc7ffc0588806f811c08b6360e00e0d89d46dcaaea53b4218ab08e4e295740bd2bae86a29f008340aab7d062547999af02b3446283f6c61061c6c297fe51ee87103f1d93820d5729b617d9ea081a76a5de01717930e801289219a450eaa2ae9620259fef840e4978a5b76a4226f07185598a82554b9e53d1c74709d36ea44fbbfabfe9b6afa1a69852793381fcd8d5ac2e2590a18e7da8a633fcda5f386a4bac610865d9fb9dd9682c707a5ddabd9d78fe115206a214467bca3039669b3041952a7206c3117c98f195e450d2a6b0c3f97cdb1ec9e669ce8939396a00362ae20fa2f159b4fde006902f9eb68ba6ee188fb0cbe629f198a9c8adaaba607dd32d85ac77ef9795644fe83d5f67a50167994f1500bdbd15d7d09479c46a50a1b5218de7a645b01e2b503b2e5d810dfc99ad83fa5740b2b5d09a5a0d16c2e93ddabe6a7d4d997db41d6ea25ef8482a832aef1321f3bfdd91e303abae6e51a445aecd9623e7985e4e7bd967aaeb05faa4aac89b7f0d081eedeacfaa6f3a2510d1b014c7a5c0dbd4705d1380ec19a761a02d22369a0e1d0555b0cf0e14663ba37a5dba07ee53bedf010c96506fbd9de1d6c74a9ecefbe5ee0742fd7e1c70f8a9b3fcecfd928b9f293c827212838669baadb528b0b7a9f68efe24fa0367edd6217f6d3583f5251020735c84910c2ac5862328532d53c75c10d8ebc4459bfe60c9292923e96f1e35be173bd64c560a25e0d2ee39294963e3169b198bb1610c8ec37a2bb5f743499d4a0e9a1a9dc80bfd9380da77ca5a620a718796489e44b4e8f9cb60b29bda90070662e7bca27e09c170500b64ca1552e0922f14e8cc77c2309cce2d3ceb932e09485df1641fa454945fb536776adcf08282b2029d541839293f51f557f44a05bfa72f612b7a623f9c799a6b6f178afa236fcb466d8547beb195c38ea43275b7a1af02bcea7515ee5033cdf0f398196fccffc70225387a040e8884756d7ab45edb69fc50cba32586b32faa3572367814e0dab7905449698d59d86eed611360a1509620a4bd5c7cab6fd30a550953b985d6ae9e2c02b89de679fdf06ec4c425b99157beb243f0b6065c3b76c692120ab124e7c25db7a07c9f60c111247363ab50270493340b1195c1ef25743e1532c2620373a3cd2343c7321c33be62ea2acba426f8618e26783d0b408fe7d3e06357b0ba08af0ca05a5d386a3f538d810141f4ea85f66f0d162bdf7741f4577c51ec40eb1f202e95ede41eb53614d6b46f0122b0a0be023dcbb1a93725d8ff79425b9ac86577b9bb38813528da4448c5dc552467e78d39e8cc7d8fd934b0a2a1d63635853382066898d3679295d29b87278fb1ce0b6b9069d013700eb3235d10dc77bc7dc954cbfb2aed4a9794efbefd280753f96127db11306310fef9f581240b218db6b656ffa2d1b2a84eea30c45cf7a77864d7ab347c62662bc840b53afd83b01ba798aabc206061beb0102863c434ad99ea616a44704b26e65a1e7649d53b0d91df25298d3772ff7bf35e92b9c21a67e28286d0286e3f6e8cb83f5c11903de217c50fe435d3c276adc479a90bcd5f819d7ec1448549065473194d1d9cb6da75351b859f82207e22aa92e16dba5ebf9b899ae9b93abc6de9e1a236109ca11ed11b943847069082709a92f2968b9b53d262912b5d345c394242a578d5b902eb3f45b696fc75f6509ebe2c9761fd8e45043f8de324f6260cfd77c747cc49f654281234701df8f482094cbf50b87b415ad227539d3a80366d6a79c432004ed688122ac3c4a7955068ef14a6b288a9b3a9b2c33cb9734164b8c012ec1cdb345c666774682bd9d06ce66674a45cc612a5b1e28b85a3e9665f45e724de6a45aaaa4c599e74a1f1be8de9d880beb90be76d45dc6e380fc9e6e9b41e6f5efdb3ac1d7b903e8120a2d2e0fc15e87aa8ae10d5c5f7837f73b2382699d8c2e94b304b2dc800a685412f0c35c5a5c5442a7180f0522aac39aeb9aa93c64001d0172f82ed21219f0d4ea6dc7e839ff61550a8fab76cb2f81405c67d7edd8db11a8ad686fef3048c6b4037fd9ea961bc81f90666ca54d019cbbd06098c123005f020fede4f7a95ef4eae01cad40a1ba2addc2e80a90776e8b2f2725bb4a62b3062885021cdace5aa9cdb56f5b8b7928344187ad61b3bac8a0240fe8051cdf8c85967653a7fe9df37f6becfdbda482062a8bea8525bdc28257fc3cc43a080667527c7b9d6ff2d6e6054da6fe4913c907eb9be1942c2a1a042ff9c7d12fee0fad78aa43a3fe28ec393249eff7cb8ac6c6d498fb210a3b4f405063c652f454727ee293fe3aba485d19f1c1a2fe298884888d301af047fdb61fb17ef85af476cabffe3ca7446bbfde409c1633bf11d9332336072d0e1ad4503a415ed77050bed00483561723938a98477f7f83b9a3fe57b522ab386a3d68090835dbfd58103e32c7af99f85bd413f89fb9f6b3f2687beccc2f76ddb5d8ddb0420c907d8ce28cdebcdd8ce78df9f8a231b2109f912de2530ce32f913eb75900f86d5ea1fb32f0b0a380c29c18db15a7163110eb6f4e0e07c156fbb64e37f84195d1b2bb4e5d8c7bfe7ba6508aeb683fe5ca59dccb0d5b9cd25c5d0430b31d154c20d8f5a9641fbb664b0b9fcefcae4cc64079731cd8bedf5a18a034dfdd99552004c97d0543588bf487a24b41e870b295c20d00cd205bbcbdc3aff52995d8711674305807f287fbd16e328bc5940d969d69d199e03892fed5ab8efa1d19c986c2c099b4a15a52bf29121241eee6d4d7394d4c8c0580121c58af0e382480f202d03ebba20622408b8549d6afeb47be73715c48cbc0b46a9b870a56b20860f7bebb39a5905d2ecc7c0acea16f0b87eaf7a016f7fe45741b8b4012e81c9204c42723720e77767f06be65b59198012de8a2c7ad70de7ae6c90b78c3102908be281744d202718431710f67c365e89a46e056367fb2ce698eff46a6dc3d8e5b1b62d7ca14f27e9716700fa3fbe160200a8277bf1ad5475135dd48f0a7d2b80182b677edeb50627839b74a64f18ef3dcdd7a8dd48cf0c63aaac55eb580722771ffaaf30a91ffd23ad527c20f3a3f4c641c6cbe76631a2fa11bbc8fe66d50c6b8efae11c59731a2c9cf473f7780ef32f8460602b80bb091802b211894c10e334b293514279c139e805af390ffecae49f26cdd0bf492e0b9cc8fa7c919b664c6f7e9fddd24ef55a2c0367f2a9ac3b29b1dc73f375bd26c64a23662efb311fbb089e0d82539ffed684e0345200f96290caf1d9d0ca7a3f6c81b75d6bbe011edfcd56937f1d8a2aac8eeb91891bb12bc6cfd1cb6c8d13a86f4d9001e3e3edda11bc178f62262c7fc3eb0f56dbc2332c3cb8853bd9489dbb484ab7a697df2d28c20187a0a7ae41dbbd07a41e681c8b343eb931629cda8fed7c0b0874179a160a7dd2bd41f0f5e87473e24c625c4d95cd1fc12da3e8fbd646ecadf9571f91f6c3e6f008131b9de4e59c493c1d722daf10c1fc2673c75523f0a4e7a87afa25818b4ce0f929b26078189b6d4d9b616a0360d501bbcdccbd7359ce1bfdc16b054aee1d7dfcbddf38025eae8ac538a78374b412a5a047f9a47f58936db523554d529becfb5e74d02f8f5860dbff4f68b02c553e9975db71173858bf3e861209ecf1dcf4d8ca1206d4a6346fcea5c015b05b6c0d94393dca84d206e6a7d5955a09c12c4c4cdf4db720176cbe323a57c280ce04caca2ab6f97395ac541b3cc80adce0c4e56d04c7be10797532b03b239cf32846b8e4d001dd12755fc36b7434c5e44d9dc4ca9bc2d6e9fab6f5cf12296a83d074842230b2a568f1155b0cd240dcba017eb2c1775b109a4b0e205e04fa514f500cd5f7a82f8f1d4b496aafa710ac8c9ada90da179de2a60a3a1838732d21493e70c91ac891f70b2f747c3609a376b97125e7f50c5b0e75cd608d7b6e69f25eb93fb45f34b8a53579a548c0469e270e58811fa1909164531799752052292acd4c45bb716bbe9060da8860739e00d8a4d11f89e13cd71dfad87230c4ddcf1208a7e66c2b969ad14ff2b1c128c91251a12697db8c240710198a3c32ea1fc84ef634eade28c0c2c36446eda6d1a8594303a0791d58c7bd1a99627c21445f8ec9044f718fe736d582284fd5f6ea0d96d19e0208040f885f1f574d11debefcfd408700146da696084fea8259f485c1060d485de2209bb1a2e8d1e8c5006a53ae031fe64e27380d50a3ae558348e804acc98e78120e5da84fddd0e8f8510ece0f2d27b0d983c24cb4687283863520ac9ab73743bc53765cc997ef7f9366c8a855f10c8680e70598f556d4bcba0e76d28e0be922a02fbc7250569a2b15fe84edc8cbc61f2a7d461567f68853bc712dab4c5eac489936a49b1e1f187965e5be0eff6adc15a61135bf09848154a68e2e8638c45cf6c56458e965d2d3aea14c966160a5d665493d8bc42dbb9f621d99e81d7515918221e63c9da0f242bcb7c9962101097f58df02832448c442e221aab756696bcae1444a49f93dba385cbfa4acaa23572d0a1f9c3d4d52d3f16e23c9b444470711a35c513ce44d286757408c2edd9396cb5d18bc5b52a00", 0x2000, &(0x7f0000001ec0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) io_submit(r2, 0x1, &(0x7f0000002900)=[&(0x7f00000000c0)={0x300000000000000, 0x0, 0x0, 0x5, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, r1}]) close_range(r0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) 4.186338357s ago: executing program 4 (id=1230): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) listen(r1, 0xfffffffb) syz_open_dev$video4linux(0x0, 0x5, 0x0) syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="71756965742c636f6465706167653d69736f383835392d31352c706172743d3078303030303030300000000000000000662c00a20000000700000000ede9debf530c3cc4d04b548919aca0c2937d4da1fc31dc42fc2e3e", @ANYRESDEC=0x0, @ANYRESOCT=r1, @ANYRES16, @ANYRES16], 0x11, 0x2d2, &(0x7f0000000bc0)="$eJzs3U1rE1scx/HfmaRteht6pw+XC3fZa0E3UutG3KRIXoS4ELWJUAwVbQV1YxVXIrp371vwLQhuFN+Arlz5AiIII+fMZJJJJzMxNDMNfj9gmMycM+d/Mg/n/AfsCMAf60rzy9uL3+w/I1VUkV5cljxJNakq6R/9W3uwf7h32Gm3MvbTDRxbyyisaY4V2t1vp9WtKaoR8e23quqD6zAdQRDsfJV0UHYgKJW7+lN40kJ0dbrttcIjy/Z0wnpHJxzHrDFddfVQy2XHAQAoVzT+e9E4X4/m754nbUbD/qkc/yfVLTuAqQsytw6M/y7LCow9vn+7Tf18z6VwdrvXyxLHaXlu6Pu8wjMrMcE0eVmli8VbvL3XaZ/fvdtpeXqmRmSg2Lr7bIWnbk9OtBspuWmGMfpu0meUS64Pc7YP2yPiX5uwxYmZD+aTuW58vVErnv9VA2MPkztS/tCRCuPfGr1H10vfllJ022g0Gl6iyIpr5L+ohUhOL2vpGYl6Z9SKkg8I/Lw4Xa3VoVph7y7k1FoLa+0sJmpt976NqLWeaMv2Jj6bR7c3beaVuWo29F3v1ByY/3s2vk1lXpn9q8ZshkOB+8XD/synN1d1+/SPjRxHulZProl/xYVRof/IvqdhyJOMbS91S5e0fPDo8Z1Kp9O+bxdupizcq8dr5p5LqWVKWPDUX6Oj/qYFhQ8ij9XqDUpFhnruRHdo7x+5he1VVkgHT82ZUMZC82OxJ1IZCwXdo1Cq/kHPLfq+kIBQNDfvCvO/gXxly0327IefMU/PnZBFewzsHDvOgGqJ+qtu6a/fyuCWRmdw4+Zc/5+VzsSrfgY5LfpRnLMhyJr6Waapz7rB838AAAAAAAAAAAAAAAAAAIBZU8R/Jyi7jwAAAAAAAAAAAAAAAAAAAAAAzLr4/b/qvf9X473/d/gvf1fCN7ycyPt/X++L9/8C0/crAAD//zZmik0=") r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x101042, 0x1db) syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x29a, 0x0, 0x82, 0x0, &(0x7f0000000180)) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) writev(r3, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1) 2.471946487s ago: executing program 1 (id=1231): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0xff1ed000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$isdn(0x22, 0x2, 0x10) r4 = socket$isdn(0x22, 0x2, 0x2) dup3(r4, r3, 0x0) syz_open_dev$sndpcmc(&(0x7f0000000300), 0x0, 0x0) getdents64(0xffffffffffffffff, &(0x7f0000002f40)=""/4098, 0x1002) syz_mount_image$udf(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0xa00000, &(0x7f0000000240)={[{@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@iocharset={'iocharset', 0x3d, 'utf8'}}, {}, {@unhide}, {@rootdir={'rootdir', 0x3d, 0x5}}, {@iocharset={'iocharset', 0x3d, 'iso8859-4'}}, {@gid_ignore}, {@shortad}, {@unhide}, {@unhide}]}, 0x3, 0xc43, &(0x7f00000010c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl46nTaZsOhh9AYAOCBuDz21VNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+9ILQ+e7eak98wH199pn4rWxKxcbL8/enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvn5r8vr1hcaZ589u2nx74P3+J44PXBh69uQz3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORornvvfT1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnzn2Fq6mt/6UZ2HL1YDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/iji1Ujxs3dOxLV8n6nuNV+IeLXMH0S8VeZLEan8YpyLeG+b7xGPploU8efl9b+wliar+0H3vnLpa42vzFyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcSnI8Ur//ZH1bjiqMalH7sw9PsDv9w7ZvzpD9lPWfb5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsWL755Iy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaERPRyZX+h906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDUn4r4fqRo/EHzzrpaRKTq344T5S/nonm4zE9Gc6jMl6J5MWerylrzWw+h/exOXyrix5Giv/72nQuer39f59Odr0G89c2NT5+pdfJQd+PA+/1PHD92YWjkc0/vtJy2a8DgpfbMrduN8eGRkbGe1bV89E/2rBvIxy32putExMIbb77emp6emr//hfIrsIvqj9BCqn1cemqhWojagWjGw+n7JvWHdYNiX5XP//cixW+/++/dB37n+V+PX+p8uvOEj5//ycbz/8WtO7rH539ta738/C+f6ds9/5/sWfdi/t1IXy2ivnhzru94RH3hjTdPtm+2bkzdmJo5d+rUl4eGvnz2VN/hiPr19vRUz9KenC4AAAAAAAAAAAAAAACABycV8buRovXjtdSIiNvVeK2BC0PPnnzmUByqxlttGrf92tiVi42XZ2/OzU8tLExNNsZn2tdmJ6fu9XD1arjX+PDIvnTmQx3Z5/Yfqb88O/fGfPvGHy5uu/1o/eLVhcX51rXtN8eRKCKavWsGqwaPD49UjZ5ut2aqqqPbDqb/6PpSEf8RKa6da6TP53V5/P/WEf6bxv8vbd3RHo7//9zRjfF/n+gpWh4zpSJ+Hil+6y+ejs9X7Twad52zXO5vIsXg+c/mcnG4LNdtQ+e9Ap2RgWXZ/4kU//CLzWW74yGf3Ch7+iOd3EdAef2PRYrv/9l349fzus3vf9j++h/duqN9ev/DUz3rjm56X8Guu06+/icjxUtPvh2/Ua35vw98/0f33RsnOoU33s+xT9f/V3vWDeTj/uZedR4AAAAAAAAAAOAR1peK+NtI8cORWnohr7uXv/83uXVH+/T3vz7Vs25yb+Yr+tCFXZ9UAAAAADgg+lIRP4kUNxbfvjOGevP4757xn7+zMf5zOG3ZWv05369U7w3Yyz//6zWQjzux+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dQnqvH8kzvOp74SKV75r+dyuXS8LNedB36g+rV+eXbm5MXp6dl6LLauTk81xuZa16bKuk9FirW//myuW1Tzq3fnm+/M8b4xF/t8pBj5u27Zzlzs3bnJn9ooe7os+4lI8Z9/v7lsnpo6zx1dlT1Tlv2rSPH1f9q+7PGNsmfLst+NFD/6eqNb9mhZtvt+1E9tlH3+2myxD1cFAAAAAAAAAAAAAAAAAACAj5u+VMSfRor/vrl8Zyx/nv+/r+dj5a1v9sz3v8Xtap7/gWr+/52W72f+/+q9Aks7HRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5PKYp4M1LMXV5LK/3l5476pfbMrdvjwyPbVzuSqpqHqvLlT/30mbPnvvTC0PlufnD9vfbpeG3sysXGy7M35+anFhamJhvjM+1rs5NT97yH3dbfarA6AY2br9+avH59oXHm+bObNt8eeL//ieMDF4aePflMt+z48MjIWE+ZWt99H/0uaYf1h6OIv4wUz33vp+mH/RFF7P5cfMh3Z78dqToxWHVifHik6sh0uzWzWG4c7Z6IIqLRU6nZPUcP4FrsSjNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbfvbu+KOL1SPGdY2vpn/sjDnXPwxcvj3311Jmd21HsYx/vQdnORl/EcvEIXLMDrD+K+MdI8bN3TsS/9EfUovMTX4h4tcwfRLwVneudyi/GuYj3tvke8WiqRRH/W17/C2vpnf7yftC9r1z6WuMrM9dne8p27yuP/PPhQTrg96Z6FPGj6o6/lv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxYpXnz3RKrGB98ZU9yeudG40ro63RnW1x371x0zvb6+vt5InWzmnMi5lHM550rO1ZxR5Po5m2XW19cn8uelnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ2DwAAAAAAAAAAAAAAAAAAeLwU1T8pvv2NtbTe35lfeiI6uWI+0Mfe/wcAAP//dsP5HA==") open(&(0x7f0000000580)='./bus\x00', 0x84242, 0x1df2a23c5997fa5f) 2.471317127s ago: executing program 3 (id=1232): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) fcntl$setpipe(r0, 0x407, 0x1) r4 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r4, 0x29, 0x1000000000021, 0x0, 0x0) sendmsg$inet6(r4, &(0x7f00000000c0)={&(0x7f0000000180)={0xa, 0x4e21, 0x4080000, @dev={0xfe, 0x80, '\x00', 0x1a}}, 0x1c, 0x0, 0x0, &(0x7f00000001c0)=[@dontfrag={{0x14, 0x29, 0x3e, 0x93}}], 0x18}, 0x40c0) 2.468166517s ago: executing program 4 (id=1233): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) pipe2$watch_queue(0x0, 0x80) fchmod(0xffffffffffffffff, 0x2c) recvmmsg(r0, 0x0, 0x0, 0x100, 0x0) 2.464991858s ago: executing program 0 (id=1234): socket(0x1e, 0x4, 0x0) socket$can_j1939(0x1d, 0x2, 0x7) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6(0xa, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x8000000004) socket$packet(0x11, 0x2, 0x300) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$netlink(0x10, 0x3, 0x0) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0) 1.014437316s ago: executing program 3 (id=1235): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x0, 0x0) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket(0x2, 0x80805, 0x0) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r4, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) sendmmsg$inet_sctp(r3, 0x0, 0x0, 0x0) setsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000240)={r5, 0x40}, 0x8) 49.661796ms ago: executing program 1 (id=1236): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x20081e, &(0x7f0000000040)={[{@nodelalloc}, {@grpid}, {@auto_da_alloc}]}, 0x1, 0x4f4, &(0x7f00000008c0)="$eJzs3U1vG1sZAODXzpeTm3uTW7oABLSUQkFVncRto6oLKCuEUCVElyC1IXGjKHYcxU5pQhfpf0CiEitY8gNYd8WeDYIdm7JA4iMCNZVYGM14kpo0bkKT2CF+Hmk0c+Y4fs+pNefYr+s5AfStyxGxFRHDEfEoIiay87lsi3utLXnc6+1n8zvbz+Zz0Ww++HsurU/ORdvfJD7KnrMQET/4TsSPc+/GrW9sLs9VKuW1VnF0qlFdnapvbN5Yqs4tlhfLK6XS7Mzs9J2bt0sn1tdL1eHs6Iuvfrf1jZ8mzRrPzrT34yS1uj60FycxGBHfO41gPTCQ9We41w3hg+Qj4kJEXEmv/4kYSF9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXDuxhj+Uqt3rj+uLa+stDKlU3GUP7xUqU8neUKJ2Mol5Rn0uO35dK+8s2I+DQifjYympaL87XKQi/f+ABAH/to3/z/r5HW/A8AnHOFXjcAAOg68z8A9B/zPwD0H/M/APQf8z8A9B/zPwD0n8Pm/wPu3wkA/P/6/v37ydbcye5/vfBkY3259uTGQrm+XKyuzxfna2urxcVabTG9Z0/1sOer1GqrM7di/enkN1frjan6xubDam19pfEwva/3w/JQV3oFALzPp5de/jH5eL91dzTdom0tB3M1nG/5XjcA6JmBXjcA6BmrfUH/OsZnfOkBOCcO+y8+hYgY3X+y2Ww2T69JwCm79jn5f+hXbfl/vwKCPiP/D/1L/h/6V7OZO+qa/3HUBwIAZ5scP9Dh+/8L2f7X2ZcDP1rY/4gXp9kqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONt21/8tZmuBj0c+XyxGfBwRkzGUe7xUKU9HxCcR8YeRoZGkPNPjNgMAx5X/Sy5b/+vaxNXx/bXDuTcj6T4ifvKLBz9/OtdorP0+Of+PvfONF9n5Ui/aDwAcZneeTvdtH+Rfbz+b39262Z6/fjsiCq34O9vDsbMXfzAG030hhiJi7J+5rNySa8tdHMfW84j47EH9z8V4mgNprXy6P34S++Ouxs//V/x8WtfaJ/8WnzmBtkC/eZmMP/cOuv7ycTndH3z9F9IR6viy8S95qvmddAx8G393/BvoMP5dPmqMW7/9buto9N265xGfH4zYjb3TNv7sxs91iH/1iPH/9IUvXelU1/xlxLU4OH57rKlGdXWqvrF5Y6k6t1heLK+USrMzs9N3bt4uTaU56qnOs8Hf7l7/pFNd0v+xDvELh/T/q0fs/6/+/eiHX35P/K9/5aD4+bj4nvjJnPi1I8afG/tNoVNdEn+hQ/8Pe/2vHzH+qz9vvrNsOADQO/WNzeW5SqW81s2D3TcSXQ3q4BwctBIeibPRnvaDb3Ur1nD8T3/VbH5QrE4jxklk3YCzYO+ij4g3vW4MAAAAAAAAAAAAAABwoG78YqnXfQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD8+k8AAAD//2CSzDE=") syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==") setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000240), 0x24, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f00000000c0)='./bus\x00', 0x20a241b, 0x0, 0x0, 0x0, &(0x7f0000000e40)) openat2$dir(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', &(0x7f00000001c0)={0x8040, 0x4}, 0x18) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x20000) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) r2 = getpid() r3 = syz_pidfd_open(r2, 0x0) setns(r3, 0x24020000) umount2(&(0x7f0000000040)='.\x00', 0x2) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0) 35.472717ms ago: executing program 0 (id=1237): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() getpid() sched_setscheduler(r0, 0x1, &(0x7f00000003c0)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$pppl2tp(0x18, 0x1, 0x1) r4 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r3, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r4, {0x2, 0x0, @local}, 0x2}}, 0x26) r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x3c, r5, 0x1, 0x70bd2c, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x9}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x7}, @L2TP_ATTR_SESSION_ID={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x20) 7.200329ms ago: executing program 3 (id=1238): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, 0x2}, 0x94) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) connect$inet6(r0, &(0x7f0000000500)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000000440), 0x1000a) sendfile(r0, r4, &(0x7f0000000180)=0x2, 0x2001001) 0s ago: executing program 2 (id=1239): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_route(0x10, 0x3, 0x0) socket$inet_udp(0x2, 0x2, 0x0) socket$inet_udp(0x2, 0x2, 0x0) socket$inet_udp(0x2, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50) socket(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r1, 0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f0000000300)=r2}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000640)="8d", &(0x7f00000007c0)=@tcp=r0, 0x2}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r2, 0x5, 0xe, 0x0, &(0x7f00000003c0)="000000000000000000000001e370", 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x50) kernel console output (not intermixed with test programs): ms wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 60.542931][ T4666] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 60.545924][ T4666] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 60.551647][ T4666] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 60.554531][ T4666] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 60.586204][ T4666] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 60.974570][ T4666] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 61.320072][ T4666] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 61.348201][ T4666] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 61.364324][ T4666] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 61.368007][ T4666] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 61.383580][ T4691] capability: warning: `syz.3.51' uses deprecated v2 capabilities in a way that may be insecure [ 61.389610][ T4666] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 61.392527][ T4666] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 61.407186][ T4666] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 61.417101][ T4666] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 61.427542][ T4666] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 61.430895][ T4666] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 61.435371][ T4666] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 61.438367][ T4666] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 61.474603][ T4666] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 61.477652][ T4666] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 61.491154][ T4666] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 61.494124][ T4666] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 61.512290][ T4666] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 61.521382][ T4666] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 61.525496][ T4666] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 61.545515][ T4666] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 61.560453][ T4666] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 61.563411][ T4666] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 61.578587][ T4666] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 62.628624][ T4706] netlink: 'syz.2.59': attribute type 4 has an invalid length. [ 62.700556][ T4715] netlink: 'syz.2.59': attribute type 4 has an invalid length. [ 62.727745][ T4712] loop4: detected capacity change from 0 to 2048 [ 62.804259][ T4712] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 62.903522][ T4727] loop3: detected capacity change from 0 to 512 [ 62.942089][ T4727] EXT2-fs (loop3): warning: feature flags set on rev 0 fs, running e2fsck is recommended [ 62.942147][ T4727] EXT2-fs (loop3): error: couldn't mount RDWR because of unsupported optional features (1000000) [ 63.888288][ T4306] EXT4-fs (loop4): unmounting filesystem. [ 64.001207][ T4739] netlink: 'syz.3.70': attribute type 8 has an invalid length. [ 64.511493][ T2059] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.513684][ T2059] ieee802154 phy1 wpan1: encryption failed: -22 [ 65.495311][ T4750] loop0: detected capacity change from 0 to 8192 [ 66.294889][ T4753] netlink: 'syz.3.72': attribute type 13 has an invalid length. [ 66.424071][ T4753] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 66.555594][ T4753] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 66.801740][ T4322] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 66.804255][ T4322] Bluetooth: hci0: Injecting HCI hardware error event [ 66.807298][ T4322] Bluetooth: hci0: hardware error 0x00 [ 67.163217][ T4749] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 67.192522][ T4749] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 67.197999][ T4749] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 67.478455][ T4760] netlink: 'syz.4.74': attribute type 21 has an invalid length. [ 68.600735][ T4770] binder: 4769:4770 tried to acquire reference to desc 0, got 1 instead [ 68.605923][ T4770] binder_alloc: 4769: pid 4769 spamming oneway? 2 buffers allocated for a total size of 5120 [ 68.615897][ T4770] binder_alloc: 4769: pid 4769 spamming oneway? 3 buffers allocated for a total size of 5128 [ 68.625613][ T4770] binder: 4769:4770 BC_FREE_BUFFER u0000000020ffd000 matched unreturned or currently freeing buffer [ 68.789138][ T7] binder: undelivered TRANSACTION_COMPLETE [ 68.790905][ T7] binder: undelivered TRANSACTION_COMPLETE [ 68.792487][ T7] binder: undelivered TRANSACTION_COMPLETE [ 68.837979][ T4352] binder: undelivered transaction 14, process died. [ 68.844168][ T4352] binder: undelivered transaction 15, process died. [ 69.528673][ T4352] binder: undelivered transaction 13, process died. [ 69.702778][ T1962] cfg80211: failed to load regulatory.db [ 71.065233][ T4322] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 71.408970][ T4798] loop0: detected capacity change from 0 to 64 [ 71.442818][ T4796] netlink: 'syz.4.86': attribute type 10 has an invalid length. [ 71.444884][ T4796] netlink: 40 bytes leftover after parsing attributes in process `syz.4.86'. [ 71.588838][ T4796] team0: Port device geneve0 added [ 72.514769][ T4814] loop0: detected capacity change from 0 to 256 [ 72.517153][ T4814] exfat: Deprecated parameter 'namecase' [ 72.529342][ T4814] exfat: Deprecated parameter 'codepage' [ 72.530913][ T4814] exfat: Bad value for 'codepage' [ 72.601842][ T4815] loop0: detected capacity change from 0 to 1024 [ 72.625927][ T4815] EXT4-fs: Ignoring removed nobh option [ 72.630089][ T4815] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 72.661044][ T4815] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal [ 72.675638][ T4818] tipc: Started in network mode [ 72.682565][ T4818] tipc: Node identity ac1414aa, cluster identity 4711 [ 72.687303][ T4818] tipc: Enabled bearer , priority 10 [ 72.810953][ T4824] tipc: Enabled bearer , priority 0 [ 72.873431][ T4482] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 72.898014][ T4815] loop0: detected capacity change from 0 to 1024 [ 73.686778][ T4815] EXT4-fs: Ignoring removed orlov option [ 73.773948][ T4815] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 73.976370][ T22] tipc: Node number set to 2886997162 [ 74.062629][ T4835] loop4: detected capacity change from 0 to 2048 [ 74.114385][ T4835] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 74.875320][ T4316] EXT4-fs (loop0): unmounting filesystem. [ 76.588236][ T4856] loop0: detected capacity change from 0 to 512 [ 77.810552][ T4856] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 77.889501][ T4854] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.103: inode #64: comm syz.0.103: iget: illegal inode # [ 77.898982][ T4854] EXT4-fs (loop0): Remounting filesystem read-only [ 77.900910][ T4854] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.103: error while reading EA inode 64 err=-117 [ 77.905114][ T4854] EXT4-fs (loop0): Remounting filesystem read-only [ 77.907031][ T4854] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.103: inode #64: comm syz.0.103: iget: illegal inode # [ 77.912092][ T4854] EXT4-fs (loop0): Remounting filesystem read-only [ 77.913992][ T4854] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.103: error while reading EA inode 64 err=-117 [ 77.917684][ T4854] EXT4-fs (loop0): Remounting filesystem read-only [ 77.977119][ T4861] loop4: detected capacity change from 0 to 1024 [ 78.007575][ T4861] ext4: Unknown parameter 'inode_readahe' [ 78.144989][ T4316] EXT4-fs (loop0): unmounting filesystem. [ 78.184603][ T4867] fuse: Bad value for 'fd' [ 79.930436][ T4888] binder: 4881:4888 tried to acquire reference to desc 0, got 1 instead [ 79.934210][ T4888] binder: 4881:4888 got transaction with invalid offset (24, min 24 max 24) or object. [ 79.937043][ T4888] binder: 4881:4888 transaction call to 4881:0 failed 20/29201/-22, size 24-24 line 3355 [ 79.942075][ T4381] binder: undelivered TRANSACTION_ERROR: 29201 [ 80.129542][ T4892] loop0: detected capacity change from 0 to 4096 [ 80.902229][ T4892] ntfs: (device loop0): check_mft_mirror(): $MFT and $MFTMirr (record 2) do not match. Run ntfsfix or chkdsk. [ 80.905483][ T4892] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 80.909866][ T4892] ntfs: (device loop0): map_mft_record_page(): Mft record 0xa is corrupt. Run chkdsk. [ 80.912435][ T4892] ntfs: (device loop0): map_mft_record(): Failed with error code 5. [ 80.914710][ T4892] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 80.918342][ T4892] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 80.955186][ T4892] ntfs: volume version 3.1. [ 80.956570][ T4892] ntfs: (device loop0): ntfs_read_locked_inode(): Found compressed data but compression is disabled due to cluster size (65536) > 4kiB. [ 81.021330][ T4892] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x2 as bad. Run chkdsk. [ 81.025200][ T4892] ntfs: (device loop0): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 81.035406][ T4901] block device autoloading is deprecated and will be removed. [ 81.362286][ T4907] loop1: detected capacity change from 0 to 256 [ 82.215175][ T4912] netlink: 'syz.1.121': attribute type 4 has an invalid length. [ 82.269510][ T4912] netlink: 'syz.1.121': attribute type 4 has an invalid length. [ 85.260692][ T4947] device syzkaller0 entered promiscuous mode [ 85.308214][ T4959] netlink: 4 bytes leftover after parsing attributes in process `syz.1.133'. [ 85.543638][ T4969] tipc: Failed to remove unknown binding: 66,1,1/2886997162:928053865/928053867 [ 85.678672][ T4961] netlink: 8 bytes leftover after parsing attributes in process `syz.0.134'. [ 85.683891][ T4961] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 85.707450][ T4969] tipc: Failed to remove unknown binding: 66,1,1/2886997162:928053865/928053867 [ 85.710326][ T4969] tipc: Failed to remove unknown binding: 66,1,1/2886997162:928053865/928053867 [ 86.750457][ T4973] netlink: 4 bytes leftover after parsing attributes in process `syz.0.134'. [ 88.760852][ T4995] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 88.776954][ T4995] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 90.344296][ T4990] loop4: detected capacity change from 0 to 32768 [ 90.384893][ T4990] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.141 (4990) [ 90.543905][ T5018] loop3: detected capacity change from 0 to 8192 [ 90.545659][ T4990] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 90.558727][ T4990] BTRFS info (device loop4): using sha256 (sha256-ce) checksum algorithm [ 90.561096][ T4990] BTRFS info (device loop4): using free space tree [ 90.569728][ T5018] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 90.573748][ T5018] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 90.576566][ T5018] REISERFS (device loop3): using ordered data mode [ 90.578308][ T5018] reiserfs: using flush barriers [ 90.655935][ T5027] netlink: 12 bytes leftover after parsing attributes in process `syz.0.149'. [ 91.361586][ T5018] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.366237][ T5018] REISERFS (device loop3): checking transaction log (loop3) [ 91.371552][ T5025] loop1: detected capacity change from 0 to 512 [ 91.399136][ T5018] REISERFS (device loop3): Using r5 hash to sort names [ 91.405718][ T5025] EXT2-fs (loop1): error: revision level too high, forcing read-only mode [ 91.410405][ T5018] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 91.427303][ T5025] EXT2-fs (loop1): 0.5b, 95/08/09, bs=4096, gc=1, bpg=32768, ipg=32, mo=a00a8] [ 92.219134][ T5040] mmap: syz.2.154 (5040) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 92.346712][ T4990] BTRFS error (device loop4): open_ctree failed: -12 [ 92.470502][ T5055] loop2: detected capacity change from 0 to 1024 [ 92.716650][ T5061] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 92.719083][ T5061] IPv6: NLM_F_CREATE should be set when creating new route [ 93.925403][ T4482] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by udevd (4482) [ 94.108273][ T4465] hfsplus: b-tree write err: -5, ino 4 [ 94.949014][ T5061] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.952773][ T5061] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.752254][ T5061] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 97.786205][ T5061] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 98.294943][ T5061] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.297425][ T5061] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.299964][ T5061] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.302484][ T5061] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.551717][ T5074] tipc: Started in network mode [ 98.553153][ T5074] tipc: Node identity 7f000001, cluster identity 4711 [ 98.555606][ T5074] tipc: Enabled bearer , priority 10 [ 98.608745][ T5095] device batadv_slave_1 entered promiscuous mode [ 98.628786][ T5098] device batadv_slave_1 left promiscuous mode [ 99.617532][ T4468] tipc: Node number set to 2130706433 [ 100.938473][ T5127] binder: 5125:5127 tried to acquire reference to desc 0, got 1 instead [ 100.945123][ T4373] binder: undelivered TRANSACTION_COMPLETE [ 100.971359][ T4353] binder: undelivered transaction 25, process died. [ 101.206713][ T5137] binder: 5136:5137 tried to acquire reference to desc 0, got 1 instead [ 102.635924][ T24] binder: release 5136:5137 transaction 36 out, still active [ 102.638315][ T24] binder: undelivered TRANSACTION_COMPLETE [ 102.731978][ T24] binder: send failed reply for transaction 36, target dead [ 102.875165][ T5148] netlink: 4 bytes leftover after parsing attributes in process `syz.4.185'. [ 103.251975][ T4322] Bluetooth: hci3: link tx timeout [ 103.254655][ T4322] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 103.659060][ T5155] process 'syz.1.187' launched '/dev/fd/8' with NULL argv: empty string added [ 105.319630][ T4322] Bluetooth: hci3: command 0x0406 tx timeout [ 106.035374][ T5203] loop2: detected capacity change from 0 to 2048 [ 106.112121][ T4322] Bluetooth: hci2: unexpected event 0x03 length: 1 < 11 [ 106.596341][ T5211] binder: 5210:5211 unknown command 0 [ 106.608954][ T5211] binder: 5210:5211 ioctl c0306201 20000080 returned -22 [ 106.692972][ T5211] binder: 5210:5211 tried to acquire reference to desc 0, got 1 instead [ 106.721380][ T5211] binder: 5210:5211 got transaction with invalid fd, 536871424 [ 106.723556][ T5211] binder: 5211:5210 translate fd array failed [ 106.725321][ T5211] binder: 5210:5211 transaction async to 5210:0 failed 41/29201/-9, size 112-24 line 3495 [ 106.808930][ T4468] binder: undelivered TRANSACTION_ERROR: 29201 [ 109.219155][ T5222] binder: 5221:5222 tried to acquire reference to desc 0, got 1 instead [ 109.239446][ T5222] binder: 5221:5222 got transaction with invalid data ptr [ 109.241433][ T5222] binder: 5221:5222 transaction async to 5221:0 failed 46/29201/-14, size 0-24 line 3342 [ 109.477051][ T5228] sch_tbf: burst 1821 is lower than device lo mtu (65550) ! [ 109.531631][ T5230] Zero length message leads to an empty skb [ 109.562736][ T5230] netlink: 12 bytes leftover after parsing attributes in process `syz.4.208'. [ 109.563106][ T5231] loop3: detected capacity change from 0 to 64 [ 111.558710][ T4468] binder: undelivered TRANSACTION_ERROR: 29201 [ 111.566615][ T5241] netlink: 'syz.4.213': attribute type 5 has an invalid length. [ 112.694282][ T5222] syz.2.204 (5222): drop_caches: 2 [ 112.782065][ T5254] netlink: 12 bytes leftover after parsing attributes in process `syz.1.218'. [ 112.827597][ T5253] loop3: detected capacity change from 0 to 512 [ 113.016952][ T4482] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 114.162067][ T5278] loop3: detected capacity change from 0 to 2048 [ 115.074015][ T5278] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 116.308666][ T5291] capability: warning: `syz.0.227' uses 32-bit capabilities (legacy support in use) [ 117.152837][ T5301] binder: 5300:5301 tried to acquire reference to desc 0, got 1 instead [ 117.161458][ T5301] binder: 5300:5301 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 117.185393][ T5301] binder: 5301 RLIMIT_NICE not set [ 117.187032][ T5301] binder: 5301 RLIMIT_NICE not set [ 117.193570][ T5301] binder: 5301 RLIMIT_NICE not set [ 117.195297][ T5301] binder_alloc: 5300: binder_alloc_buf, no vma [ 117.208377][ T5299] loop3: detected capacity change from 0 to 4096 [ 117.218871][ T5301] binder: cannot allocate buffer: vma cleared, target dead or dying [ 117.218903][ T5301] binder: 5300:5301 transaction reply to 5300:5301 failed 52/29189/-3, size 0-0 line 3239 [ 117.224037][ T5301] binder: send failed reply for transaction 51 to 5300:5301 [ 117.243047][ T5299] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 117.248874][ T4590] binder: undelivered TRANSACTION_COMPLETE [ 117.250634][ T4590] binder: undelivered TRANSACTION_ERROR: 29189 [ 117.307102][ T4590] binder: undelivered TRANSACTION_ERROR: 29190 [ 117.372939][ T5309] netlink: 16 bytes leftover after parsing attributes in process `syz.1.237'. [ 117.375383][ T5299] ntfs3: loop3: Failed to load $Secure. [ 118.180400][ T5314] loop1: detected capacity change from 0 to 64 [ 120.873241][ T5332] loop3: detected capacity change from 0 to 32768 [ 121.213903][ T5329] netlink: 4 bytes leftover after parsing attributes in process `syz.4.243'. [ 121.306522][ T5332] Dev loop3 SGI disklabel: csum bad, label corrupted [ 121.360945][ T5341] syz.2.246 uses obsolete (PF_INET,SOCK_PACKET) [ 121.419640][ T5341] loop2: detected capacity change from 0 to 4096 [ 121.435099][ T5341] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 121.456886][ T5341] ntfs3: loop2: try to read out of volume at offset 0x3fffffc0c00 [ 121.460152][ T5341] ntfs3: loop2: try to read out of volume at offset 0x3fffffc0c00 [ 121.462254][ T5341] ntfs3: loop2: try to read out of volume at offset 0x3fffffc0c00 [ 121.464407][ T5341] ntfs3: loop2: try to read out of volume at offset 0x3fffffc0c00 [ 121.466673][ T5341] ntfs3: loop2: try to read out of volume at offset 0x3fffffc1c00 [ 121.470317][ T5341] ntfs3: loop2: try to read out of volume at offset 0x3fffffc2c00 [ 121.472451][ T5341] ntfs3: loop2: try to read out of volume at offset 0x3fffffc4c00 [ 121.474726][ T5341] ntfs3: loop2: try to read out of volume at offset 0x3fffffc8c00 [ 121.477586][ T5341] ntfs3: loop2: try to read out of volume at offset 0x3fffffd0c00 [ 124.772916][ T5368] tipc: Enabled bearer , priority 10 [ 124.819689][ T5368] tipc: Enabled bearer , priority 0 [ 125.888491][ T1962] tipc: Node number set to 2786292615 [ 125.949349][ T2059] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.951153][ T2059] ieee802154 phy1 wpan1: encryption failed: -22 [ 127.128654][ T5389] loop4: detected capacity change from 0 to 22 [ 127.142455][ T5389] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 127.212312][ T5389] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 127.854052][ T5391] loop3: detected capacity change from 0 to 65 [ 127.869075][ T5391] BFS-fs: bfs_fill_super(): NOTE: filesystem loop3 was created with 512 inodes, the real maximum is 511, mounting anyway [ 129.152263][ T5406] binder: 5404:5406 tried to acquire reference to desc 0, got 1 instead [ 129.160874][ T5406] binder: 5404:5406 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 129.164526][ T5406] binder: 5406 RLIMIT_NICE not set [ 129.165977][ T5406] binder: 5406 RLIMIT_NICE not set [ 129.206071][ T5406] binder: 5404:5406 got new transaction with bad transaction stack, transaction 57 has target 5404:5406 [ 129.216286][ T5406] binder: 5404:5406 transaction call to 5404:0 failed 58/29201/-71, size 0-48 line 3114 [ 129.231742][ T4381] binder: release 5404:5406 transaction 57 out, still active [ 129.233819][ T4381] binder: undelivered TRANSACTION_COMPLETE [ 129.235354][ T4381] binder: undelivered TRANSACTION_ERROR: 29201 [ 129.281226][ T4381] binder: release 5404:5406 transaction 57 in, still active [ 129.283428][ T4381] binder: send failed reply for transaction 57, target dead [ 130.885973][ T5430] loop4: detected capacity change from 0 to 256 [ 131.676938][ T5443] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 131.714749][ T5443] device batadv_slave_0 entered promiscuous mode [ 134.185144][ T5467] loop2: detected capacity change from 0 to 4096 [ 134.229897][ T5469] loop1: detected capacity change from 0 to 16 [ 134.237235][ T5469] erofs: (device loop1): mounted with root inode @ nid 36. [ 134.264955][ T5469] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 134.270553][ T5469] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -44 in[46, 4050] out[1851] [ 134.273759][ T5469] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 134.361321][ T5467] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 134.608573][ T5483] loop3: detected capacity change from 0 to 1024 [ 134.655391][ T5483] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 135.545068][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 135.695884][ T5494] binder: 5491:5494 tried to acquire reference to desc 0, got 1 instead [ 135.712091][ T4589] binder: undelivered TRANSACTION_COMPLETE [ 135.713726][ T4589] binder: undelivered TRANSACTION_COMPLETE [ 135.748738][ T4311] EXT4-fs (loop3): unmounting filesystem. [ 135.763753][ T4589] binder: undelivered transaction 64, process died. [ 135.765613][ T4589] binder: undelivered transaction 63, process died. [ 135.879243][ T5499] binder: 5497:5499 tried to acquire reference to desc 0, got 1 instead [ 135.893645][ T5499] binder: 5497:5499 ioctl c0306201 200008c0 returned -14 [ 135.991487][ T4468] binder: undelivered transaction 69, process died. [ 136.009191][ T4589] binder: undelivered TRANSACTION_COMPLETE [ 138.554050][ T5528] overlayfs: failed to resolve './file0': -2 [ 139.697014][ T5534] overlayfs: failed to resolve './file0/file0': -2 [ 141.251440][ T5548] loop1: detected capacity change from 0 to 512 [ 141.310388][ T5548] EXT2-fs (loop1): warning: mounting ext3 filesystem as ext2 [ 142.332581][ T5569] block device autoloading is deprecated and will be removed. [ 142.383320][ T5564] md2: error: bitmap file must be a regular file [ 143.871169][ T4322] Bluetooth: hci3: link tx timeout [ 143.872696][ T4322] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 145.968004][ T5634] syz.1.336 uses old SIOCAX25GETINFO [ 146.123717][ T5641] 9pnet: p9_errstr2errno: server reported unknown error 18446744073 [ 146.243201][ T27] audit: type=1326 audit(146.210:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5644 comm="syz.2.341" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb915ce28 code=0x7fc00000 [ 146.263999][ T27] audit: type=1326 audit(146.220:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5644 comm="syz.2.341" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffb915ce28 code=0x7fc00000 [ 146.281832][ T5648] af_packet: tpacket_rcv: packet too big, clamped from 42 to 4294967286. macoff=82 [ 146.294907][ T27] audit: type=1326 audit(146.220:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5644 comm="syz.2.341" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb915ce28 code=0x7fc00000 [ 147.807045][ T5682] loop2: detected capacity change from 0 to 2048 [ 147.815249][ T5682] UDF-fs: bad mount option "uid=ÿ" or missing value [ 147.936205][ T5678] ptrace attach of "./syz-executor exec"[4305] was attempted by ""[5678] [ 147.962933][ T4482] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 148.123480][ T11] wlan1: Trigger new scan to find an IBSS to join [ 148.799736][ T5692] binder: 5691:5692 tried to acquire reference to desc 0, got 1 instead [ 148.807386][ T5692] binder: release 5691:5692 transaction 78 out, still active [ 148.816306][ T5692] binder: undelivered TRANSACTION_COMPLETE [ 148.820251][ T5692] binder: 5691:5692 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 148.823918][ T5692] binder: 5692 RLIMIT_NICE not set [ 148.834285][ T5692] binder: 5692 RLIMIT_NICE not set [ 148.835847][ T5692] binder: send failed reply for transaction 78, target dead [ 148.838908][ T5692] binder: 5691:5692 ioctl c0306201 20000240 returned -14 [ 149.141435][ T5700] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 149.149275][ T5700] CIFS mount error: No usable UNC path provided in device string! [ 149.149275][ T5700] [ 149.152403][ T5700] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 150.056698][ T5682] loop2: detected capacity change from 0 to 32768 [ 150.093016][ T5706] loop3: detected capacity change from 0 to 512 [ 150.093486][ T5682] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 scanned by syz.2.354 (5682) [ 150.167988][ T5706] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 150.272319][ T5682] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 150.276497][ T5682] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 150.283858][ T5682] BTRFS info (device loop2): turning off barriers [ 150.289313][ T5706] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e12c, mo2=0002] [ 150.291901][ T5706] System zones: 1-12 [ 150.293775][ T5706] EXT4-fs (loop3): orphan cleanup on readonly fs [ 150.296758][ T5682] BTRFS info (device loop2): enabling auto defrag [ 150.311307][ T5706] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.363: bg 0: block 361: padding at end of block bitmap is not set [ 150.315649][ T5682] BTRFS info (device loop2): ignoring data csums [ 150.334966][ T5682] BTRFS info (device loop2): force zlib compression, level 3 [ 150.337544][ T5682] BTRFS info (device loop2): enabling ssd optimizations [ 150.368184][ T5682] BTRFS info (device loop2): using spread ssd allocation scheme [ 150.371354][ T5682] BTRFS info (device loop2): using free space tree [ 150.382753][ T5706] EXT4-fs (loop3): Remounting filesystem read-only [ 150.622803][ T5682] workqueue: max_active 2097158 requested for btrfs-worker is out of range, clamping between 1 and 512 [ 150.639037][ T5706] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 151.097965][ T5682] workqueue: max_active 2097158 requested for btrfs-worker-high is out of range, clamping between 1 and 512 [ 151.111633][ T5682] workqueue: max_active 2097158 requested for btrfs-delalloc is out of range, clamping between 1 and 512 [ 151.148678][ T5706] EXT4-fs (loop3): Remounting filesystem read-only [ 151.150503][ T5706] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #11: comm syz.3.363: attempt to clear invalid blocks 33619980 len 1 [ 151.154785][ T5706] EXT4-fs (loop3): Remounting filesystem read-only [ 151.180729][ T5682] workqueue: max_active 2097158 requested for btrfs-endio is out of range, clamping between 1 and 512 [ 151.187778][ T5706] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.363: invalid indirect mapped block 1811939328 (level 0) [ 151.187951][ T5682] workqueue: max_active 2097158 requested for btrfs-endio-meta is out of range, clamping between 1 and 512 [ 151.203859][ T5706] EXT4-fs (loop3): Remounting filesystem read-only [ 151.205712][ T5706] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.363: invalid indirect mapped block 2 (level 2) [ 151.215254][ T5682] workqueue: max_active 2097158 requested for btrfs-endio-raid56 is out of range, clamping between 1 and 512 [ 151.237278][ T5706] EXT4-fs (loop3): Remounting filesystem read-only [ 151.244303][ T5682] workqueue: max_active 2097158 requested for btrfs-rmw is out of range, clamping between 1 and 512 [ 151.248638][ T5706] EXT4-fs (loop3): 1 truncate cleaned up [ 151.250275][ T5706] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 151.268608][ T5682] workqueue: max_active 2097158 requested for btrfs-endio-write is out of range, clamping between 1 and 512 [ 151.289423][ T5706] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #2: block 5: comm syz.3.363: lblock 0 mapped to illegal pblock 5 (length 1) [ 151.296053][ T5682] workqueue: max_active 2097158 requested for btrfs-compressed-write is out of range, clamping between 1 and 512 [ 151.296299][ T5706] EXT4-fs warning (device loop3): dx_probe:823: inode #2: lblock 0: comm syz.3.363: error -117 reading directory block [ 151.327913][ T5682] BTRFS error (device loop2): open_ctree failed: -12 [ 151.408212][ T5706] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #2: block 5: comm syz.3.363: lblock 0 mapped to illegal pblock 5 (length 1) [ 153.282935][ T11] wlan1: Trigger new scan to find an IBSS to join [ 153.562691][ T5706] EXT4-fs warning (device loop3): dx_probe:823: inode #2: lblock 0: comm syz.3.363: error -117 reading directory block [ 153.687574][ T4311] EXT4-fs (loop3): unmounting filesystem. [ 153.747680][ T5745] TCP: tcp_parse_options: Illegal window scaling value 94 > 14 received [ 154.075815][ T4482] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 scanned by udevd (4482) [ 154.586150][ T5757] ptrace attach of "./syz-executor exec"[4307] was attempted by " [ 155.121698][ T5761] overlayfs: upper fs does not support file handles, falling back to index=off. [ 156.223650][ T4576] wlan1: Creating new IBSS network, BSSID 2e:0e:64:a7:22:ec [ 156.606779][ T5767] loop1: detected capacity change from 0 to 131072 [ 156.706632][ T5783] netlink: 'syz.3.381': attribute type 1 has an invalid length. [ 157.541248][ T5783] 8021q: adding VLAN 0 to HW filter on device bond1 [ 157.629774][ T5767] F2FS-fs (loop1): Found nat_bits in checkpoint [ 157.689643][ T5767] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 158.903319][ T5792] bond1: (slave veth3): Enslaving as an active interface with a down link [ 158.961159][ T5783] bond1: (slave vlan2): Opening slave failed [ 159.142489][ T5862] xt_CT: You must specify a L4 protocol and not use inversions on it [ 160.973661][ T5870] netlink: 4 bytes leftover after parsing attributes in process `syz.4.389'. [ 160.976652][ T5870] team1 (uninitialized): Failed to send options change via netlink (err -105) [ 160.991697][ T5870] device team1 entered promiscuous mode [ 161.094258][ T5879] loop4: detected capacity change from 0 to 512 [ 161.189278][ T5879] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 161.209997][ T5879] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 161.906226][ T5879] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c099, mo2=0082] [ 161.910235][ T5879] System zones: 1-12 [ 161.917004][ T5879] EXT4-fs (loop4): 1 truncate cleaned up [ 161.919095][ T5879] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 163.382720][ T4306] EXT4-fs (loop4): unmounting filesystem. [ 163.675017][ T5903] loop2: detected capacity change from 0 to 512 [ 163.868819][ T4319] Bluetooth: hci1: command 0x0406 tx timeout [ 163.977503][ T5910] loop4: detected capacity change from 0 to 64 [ 164.040075][ T4319] Bluetooth: hci4: command 0x0406 tx timeout [ 164.040120][ T4322] Bluetooth: hci2: command 0x0406 tx timeout [ 164.231593][ T5903] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 165.197207][ T5908] syz.4.398: attempt to access beyond end of device [ 165.197207][ T5908] loop4: rw=2049, sector=65, nr_sectors = 1 limit=64 [ 165.201985][ T5908] Buffer I/O error on dev loop4, logical block 65, lost async page write [ 165.204515][ T5908] syz.4.398: attempt to access beyond end of device [ 165.204515][ T5908] loop4: rw=2049, sector=66, nr_sectors = 1 limit=64 [ 165.208584][ T5908] Buffer I/O error on dev loop4, logical block 66, lost async page write [ 165.211292][ T5908] syz.4.398: attempt to access beyond end of device [ 165.211292][ T5908] loop4: rw=2049, sector=67, nr_sectors = 1 limit=64 [ 165.214957][ T5908] Buffer I/O error on dev loop4, logical block 67, lost async page write [ 165.217309][ T5908] syz.4.398: attempt to access beyond end of device [ 165.217309][ T5908] loop4: rw=2049, sector=68, nr_sectors = 1 limit=64 [ 165.221289][ T5908] Buffer I/O error on dev loop4, logical block 68, lost async page write [ 165.223824][ T5908] syz.4.398: attempt to access beyond end of device [ 165.223824][ T5908] loop4: rw=2049, sector=72, nr_sectors = 1 limit=64 [ 165.227741][ T5908] Buffer I/O error on dev loop4, logical block 72, lost async page write [ 165.230284][ T5908] syz.4.398: attempt to access beyond end of device [ 165.230284][ T5908] loop4: rw=2049, sector=73, nr_sectors = 1 limit=64 [ 165.234203][ T5908] Buffer I/O error on dev loop4, logical block 73, lost async page write [ 165.236511][ T5908] syz.4.398: attempt to access beyond end of device [ 165.236511][ T5908] loop4: rw=2049, sector=76, nr_sectors = 1 limit=64 [ 165.240391][ T5908] Buffer I/O error on dev loop4, logical block 76, lost async page write [ 165.242657][ T5908] syz.4.398: attempt to access beyond end of device [ 165.242657][ T5908] loop4: rw=2049, sector=77, nr_sectors = 1 limit=64 [ 165.246219][ T5908] Buffer I/O error on dev loop4, logical block 77, lost async page write [ 165.250417][ T5908] syz.4.398: attempt to access beyond end of device [ 165.250417][ T5908] loop4: rw=2049, sector=78, nr_sectors = 760 limit=64 [ 165.515456][ T5917] netlink: 24 bytes leftover after parsing attributes in process `syz.3.402'. [ 165.525379][ T5903] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 165.529695][ T5903] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.401: invalid indirect mapped block 2683928664 (level 1) [ 165.558739][ T5903] EXT4-fs (loop2): Remounting filesystem read-only [ 165.561627][ T5903] EXT4-fs (loop2): 1 truncate cleaned up [ 165.563630][ T5903] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 165.586200][ T5921] bridge0: port 2(bridge_slave_1) entered disabled state [ 165.588870][ T5921] bridge0: port 1(bridge_slave_0) entered disabled state [ 165.726652][ T5917] netlink: 'syz.3.402': attribute type 1 has an invalid length. [ 166.338278][ T5915] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:477: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0 [ 166.756355][ T5915] EXT4-fs (loop2): Remounting filesystem read-only [ 167.935330][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 171.204320][ T5976] loop2: detected capacity change from 0 to 512 [ 171.238200][ T5976] EXT4-fs: Ignoring removed nomblk_io_submit option [ 171.251110][ T5976] EXT4-fs: Ignoring removed nobh option [ 171.253122][ T5976] EXT4-fs: Ignoring removed nobh option [ 171.267435][ T5976] EXT4-fs: Conflicting test_dummy_encryption options [ 171.416936][ T5984] loop4: detected capacity change from 0 to 1024 [ 171.799587][ T5986] binder: 5985:5986 ioctl c0306201 20000080 returned -14 [ 171.825189][ T5986] binder: 5985:5986 tried to acquire reference to desc 0, got 1 instead [ 171.833371][ T5986] binder: 5985:5986 ioctl c0306201 20000600 returned -14 [ 171.890766][ T4373] binder: undelivered transaction 83, process died. [ 171.961201][ T5988] loop4: detected capacity change from 0 to 64 [ 172.393110][ T5995] netlink: 4 bytes leftover after parsing attributes in process `syz.0.425'. [ 172.395614][ T5995] netlink: 1 bytes leftover after parsing attributes in process `syz.0.425'. [ 172.446342][ T5988] Trying to free block not in datazone [ 172.448165][ T5988] minix_free_block (loop4:21): bit already cleared [ 172.489650][ T5997] netlink: 'syz.2.427': attribute type 13 has an invalid length. [ 172.908516][ T4322] Bluetooth: hci2: command 0x0406 tx timeout [ 173.636502][ T5997] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 173.829662][ T5997] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 174.546626][ T6011] netlink: 24 bytes leftover after parsing attributes in process `syz.2.432'. [ 174.916462][ T6022] netlink: 'syz.2.436': attribute type 1 has an invalid length. [ 176.174585][ T6030] bond1: (slave gretap1): making interface the new active one [ 176.177744][ T6030] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 176.187145][ T6036] bond1: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 177.270380][ T6052] loop2: detected capacity change from 0 to 64 [ 177.330668][ T6056] loop3: detected capacity change from 0 to 512 [ 177.349668][ T6056] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 177.528141][ T6056] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #17: comm syz.3.446: inline data xattr refers to an external xattr inode [ 178.543483][ T6056] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.446: couldn't read orphan inode 17 (err -117) [ 178.547387][ T6056] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 178.656166][ T4311] EXT4-fs (loop3): unmounting filesystem. [ 178.706787][ T4309] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 178.710146][ T4309] CPU: 0 PID: 4309 Comm: kworker/u5:1 Not tainted 6.1.147-syzkaller #0 [ 178.712394][ T4309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 178.715215][ T4309] Workqueue: hci1 hci_rx_work [ 178.716572][ T4309] Call trace: [ 178.717484][ T4309] dump_backtrace+0x1c8/0x1f4 [ 178.718847][ T4309] show_stack+0x2c/0x3c [ 178.720044][ T4309] __dump_stack+0x30/0x40 [ 178.721398][ T4309] dump_stack_lvl+0xf8/0x160 [ 178.722679][ T4309] dump_stack+0x1c/0x5c [ 178.723906][ T4309] sysfs_create_dir_ns+0x22c/0x24c [ 178.725414][ T4309] kobject_add_internal+0x5a8/0xb30 [ 178.726867][ T4309] kobject_add+0x134/0x1f8 [ 178.728175][ T4309] device_add+0x3f0/0xf94 [ 178.729536][ T4309] hci_conn_add_sysfs+0xbc/0x1cc [ 178.730952][ T4309] le_conn_complete_evt+0xa24/0xf8c [ 178.732494][ T4309] hci_le_conn_complete_evt+0x114/0x3f8 [ 178.734065][ T4309] hci_le_meta_evt+0x2c0/0x4a4 [ 178.735438][ T4309] hci_event_packet+0x6ac/0xf08 [ 178.736844][ T4309] hci_rx_work+0x324/0xaa0 [ 178.738132][ T4309] process_one_work+0x7f4/0x13a8 [ 178.739490][ T4309] worker_thread+0x8c8/0xfbc [ 178.740774][ T4309] kthread+0x250/0x2d8 [ 178.741922][ T4309] ret_from_fork+0x10/0x20 [ 178.745835][ T4309] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 178.750891][ T4309] Bluetooth: hci1: failed to register connection device [ 178.834852][ T6076] loop3: detected capacity change from 0 to 1024 [ 179.043244][ T6081] hfsplus: request for non-existent node 16777216 in B*Tree [ 179.065007][ T6081] hfsplus: request for non-existent node 16777216 in B*Tree [ 179.286683][ T6075] hfsplus: request for non-existent node 16777216 in B*Tree [ 179.358324][ T6090] loop2: detected capacity change from 0 to 16 [ 179.367126][ T6090] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 179.428670][ T6075] hfsplus: request for non-existent node 16777216 in B*Tree [ 179.949355][ T4539] hfsplus: request for non-existent node 16777216 in B*Tree [ 179.951544][ T4539] hfsplus: request for non-existent node 16777216 in B*Tree [ 180.095081][ T6094] loop3: detected capacity change from 0 to 16 [ 180.272166][ T6094] erofs: (device loop3): mounted with root inode @ nid 36. [ 181.618858][ T4309] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -13 in[56, 4040] out[9000] [ 181.629849][ T6094] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -13 in[56, 4040] out[4096] [ 181.646883][ T6094] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -13 in[56, 4040] out[4096] [ 182.801572][ T6094] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -13 in[56, 4040] out[9000] [ 182.804940][ T6094] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -13 in[56, 4040] out[9000] [ 182.808213][ T6094] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -13 in[56, 4040] out[9000] [ 182.874805][ T6094] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -13 in[56, 4040] out[9000] [ 182.898686][ T6120] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -13 in[56, 4040] out[4096] [ 182.901921][ T6120] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -13 in[56, 4040] out[4096] [ 182.905669][ T6118] binder: 6117:6118 tried to acquire reference to desc 0, got 1 instead [ 182.919488][ T6118] binder_alloc: 6117: pid 6117 spamming oneway? 2 buffers allocated for a total size of 5120 [ 183.137233][ T6122] loop1: detected capacity change from 0 to 2048 [ 183.179639][ T6122] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 183.897142][ T6118] binder_alloc: 6117: pid 6117 spamming oneway? 3 buffers allocated for a total size of 5128 [ 183.912270][ T4309] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 183.915415][ T4309] Bluetooth: hci3: Injecting HCI hardware error event [ 183.919709][ T4322] Bluetooth: hci3: hardware error 0x00 [ 183.946373][ T6118] binder: 6117:6118 BC_FREE_BUFFER u0000000020ffd000 matched unreturned or currently freeing buffer [ 183.989722][ T24] binder: undelivered TRANSACTION_COMPLETE [ 183.991422][ T24] binder: undelivered TRANSACTION_COMPLETE [ 183.993040][ T24] binder: undelivered TRANSACTION_COMPLETE [ 184.040506][ T24] binder: undelivered transaction 89, process died. [ 184.043189][ T24] binder: undelivered transaction 90, process died. [ 184.045047][ T24] binder: undelivered transaction 88, process died. [ 186.672850][ T9] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 186.727400][ T4322] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 187.441643][ T2059] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.445081][ T2059] ieee802154 phy1 wpan1: encryption failed: -22 [ 187.841978][ T4322] Bluetooth: hci2: Malformed Event: 0x48 [ 188.964443][ T4526] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 189.076661][ T6187] loop1: detected capacity change from 0 to 64 [ 189.112572][ T6187] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing [ 189.162352][ T6187] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop1 [ 189.869376][ T6187] netlink: 'syz.1.494': attribute type 2 has an invalid length. [ 189.879578][ T6197] loop3: detected capacity change from 0 to 1024 [ 189.898057][ T6197] ext4: Unknown parameter 'inode_readahe' [ 191.839862][ T6211] loop4: detected capacity change from 0 to 512 [ 191.864003][ T6211] EXT4-fs: Ignoring removed nomblk_io_submit option [ 191.865903][ T6211] EXT4-fs: Ignoring removed nomblk_io_submit option [ 192.087812][ T6211] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 194.389182][ T4306] EXT4-fs (loop4): unmounting filesystem. [ 194.549731][ T6240] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 194.568677][ T6240] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 199.077005][ T6268] netlink: 'syz.3.520': attribute type 3 has an invalid length. [ 199.156112][ T6268] netlink: 'syz.3.520': attribute type 3 has an invalid length. [ 199.369508][ T6281] loop2: detected capacity change from 0 to 128 [ 199.392690][ T6281] FAT-fs (loop2): bogus number of FAT structure [ 199.405145][ T6281] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 199.434691][ T6281] FAT-fs (loop2): Can't find a valid FAT filesystem [ 199.442044][ T6278] loop1: detected capacity change from 0 to 4096 [ 199.445968][ T6278] ntfs: (device loop1): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 199.448518][ T6278] ntfs: (device loop1): read_ntfs_boot_sector(): Mount option errors=recover not used. Aborting without trying to recover. [ 199.452463][ T6278] ntfs: (device loop1): ntfs_fill_super(): Not an NTFS volume. [ 199.480429][ T6284] netlink: 8 bytes leftover after parsing attributes in process `syz.3.514'. [ 199.503157][ T4299] I/O error, dev loop1, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 199.536001][ T6288] xt_bpf: check failed: parse error [ 200.620582][ T6299] netlink: 'syz.4.521': attribute type 4 has an invalid length. [ 204.564369][ T6342] loop1: detected capacity change from 0 to 8 [ 204.566960][ T6342] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 205.534572][ T6342] cramfs: Error -5 while decompressing! [ 205.536420][ T6342] cramfs: 00000000426ee7d2(26)->00000000619934f8(4096) [ 205.538485][ T6342] cramfs: Error -3 while decompressing! [ 205.540109][ T6342] cramfs: 00000000d3940985(26)->000000009ab26323(4096) [ 205.542187][ T6342] cramfs: Error -3 while decompressing! [ 205.543826][ T6342] cramfs: 0000000069af0e38(16)->00000000b6baaf4a(4096) [ 205.546323][ T6342] cramfs: Error -5 while decompressing! [ 205.547933][ T6342] cramfs: 00000000426ee7d2(26)->00000000619934f8(4096) [ 206.120548][ T6350] syz.0.532 sent an empty control message without MSG_MORE. [ 206.911363][ T6363] 9pnet_fd: Insufficient options for proto=fd [ 206.941104][ T6362] binder: 6361:6362 tried to acquire reference to desc 0, got 1 instead [ 206.945748][ T6366] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 206.957621][ T6366] FAT-fs (loop5): unable to read boot sector [ 206.969101][ T4352] binder: release 6361:6362 transaction 96 out, still active [ 206.971257][ T4352] binder: undelivered TRANSACTION_COMPLETE [ 206.972914][ T4352] binder: undelivered TRANSACTION_COMPLETE [ 206.987247][ T27] audit: type=1326 audit(435.945:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb915ce28 code=0x7ffc0000 [ 206.998741][ T27] audit: type=1326 audit(435.945:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=448 compat=0 ip=0xffffb915ce28 code=0x7ffc0000 [ 207.004968][ T27] audit: type=1326 audit(435.945:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb915ce28 code=0x7ffc0000 [ 207.017054][ T6368] netlink: 4 bytes leftover after parsing attributes in process `syz.1.539'. [ 207.023029][ T4352] binder: undelivered transaction 95, process died. [ 207.025083][ T4352] binder: send failed reply for transaction 96, target dead [ 207.028036][ T6368] netlink: 12 bytes leftover after parsing attributes in process `syz.1.539'. [ 207.041747][ T6373] loop3: detected capacity change from 0 to 256 [ 207.113941][ T27] audit: type=1326 audit(435.945:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffb915b354 code=0x7ffc0000 [ 207.120510][ T27] audit: type=1326 audit(435.945:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=268 compat=0 ip=0xffffb915e98c code=0x7ffc0000 [ 207.126765][ T27] audit: type=1326 audit(435.945:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffb915ce28 code=0x7ffc0000 [ 207.177859][ T27] audit: type=1326 audit(435.945:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=268 compat=0 ip=0xffffb915e98c code=0x7ffc0000 [ 207.206690][ T4482] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 207.227616][ T27] audit: type=1326 audit(435.945:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=57 compat=0 ip=0xffffb915b72c code=0x7ffc0000 [ 207.248250][ T27] audit: type=1326 audit(435.945:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb915ce28 code=0x7ffc0000 [ 207.706707][ T6385] netlink: 28 bytes leftover after parsing attributes in process `syz.2.543'. [ 207.709347][ T6385] netlink: 28 bytes leftover after parsing attributes in process `syz.2.543'. [ 207.837949][ T6378] netlink: 8 bytes leftover after parsing attributes in process `syz.4.542'. [ 207.900429][ T27] audit: type=1326 audit(435.945:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffb915ce28 code=0x7ffc0000 [ 207.940782][ T6378] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 207.947828][ T6381] netlink: 4 bytes leftover after parsing attributes in process `syz.1.539'. [ 208.253629][ T6378] qfq: no options [ 208.347130][ T6390] loop3: detected capacity change from 0 to 128 [ 211.389671][ T6396] loop4: detected capacity change from 0 to 512 [ 214.033886][ T6396] EXT4-fs: failed to create workqueue [ 214.035463][ T6396] EXT4-fs (loop4): mount failed [ 215.071681][ T4322] Bluetooth: hci4: command 0x2016 tx timeout [ 215.134439][ T6451] trusted_key: encrypted_key: insufficient parameters specified [ 217.475995][ T6473] loop4: detected capacity change from 0 to 256 [ 217.495915][ T6473] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 217.511839][ T6473] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 217.529010][ T6473] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 217.543828][ T6473] UDF-fs: Scanning with blocksize 512 failed [ 217.572075][ T6473] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 217.665706][ T6473] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 218.513208][ T6494] netlink: 60 bytes leftover after parsing attributes in process `syz.3.574'. [ 218.832115][ T6504] netlink: 8 bytes leftover after parsing attributes in process `syz.1.579'. [ 219.728711][ T6508] loop4: detected capacity change from 0 to 4096 [ 219.771018][ T6511] device batadv0 entered promiscuous mode [ 219.772981][ T6511] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 219.776333][ T6511] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 219.818134][ T6508] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 219.821818][ T6508] ntfs3: loop4: Failed to load $MFT. [ 220.008621][ T4482] I/O error, dev loop4, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 220.294209][ T4576] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 220.851688][ T6527] dccp_close: ABORT with 32 bytes unread [ 221.683250][ T6535] netlink: 8 bytes leftover after parsing attributes in process `syz.2.588'. [ 221.710602][ T6535] device gtp0 entered promiscuous mode [ 222.119596][ T6538] netlink: 8 bytes leftover after parsing attributes in process `syz.1.590'. [ 222.190566][ T6547] tipc: Failed to remove unknown binding: 66,1,1/2886997162:131530045/131530046 [ 222.782034][ T4393] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 223.027382][ T6555] loop1: detected capacity change from 0 to 64 [ 226.660849][ T6595] loop2: detected capacity change from 0 to 128 [ 227.379133][ T6601] tipc: Enabled bearer , priority 0 [ 227.440917][ T6601] device syzkaller0 entered promiscuous mode [ 227.645996][ T6601] tipc: Resetting bearer [ 227.653242][ T6600] tipc: Resetting bearer [ 229.393621][ T6613] loop3: detected capacity change from 0 to 512 [ 229.638059][ T6613] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2818: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 229.653698][ T6600] tipc: Disabling bearer [ 229.656555][ T6613] EXT4-fs (loop3): 1 truncate cleaned up [ 229.663140][ T6613] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 231.033320][ T4311] EXT4-fs (loop3): unmounting filesystem. [ 231.374401][ T6620] loop2: detected capacity change from 0 to 32768 [ 231.448592][ T6620] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 231.451661][ T6620] BTRFS info (device loop2): using crc32c (crc32c-generic) checksum algorithm [ 231.457580][ T6620] BTRFS info (device loop2): use zlib compression, level 3 [ 231.468943][ T6620] BTRFS info (device loop2): using free space tree [ 232.039964][ T6620] BTRFS info (device loop2): enabling ssd optimizations [ 235.043581][ T4307] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 235.332627][ T6734] netlink: 4 bytes leftover after parsing attributes in process `syz.0.630'. [ 235.346168][ T6736] loop3: detected capacity change from 0 to 1024 [ 236.065298][ T6736] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 237.969544][ T4311] EXT4-fs (loop3): unmounting filesystem. [ 240.605209][ T6787] loop4: detected capacity change from 0 to 1024 [ 240.727202][ T6787] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 240.769525][ T6787] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 241.413873][ T6792] loop3: detected capacity change from 0 to 1764 [ 241.767228][ T4482] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 241.776209][ T4306] EXT4-fs (loop4): unmounting filesystem. [ 241.852613][ T6796] loop2: detected capacity change from 0 to 16 [ 241.868692][ T6796] erofs: (device loop2): mounted with root inode @ nid 36. [ 242.967246][ T6813] devtmpfs: Unknown parameter 'dirsyncâŽö€kÈá9Ä›‘Çk9X÷ð[GÓåñcN½13‰Ÿ”H¢ÿ“ðs³¡ä~ßv÷Ѹ¹ ÀßLû œŒ€‹Dì®” eOp°ªÁtÓCâ{7-`'«*ì+Ê×þk¹2¼WQÒ—N•EZ'£´r¼{½Ò¬Z¦èzÎ6Ì„¾e“Ubš±:ÔÃüú$#Cš6–[YÚH ^ŽBÌÇÌ@Éœøl !×/ŸJ±°åU¥£•“É8qÿ~µì­¶H7¢Ø‡#ïeªQRãÕ†NWXaò°–' [ 243.144657][ T6816] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 243.147250][ T6816] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 244.854294][ T6831] netlink: 28 bytes leftover after parsing attributes in process `syz.0.659'. [ 244.878650][ T6831] netlink: 8 bytes leftover after parsing attributes in process `syz.0.659'. [ 244.907120][ T6831] netlink: 'syz.0.659': attribute type 10 has an invalid length. [ 244.928366][ T6831] bridge0: port 3(team0) entered blocking state [ 244.955241][ T6831] bridge0: port 3(team0) entered disabled state [ 244.974366][ T6831] device team0 entered promiscuous mode [ 244.976085][ T6831] device team_slave_0 entered promiscuous mode [ 244.994405][ T6831] device team_slave_1 entered promiscuous mode [ 244.996814][ T6831] bridge0: port 3(team0) entered blocking state [ 244.998622][ T6831] bridge0: port 3(team0) entered forwarding state [ 245.025739][ T6834] netlink: 'syz.4.661': attribute type 4 has an invalid length. [ 245.297885][ T6847] loop4: detected capacity change from 0 to 512 [ 245.864485][ T6847] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 245.886138][ T6847] EXT4-fs (loop4): orphan cleanup on readonly fs [ 245.888318][ T6847] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #3: comm syz.4.664: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0) [ 245.900594][ T6847] EXT4-fs error (device loop4): ext4_quota_enable:7025: comm syz.4.664: Bad quota inode: 3, type: 0 [ 247.384476][ T6847] EXT4-fs warning (device loop4): ext4_enable_quotas:7066: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 247.438280][ T6847] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 247.448571][ T6847] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 247.611602][ T4306] EXT4-fs (loop4): unmounting filesystem. [ 247.629954][ T6868] loop3: detected capacity change from 0 to 512 [ 247.645999][ T6868] EXT4-fs: Ignoring removed mblk_io_submit option [ 247.647989][ T6868] EXT4-fs: Ignoring removed bh option [ 247.965164][ T6868] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 248.019642][ T6868] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 248.277346][ C1] vcan0: j1939_tp_rxtimer: 0x00000000f2bc2185: rx timeout, send abort [ 248.428509][ C1] vcan0: j1939_tp_rxtimer: 0x00000000bc983747: rx timeout, send abort [ 248.452672][ T6868] EXT4-fs (loop3): 1 truncate cleaned up [ 248.454279][ T6868] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 248.569989][ T4311] EXT4-fs (loop3): unmounting filesystem. [ 248.613339][ T6869] netlink: 4 bytes leftover after parsing attributes in process `syz.2.671'. [ 248.830507][ T2059] ieee802154 phy0 wpan0: encryption failed: -22 [ 248.833870][ T2059] ieee802154 phy1 wpan1: encryption failed: -22 [ 249.468470][ C1] vcan0: j1939_tp_rxtimer: 0x00000000f2bc2185: abort rx timeout. Force session deactivation [ 249.471655][ C1] vcan0: j1939_tp_rxtimer: 0x00000000bc983747: abort rx timeout. Force session deactivation [ 252.246973][ T6906] loop4: detected capacity change from 0 to 1024 [ 252.261984][ T6906] EXT4-fs: Ignoring removed oldalloc option [ 252.271777][ T6906] EXT4-fs: Ignoring removed nobh option [ 252.273286][ T6906] EXT4-fs: Ignoring removed bh option [ 252.309430][ T6906] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 252.350859][ T6906] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 253.566814][ T4306] EXT4-fs (loop4): unmounting filesystem. [ 255.101187][ T6939] netlink: 8 bytes leftover after parsing attributes in process `syz.1.693'. [ 255.110099][ T6939] netlink: 'syz.1.693': attribute type 5 has an invalid length. [ 255.112430][ T6939] netlink: 28 bytes leftover after parsing attributes in process `syz.1.693'. [ 255.125924][ T6939] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 255.128237][ T6939] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 255.446750][ T6939] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 255.708015][ T6939] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 255.963979][ T6939] device geneve2 entered promiscuous mode [ 256.965498][ T5853] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 257.215700][ T6965] netlink: 28 bytes leftover after parsing attributes in process `syz.3.699'. [ 258.840711][ T6981] loop1: detected capacity change from 0 to 128 [ 258.916237][ T6981] EXT4-fs (loop1): Test dummy encryption mode enabled [ 260.446592][ T6977] loop3: detected capacity change from 0 to 1024 [ 260.452766][ T6981] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 260.477055][ T6981] netlink: 4 bytes leftover after parsing attributes in process `syz.1.704'. [ 260.493960][ T6977] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 260.531358][ T6981] netlink: 4 bytes leftover after parsing attributes in process `syz.1.704'. [ 260.615881][ T6993] loop4: detected capacity change from 0 to 512 [ 260.636443][ T6993] EXT4-fs: Ignoring removed mblk_io_submit option [ 260.639788][ T4574] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 260.660578][ T6993] EXT4-fs: inline encryption not supported [ 260.663214][ T6993] EXT4-fs: Ignoring removed mblk_io_submit option [ 260.665352][ T6993] EXT4-fs: Ignoring removed nomblk_io_submit option [ 260.854530][ T6993] EXT4-fs (loop4): Test dummy encryption mode enabled [ 261.037219][ T6993] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 261.412810][ T4305] EXT4-fs (loop1): unmounting filesystem. [ 261.453096][ T4311] EXT4-fs (loop3): unmounting filesystem. [ 261.456619][ T6993] EXT4-fs (loop4): 1 truncate cleaned up [ 261.458181][ T6993] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 261.500905][ T6993] fscrypt: AES-256-XTS using implementation "xts-aes-ce" [ 261.563168][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 261.563182][ T27] audit: type=1326 audit(746.524:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7003 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5ce28 code=0x7ffc0000 [ 261.581954][ T27] audit: type=1326 audit(746.524:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7003 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5ce28 code=0x7ffc0000 [ 261.623442][ T27] audit: type=1326 audit(746.584:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7003 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffffa8f5ce28 code=0x7ffc0000 [ 261.632131][ T27] audit: type=1326 audit(746.584:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7003 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5ce28 code=0x7ffc0000 [ 261.649232][ T4306] EXT4-fs (loop4): unmounting filesystem. [ 261.668782][ T27] audit: type=1326 audit(746.584:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7003 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5ce28 code=0x7ffc0000 [ 261.674948][ T27] audit: type=1326 audit(746.584:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7003 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffa8f5b354 code=0x7ffc0000 [ 261.735470][ T27] audit: type=1326 audit(746.584:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7003 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5ce28 code=0x7ffc0000 [ 261.755043][ T27] audit: type=1326 audit(746.584:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7003 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5ce28 code=0x7ffc0000 [ 261.761761][ T7007] netlink: 12 bytes leftover after parsing attributes in process `syz.0.711'. [ 261.786879][ T27] audit: type=1326 audit(746.584:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7003 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffa8f5ce28 code=0x7ffc0000 [ 261.827459][ T27] audit: type=1326 audit(746.584:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7003 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5ce28 code=0x7ffc0000 [ 262.300815][ T7016] loop4: detected capacity change from 0 to 16 [ 263.245879][ T7016] erofs: (device loop4): mounted with root inode @ nid 36. [ 263.412666][ T4322] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 263.420304][ T7016] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 263.426413][ T7016] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 263.430357][ T7016] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 263.434779][ T7016] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 264.281176][ T7037] input: syz1 as /devices/virtual/input/input2 [ 267.013938][ T4468] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 268.046480][ T4468] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 268.282913][ T7066] binder: 7065:7066 tried to acquire reference to desc 0, got 1 instead [ 268.369917][ T7066] loop3: detected capacity change from 0 to 1024 [ 268.546366][ T7066] binder: 7065:7066 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 268.586121][ T7066] binder: 7066 RLIMIT_NICE not set [ 268.587600][ T7066] binder: undelivered transaction 101, put_user failed [ 268.604222][ T7066] binder: 7065:7066 ioctl c0306201 20000180 returned -14 [ 268.624684][ T14] binder: undelivered TRANSACTION_COMPLETE [ 268.934239][ T7072] binder: 7071:7072 ioctl c00c620f 0 returned -14 [ 269.069155][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 269.092413][ T7077] netlink: 'syz.1.732': attribute type 1 has an invalid length. [ 269.182720][ T7077] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 269.196979][ T7082] TCP: tcp_parse_options: Illegal window scaling value 94 > 14 received [ 269.236147][ T7077] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface [ 269.309177][ T4296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 269.328181][ T7077] bond1 (unregistering): Released all slaves [ 270.355916][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 270.467610][ T7085] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 270.506049][ T7095] loop4: detected capacity change from 0 to 256 [ 270.771855][ T4482] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 271.295196][ T7095] binder: 7094:7095 tried to acquire reference to desc 0, got 1 instead [ 271.306782][ T4296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 271.389106][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 271.444401][ T4373] binder: undelivered transaction 106, process died. [ 271.458645][ T4373] binder: undelivered TRANSACTION_COMPLETE [ 271.646339][ T7118] loop4: detected capacity change from 0 to 512 [ 271.802696][ T7125] netlink: 12 bytes leftover after parsing attributes in process `syz.3.745'. [ 271.817042][ T4482] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 272.430252][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 272.621585][ T4296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 273.562754][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 273.708997][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 274.444624][ T7151] loop1: detected capacity change from 0 to 64 [ 275.059058][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 275.098502][ T7151] syz.1.751: attempt to access beyond end of device [ 275.098502][ T7151] loop1: rw=2049, sector=65, nr_sectors = 1 limit=64 [ 275.102268][ T7151] Buffer I/O error on dev loop1, logical block 65, lost async page write [ 275.104912][ T7151] syz.1.751: attempt to access beyond end of device [ 275.104912][ T7151] loop1: rw=2049, sector=66, nr_sectors = 1 limit=64 [ 275.108683][ T7151] Buffer I/O error on dev loop1, logical block 66, lost async page write [ 275.111439][ T7151] syz.1.751: attempt to access beyond end of device [ 275.111439][ T7151] loop1: rw=2049, sector=67, nr_sectors = 1 limit=64 [ 275.115209][ T7151] Buffer I/O error on dev loop1, logical block 67, lost async page write [ 275.117866][ T7151] syz.1.751: attempt to access beyond end of device [ 275.117866][ T7151] loop1: rw=2049, sector=68, nr_sectors = 1 limit=64 [ 275.121886][ T7151] Buffer I/O error on dev loop1, logical block 68, lost async page write [ 275.124597][ T7151] syz.1.751: attempt to access beyond end of device [ 275.124597][ T7151] loop1: rw=2049, sector=72, nr_sectors = 1 limit=64 [ 275.128335][ T7151] Buffer I/O error on dev loop1, logical block 72, lost async page write [ 275.130996][ T7151] syz.1.751: attempt to access beyond end of device [ 275.130996][ T7151] loop1: rw=2049, sector=73, nr_sectors = 1 limit=64 [ 275.134669][ T7151] Buffer I/O error on dev loop1, logical block 73, lost async page write [ 275.137380][ T7151] syz.1.751: attempt to access beyond end of device [ 275.137380][ T7151] loop1: rw=2049, sector=76, nr_sectors = 1 limit=64 [ 275.141282][ T7151] Buffer I/O error on dev loop1, logical block 76, lost async page write [ 275.143935][ T7151] syz.1.751: attempt to access beyond end of device [ 275.143935][ T7151] loop1: rw=2049, sector=77, nr_sectors = 1 limit=64 [ 275.147661][ T7151] Buffer I/O error on dev loop1, logical block 77, lost async page write [ 275.165479][ T7151] syz.1.751: attempt to access beyond end of device [ 275.165479][ T7151] loop1: rw=2049, sector=78, nr_sectors = 760 limit=64 [ 276.200406][ T4296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 276.214917][ T4468] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 276.498326][ T7165] netlink: 8 bytes leftover after parsing attributes in process `syz.4.754'. [ 276.719138][ T7168] netlink: 165 bytes leftover after parsing attributes in process `syz.1.763'. [ 277.311878][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 277.532881][ T7175] netlink: 'syz.3.758': attribute type 5 has an invalid length. [ 277.775377][ T7177] binder: 7174:7177 tried to acquire reference to desc 0, got 1 instead [ 278.350245][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 278.570409][ T7177] binder: 7174:7177 ioctl c0306201 200008c0 returned -14 [ 278.690936][ T4360] binder: undelivered transaction 113, process died. [ 278.712926][ T4360] binder: undelivered TRANSACTION_COMPLETE [ 279.393271][ T4589] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 279.597618][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 279.600710][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 279.659298][ T7192] binder: 7190:7192 tried to acquire reference to desc 0, got 1 instead [ 279.698278][ T4589] binder: undelivered TRANSACTION_COMPLETE [ 279.708589][ T4589] binder: undelivered TRANSACTION_COMPLETE [ 279.728673][ T4589] binder: undelivered transaction 123, process died. [ 279.730609][ T4589] binder: undelivered transaction 122, process died. [ 281.336512][ T1962] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 281.338910][ T1962] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 281.357826][ T7203] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 281.376849][ T7203] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 282.497493][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 282.685143][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 282.870447][ T7236] netlink: 'syz.2.774': attribute type 21 has an invalid length. [ 283.924167][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 284.066723][ T7244] netlink: 'syz.2.776': attribute type 1 has an invalid length. [ 284.103872][ T7244] 8021q: adding VLAN 0 to HW filter on device bond2 [ 284.145470][ T7244] bond2: (slave veth5): Enslaving as an active interface with a down link [ 284.177453][ T7244] device veth1 entered promiscuous mode [ 284.184509][ T7244] device veth1 left promiscuous mode [ 284.187759][ T7244] bond2: (slave vlan2): making interface the new active one [ 284.196509][ T7244] device veth1 entered promiscuous mode [ 284.199014][ T7244] device vlan2 entered promiscuous mode [ 284.204921][ T7244] bond2: (slave vlan2): Enslaving as an active interface with an up link [ 284.216095][ T5851] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready [ 285.025706][ T4589] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 285.264589][ T7259] tipc: Enabling of bearer rejected, failed to enable media [ 285.689637][ T7265] netlink: 12 bytes leftover after parsing attributes in process `syz.1.781'. [ 287.694673][ T7256] loop3: detected capacity change from 0 to 8192 [ 287.796528][ T7256] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 287.803257][ T7256] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 287.812393][ T7256] REISERFS (device loop3): using ordered data mode [ 287.814334][ T7256] reiserfs: using flush barriers [ 287.821492][ T7270] loop1: detected capacity change from 0 to 1024 [ 287.836006][ T1962] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 287.838880][ T4589] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 287.848614][ T7256] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 287.853221][ T7256] REISERFS (device loop3): checking transaction log (loop3) [ 287.862179][ T7256] REISERFS (device loop3): Using r5 hash to sort names [ 287.864315][ T7256] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 288.029910][ T7277] binder: 7274:7277 IncRefs 0 refcount change on invalid ref 0 ret -22 [ 288.068673][ T7256] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 288.072978][ T7256] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 288.075914][ T7256] REISERFS (device loop3): Remounting filesystem read-only [ 288.078002][ T7256] REISERFS error (device loop3): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 3 0x0 SD] stat data [ 288.086182][ T7275] binder: 7274:7275 got transaction to invalid handle, 1 [ 288.097759][ T7275] binder: 7275:7274 cannot find target node [ 288.099797][ T7275] binder: 7274:7275 transaction async to 0:0 failed 125/29201/-22, size 72-24 line 3054 [ 288.113186][ T4360] binder: undelivered TRANSACTION_ERROR: 29201 [ 288.733262][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 288.737598][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 288.766818][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 288.808252][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 288.838679][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 288.863381][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 288.866547][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 288.878570][ T7282] netlink: 12 bytes leftover after parsing attributes in process `syz.4.790'. [ 288.878642][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 288.898562][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 288.914574][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 288.924673][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 288.938020][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 288.942818][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 288.945880][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 288.956757][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 288.960958][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 288.965340][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 288.968274][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 288.980222][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 288.983197][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 288.987361][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 288.994034][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 288.998256][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 289.004453][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 289.160060][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 289.228238][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 289.304123][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 289.307228][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 289.358579][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 289.361474][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 289.921511][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 289.947154][ T55] hfsplus: b-tree write err: -5, ino 4 [ 290.079912][ T4589] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 290.378073][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 290.472719][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 290.475998][ T7280] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2 [ 290.483284][ T7280] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck? [ 290.536593][ T4296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 290.909194][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 291.399640][ T4296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 291.403105][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 293.435909][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 294.486633][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 294.558676][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 296.729044][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 296.731278][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 297.003722][ T7349] netlink: 'syz.0.813': attribute type 13 has an invalid length. [ 297.724457][ T7349] IPv6: ADDRCONF(NETDEV_CHANGE): syz_tun: link becomes ready [ 297.754836][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 297.789076][ T4589] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 297.816987][ T7357] loop3: detected capacity change from 0 to 512 [ 297.848078][ T7357] EXT4-fs: Ignoring removed nomblk_io_submit option [ 297.850219][ T7357] EXT4-fs: Ignoring removed nomblk_io_submit option [ 297.905182][ T7357] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 297.946015][ T7349] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 298.009209][ T7349] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 298.135827][ T7362] netlink: 'syz.4.803': attribute type 1 has an invalid length. [ 298.774922][ T7362] 8021q: adding VLAN 0 to HW filter on device bond1 [ 298.836187][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 298.962760][ T4311] EXT4-fs (loop3): unmounting filesystem. [ 298.981802][ T7365] bond1: (slave veth3): Enslaving as an active interface with a down link [ 299.013479][ T7373] device veth1 entered promiscuous mode [ 299.046021][ T7382] loop3: detected capacity change from 0 to 128 [ 299.183284][ T7384] netlink: 8 bytes leftover after parsing attributes in process `syz.1.819'. [ 299.221467][ T7373] device veth1 left promiscuous mode [ 300.753753][ T7382] FAT-fs (loop3): bogus number of FAT structure [ 300.767521][ T7373] bond1: (slave vlan2): making interface the new active one [ 300.779022][ T7382] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 300.781801][ T7382] FAT-fs (loop3): Can't find a valid FAT filesystem [ 300.786952][ T7373] device veth1 entered promiscuous mode [ 300.791837][ T7373] device vlan2 entered promiscuous mode [ 300.821818][ T7373] bond1: (slave vlan2): Enslaving as an active interface with an up link [ 300.838069][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 300.845003][ T7380] netlink: 12 bytes leftover after parsing attributes in process `syz.0.806'. [ 301.002780][ T7394] xt_bpf: check failed: parse error [ 301.041748][ T7384] IPVS: Unknown mcast interface: vcan0 [ 301.119756][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 301.238733][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 301.453947][ T7403] CIFS mount error: No usable UNC path provided in device string! [ 301.453947][ T7403] [ 301.456872][ T7403] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 303.013593][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.110961][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.206138][ T7431] netlink: 'syz.3.822': attribute type 4 has an invalid length. [ 304.259547][ T7434] netlink: 'syz.3.822': attribute type 4 has an invalid length. [ 304.270704][ T4381] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.613428][ T7446] sch_tbf: burst 1821 is lower than device lo mtu (65550) ! [ 306.242782][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 306.448882][ T7457] netlink: 12 bytes leftover after parsing attributes in process `syz.0.824'. [ 306.620798][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 306.909353][ T7495] loop3: detected capacity change from 0 to 2048 [ 306.943756][ T7495] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 307.572997][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 307.620799][ T4296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 307.623512][ T4296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 307.628596][ T4562] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 307.634124][ T1962] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 308.807387][ T4360] net_ratelimit: 1 callbacks suppressed [ 308.807402][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 308.950772][ T7519] loop2: detected capacity change from 0 to 512 [ 308.969184][ T7519] EXT2-fs (loop2): warning: feature flags set on rev 0 fs, running e2fsck is recommended [ 308.976677][ T7519] EXT2-fs (loop2): error: couldn't mount RDWR because of unsupported optional features (1000000) [ 309.194082][ T7531] loop3: detected capacity change from 0 to 1024 [ 309.396688][ T7534] loop2: detected capacity change from 0 to 512 [ 309.407100][ T7534] EXT4-fs: Ignoring removed nomblk_io_submit option [ 309.420379][ T7534] EXT4-fs: Ignoring removed nomblk_io_submit option [ 309.848553][ T1578] device vlan2 left promiscuous mode [ 310.090667][ T7534] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 310.134667][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 310.155176][ T5845] hfsplus: b-tree write err: -5, ino 4 [ 310.383229][ T4381] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 311.021175][ T2059] ieee802154 phy0 wpan0: encryption failed: -22 [ 311.512912][ T1962] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 311.515304][ T2059] ieee802154 phy1 wpan1: encryption failed: -22 [ 311.575890][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 311.578131][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 313.119550][ T4589] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 315.047002][ T7581] loop4: detected capacity change from 0 to 512 [ 315.071679][ T4589] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 315.075762][ T1962] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 315.082851][ T7581] EXT4-fs: Ignoring removed mblk_io_submit option [ 315.084604][ T7581] EXT4-fs: Ignoring removed bh option [ 315.098836][ T7581] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 315.102052][ T7581] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 315.164344][ T7581] EXT4-fs (loop4): 1 truncate cleaned up [ 315.166174][ T7581] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 315.213762][ T4306] EXT4-fs (loop4): unmounting filesystem. [ 315.546959][ T7594] loop2: detected capacity change from 0 to 16 [ 315.578723][ T7594] erofs: (device loop2): mounted with root inode @ nid 36. [ 317.301257][ T4322] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 317.375133][ T7596] loop4: detected capacity change from 0 to 1024 [ 317.509195][ T4589] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.200540][ T4296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.499926][ T4530] hfsplus: b-tree write err: -5, ino 4 [ 318.589270][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 321.026575][ T4468] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 322.036341][ T4468] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 322.255930][ T1962] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 322.264744][ T4374] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 322.281771][ T1962] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 323.308769][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 323.347078][ T4589] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 324.384246][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 324.415745][ T7648] loop4: detected capacity change from 0 to 64 [ 325.929779][ T4589] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 326.183738][ T7660] netlink: 8 bytes leftover after parsing attributes in process `syz.2.874'. [ 326.221050][ T7660] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 326.291174][ T1962] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 326.782953][ T7669] input: syz1 as /devices/virtual/input/input3 [ 327.843738][ T4322] Bluetooth: hci2: command 0x2016 tx timeout [ 327.894901][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 328.246977][ T7673] netlink: 4 bytes leftover after parsing attributes in process `syz.2.874'. [ 328.965856][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 329.194535][ T11] device vlan2 left promiscuous mode [ 329.418680][ T4438] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 330.203156][ T4468] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 331.059893][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 331.230187][ T4589] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 334.527404][ T7724] loop1: detected capacity change from 0 to 64 [ 334.647322][ T4374] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 334.656703][ T4374] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 334.671597][ T5853] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 334.675032][ T4438] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 334.680720][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 334.720048][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 335.543494][ T7733] loop3: detected capacity change from 0 to 2048 [ 335.813113][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 336.489454][ T7748] input: syz1 as /devices/virtual/input/input4 [ 336.930394][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 336.960564][ T7744] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 337.456363][ T7758] dccp_invalid_packet: P.Data Offset(0) too small [ 338.174318][ T4381] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 340.459660][ T4574] net_ratelimit: 2 callbacks suppressed [ 340.459674][ T4574] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 340.465088][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 340.525284][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 340.670212][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 341.989291][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 343.304213][ T4468] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 344.001495][ T4381] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 344.098482][ T7825] overlayfs: failed to clone upperpath [ 344.349945][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 344.777312][ T4374] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 344.865304][ T7826] tipc: Enabling of bearer rejected, failed to enable media [ 346.183242][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 346.355874][ T7847] Cannot find set identified by id 0 to match [ 347.428783][ T4374] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 347.445030][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 347.583443][ T7839] bridge0: port 3(team0) entered disabled state [ 347.585541][ T7839] bridge0: port 2(bridge_slave_1) entered disabled state [ 347.587751][ T7839] bridge0: port 1(bridge_slave_0) entered disabled state [ 349.664124][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 350.581859][ T4309] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 350.670010][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 351.193427][ T1962] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 352.256197][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 352.302839][ T7839] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 352.339793][ T7839] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 352.754396][ T7839] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.756904][ T7839] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.759567][ T7839] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.761940][ T7839] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 353.090406][ T7839] device batadv0 left promiscuous mode [ 353.143620][ T7845] netlink: 48 bytes leftover after parsing attributes in process `syz.3.923'. [ 353.146181][ T7845] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 353.148261][ T7845] IPv6: NLM_F_CREATE should be set when creating new route [ 353.163962][ T7893] netlink: 8 bytes leftover after parsing attributes in process `syz.1.935'. [ 353.170381][ T7893] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 353.174015][ T7894] netlink: 36 bytes leftover after parsing attributes in process `syz.1.935'. [ 353.178777][ T7894] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 353.328252][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 354.512957][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 354.559502][ T4374] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 354.562085][ T4374] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 354.751167][ T7940] loop3: detected capacity change from 0 to 2048 [ 354.795451][ T7940] NILFS (loop3): invalid segment: Magic number mismatch [ 354.797567][ T7940] NILFS (loop3): trying rollback from an earlier position [ 354.850012][ T7940] NILFS (loop3): recovery complete [ 355.029291][ T7946] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 355.249783][ T4322] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 355.854502][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 356.508087][ T7959] overlayfs: upper fs does not support tmpfile. [ 356.510281][ T7959] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 356.512185][ T7959] overlayfs: failed to set xattr on upper [ 356.909308][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 357.772176][ T4374] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 357.992080][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 358.136142][ T7970] loop3: detected capacity change from 0 to 512 [ 358.180308][ T7970] EXT4-fs: Ignoring removed nomblk_io_submit option [ 358.182228][ T7970] EXT4-fs: Ignoring removed bh option [ 358.207837][ T7970] journal_path: Lookup failure for './file0' [ 358.215343][ T7970] EXT4-fs: error: could not find journal device path [ 360.615229][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 360.828716][ T4374] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 361.845131][ T7972] netlink: 32 bytes leftover after parsing attributes in process `syz.2.956'. [ 362.048683][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 362.440296][ T8002] serio: Serial port pts0 [ 362.528301][ T7986] loop1: detected capacity change from 0 to 40427 [ 362.545565][ T7986] F2FS-fs (loop1): invalid crc value [ 362.551230][ T7986] F2FS-fs (loop1): Found nat_bits in checkpoint [ 362.597927][ T7986] F2FS-fs (loop1): Start checkpoint disabled! [ 362.673157][ T8005] loop4: detected capacity change from 0 to 2048 [ 362.715463][ T8005] NILFS (loop4): invalid segment: Magic number mismatch [ 362.725490][ T8005] NILFS (loop4): trying rollback from an earlier position [ 362.746229][ T7986] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 362.781500][ T8005] NILFS (loop4): recovery complete [ 362.786657][ T8010] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 364.274886][ T4594] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 364.277526][ T4594] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 364.407175][ T4393] kworker/u4:5: attempt to access beyond end of device [ 364.407175][ T4393] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 364.631716][ T4468] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 364.795311][ T8022] overlayfs: upper fs does not support tmpfile. [ 364.797349][ T8022] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 364.799438][ T8022] overlayfs: failed to set xattr on upper [ 365.711120][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 367.068905][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 367.495263][ T8039] binder: 8037:8039 tried to acquire reference to desc 0, got 1 instead [ 367.690674][ T8039] binder: 8037:8039 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 367.694308][ T8039] binder: 8039 RLIMIT_NICE not set [ 367.695690][ T8039] binder: 8039 RLIMIT_NICE not set [ 367.715908][ T8042] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 367.719096][ T8042] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 367.721621][ T8042] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 367.724007][ T8042] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 367.756008][ T4594] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 368.050221][ T8042] bond0: (slave vxlan0): Enslaving as an active interface with an up link [ 368.051312][ T8039] binder: 8037:8039 got reply transaction with no transaction stack [ 368.078508][ T8039] binder: 8037:8039 transaction reply to 0:0 failed 131/29201/-71, size 0-0 line 2955 [ 368.518960][ T4468] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 368.535502][ T4468] binder: undelivered TRANSACTION_ERROR: 29201 [ 368.537396][ T4468] binder: release 8037:8044 transaction 130 out, still active [ 368.539434][ T4468] binder: undelivered TRANSACTION_COMPLETE [ 368.658543][ T4468] binder: release 8037:8039 transaction 130 in, still active [ 368.660973][ T4468] binder: send failed reply for transaction 130, target dead [ 368.742723][ T8054] loop2: detected capacity change from 0 to 512 [ 368.745256][ T8054] EXT4-fs: Ignoring removed nomblk_io_submit option [ 368.747134][ T8054] EXT4-fs: Ignoring removed bh option [ 368.778805][ T8054] journal_path: Lookup failure for './file0' [ 368.780663][ T8054] EXT4-fs: error: could not find journal device path [ 369.982130][ T4468] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 369.988739][ T4299] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 370.682294][ T8075] netlink: 4 bytes leftover after parsing attributes in process `syz.1.982'. [ 370.941628][ T7909] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 370.988919][ T4468] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 371.896724][ T2059] ieee802154 phy0 wpan0: encryption failed: -22 [ 371.898605][ T2059] ieee802154 phy1 wpan1: encryption failed: -22 [ 372.247526][ T8087] netlink: 'syz.4.988': attribute type 11 has an invalid length. [ 372.274837][ T8091] loop1: detected capacity change from 0 to 512 [ 372.299144][ T8091] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 372.344500][ T8091] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ee018, mo2=0002] [ 372.346874][ T8091] System zones: 1-12 [ 372.355919][ T8091] EXT4-fs (loop1): 1 truncate cleaned up [ 372.357529][ T8091] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 372.540272][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 373.621840][ T8105] netlink: 76 bytes leftover after parsing attributes in process `syz.0.991'. [ 373.911727][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 373.957193][ T4305] EXT4-fs (loop1): unmounting filesystem. [ 374.010925][ T4594] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 374.015663][ T7909] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 375.027680][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 375.654315][ T8121] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready [ 376.672357][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 377.717641][ T7909] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 378.078744][ T4360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 378.230864][ T8153] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 378.233725][ T8153] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 378.236388][ T8153] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 378.539359][ T8162] xt_hashlimit: overflow, try lower: 18446744073709551615/255 [ 382.503634][ T4322] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 382.506490][ T4322] Bluetooth: hci4: Injecting HCI hardware error event [ 382.650718][ T4309] Bluetooth: hci4: hardware error 0x00 [ 382.771495][ T8200] loop3: detected capacity change from 0 to 512 [ 382.927574][ T8200] EXT4-fs (loop3): orphan cleanup on readonly fs [ 382.937527][ T8200] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1022: bg 0: block 248: padding at end of block bitmap is not set [ 384.250193][ T8200] __quota_error: 22 callbacks suppressed [ 384.250209][ T8200] Quota error (device loop3): write_blk: dquota write failed [ 384.254176][ T8200] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 384.258043][ T8200] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.1022: Failed to acquire dquot type 1 [ 384.267999][ T8200] EXT4-fs (loop3): 1 truncate cleaned up [ 384.337426][ T8200] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 384.538294][ T8223] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 384.645915][ T8226] loop2: detected capacity change from 0 to 8 [ 384.654084][ T8226] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 384.736083][ T8226] cramfs: Error -5 while decompressing! [ 384.737766][ T8226] cramfs: 0000000016a2a582(26)->00000000361f50d6(4096) [ 384.739956][ T8226] cramfs: Error -3 while decompressing! [ 384.741483][ T8226] cramfs: 00000000d53381d8(26)->00000000bedb942e(4096) [ 384.743507][ T8226] cramfs: Error -3 while decompressing! [ 384.745080][ T8226] cramfs: 00000000ca30070c(16)->00000000e4a86fd7(4096) [ 384.747598][ T8226] cramfs: Error -5 while decompressing! [ 384.749327][ T8226] cramfs: 0000000016a2a582(26)->00000000361f50d6(4096) [ 385.379904][ T8223] EXT4-fs (loop3): re-mounted. Quota mode: writeback. [ 385.608843][ T8233] Quota error (device loop3): do_check_range: Getting block 1536 out of range 0-5 [ 386.690938][ T8200] could not allocate digest TFM handle sha1-ssse3 [ 386.717925][ T8244] xt_CT: You must specify a L4 protocol and not use inversions on it [ 388.069874][ T4309] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 388.097564][ T4311] EXT4-fs (loop3): unmounting filesystem. [ 389.218565][ T8262] netlink: 'syz.0.1045': attribute type 1 has an invalid length. [ 389.916214][ T8266] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0 [ 389.926451][ T8266] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0 [ 389.929088][ T8266] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0 [ 389.931904][ T8266] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0 [ 389.937961][ T8266] bond1: (slave geneve2): making interface the new active one [ 389.942341][ T8266] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 389.953201][ T8258] loop1: detected capacity change from 0 to 4096 [ 389.990358][ T8258] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 390.005022][ T8258] ntfs3: loop1: try to read out of volume at offset 0x3fffffc0c00 [ 390.008807][ T8262] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 390.016089][ T8258] ntfs3: loop1: try to read out of volume at offset 0x3fffffc0c00 [ 390.031457][ T8258] ntfs3: loop1: try to read out of volume at offset 0x3fffffc0c00 [ 390.037604][ T8258] ntfs3: loop1: try to read out of volume at offset 0x3fffffc0c00 [ 390.112920][ T8258] ntfs3: loop1: try to read out of volume at offset 0x3fffffc1c00 [ 390.115163][ T8258] ntfs3: loop1: try to read out of volume at offset 0x3fffffc2c00 [ 390.117323][ T8258] ntfs3: loop1: try to read out of volume at offset 0x3fffffc4c00 [ 390.164954][ T8258] ntfs3: loop1: try to read out of volume at offset 0x3fffffc8c00 [ 390.167365][ T8258] ntfs3: loop1: try to read out of volume at offset 0x3fffffd0c00 [ 390.175251][ T8276] loop3: detected capacity change from 0 to 512 [ 390.177734][ T8276] EXT4-fs: Ignoring removed orlov option [ 390.222681][ T8276] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 391.609933][ T8276] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002] [ 391.649392][ T8276] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.1037: corrupted in-inode xattr [ 391.686794][ T8276] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1037: couldn't read orphan inode 15 (err -117) [ 391.701446][ T8276] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 392.848151][ T8298] loop4: detected capacity change from 0 to 64 [ 393.114440][ T4311] EXT4-fs (loop3): unmounting filesystem. [ 394.761973][ T27] audit: type=1326 audit(879.714:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8316 comm="syz.4.1049" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d35ce28 code=0x0 [ 394.782071][ T8315] xt_bpf: check failed: parse error [ 395.145730][ T8322] loop1: detected capacity change from 0 to 32768 [ 395.782310][ T8322] XFS (loop1): Mounting V5 Filesystem [ 395.790838][ T8330] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 395.803659][ T8330] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 395.843917][ T8330] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 395.846314][ T8330] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 395.870579][ T8322] XFS (loop1): Ending clean mount [ 395.913383][ T4305] XFS (loop1): Unmounting Filesystem [ 397.482125][ T4530] bond2: (slave vlan2): link status definitely down, disabling slave [ 397.484968][ T4530] bond2: now running without any active interface! [ 398.809154][ T8366] loop2: detected capacity change from 0 to 1024 [ 400.285370][ T8366] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 400.714715][ T8388] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1055'. [ 400.731946][ T8388] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1055'. [ 401.635708][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 401.641265][ T8400] binder: 8397:8400 tried to acquire reference to desc 0, got 1 instead [ 401.668370][ T8400] binder: 8397:8400 got transaction with invalid data ptr [ 401.670836][ T8400] binder: 8397:8400 transaction async to 8397:0 failed 137/29201/-14, size 0-24 line 3342 [ 403.423638][ T4589] binder: undelivered TRANSACTION_ERROR: 29201 [ 403.741321][ T8400] syz.1.1070 (8400): drop_caches: 2 [ 404.698692][ T8438] loop2: detected capacity change from 0 to 256 [ 404.765124][ T8438] FAT-fs (loop2): Directory bread(block 64) failed [ 404.767211][ T8438] FAT-fs (loop2): Directory bread(block 65) failed [ 404.769672][ T8438] FAT-fs (loop2): Directory bread(block 66) failed [ 404.771717][ T8438] FAT-fs (loop2): Directory bread(block 67) failed [ 404.774084][ T8438] FAT-fs (loop2): Directory bread(block 68) failed [ 404.776141][ T8438] FAT-fs (loop2): Directory bread(block 69) failed [ 404.778358][ T8438] FAT-fs (loop2): Directory bread(block 70) failed [ 404.780530][ T8438] FAT-fs (loop2): Directory bread(block 71) failed [ 404.782838][ T8438] FAT-fs (loop2): Directory bread(block 72) failed [ 404.784900][ T8438] FAT-fs (loop2): Directory bread(block 73) failed [ 407.261235][ T8452] loop3: detected capacity change from 0 to 8 [ 407.263662][ T8452] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 407.359802][ T8452] cramfs: Error -5 while decompressing! [ 407.361520][ T8452] cramfs: 00000000426ee7d2(26)->000000003f6332f8(4096) [ 407.363871][ T8452] cramfs: Error -3 while decompressing! [ 407.365543][ T8452] cramfs: 00000000d3940985(26)->00000000956ce50c(4096) [ 407.367665][ T8452] cramfs: Error -3 while decompressing! [ 407.369318][ T8452] cramfs: 0000000069af0e38(16)->0000000079d8fdda(4096) [ 407.371796][ T8452] cramfs: Error -5 while decompressing! [ 407.373441][ T8452] cramfs: 00000000426ee7d2(26)->000000003f6332f8(4096) [ 407.875684][ T8453] loop4: detected capacity change from 0 to 1024 [ 407.878055][ T8453] EXT4-fs: Ignoring removed nobh option [ 407.886890][ T4299] udevd[4299]: incorrect cramfs checksum on /dev/loop3 [ 407.908627][ T8453] EXT4-fs: Ignoring removed oldalloc option [ 407.921191][ T8453] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 408.059014][ T8453] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 408.688326][ T4306] EXT4-fs (loop4): unmounting filesystem. [ 408.928218][ T8483] loop4: detected capacity change from 0 to 2048 [ 408.952897][ T8483] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 409.745858][ T8486] netlink: 'syz.0.1092': attribute type 1 has an invalid length. [ 409.850508][ T8487] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 411.104331][ T8486] device veth3 entered promiscuous mode [ 411.126313][ T8486] bond2: (slave veth3): Enslaving as a backup interface with a down link [ 412.868834][ T8517] loop4: detected capacity change from 0 to 8 [ 412.871265][ T8517] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 412.983432][ T8517] cramfs: Error -5 while decompressing! [ 412.985147][ T8517] cramfs: 0000000016a2a582(26)->000000005b9107f2(4096) [ 412.987413][ T8517] cramfs: Error -3 while decompressing! [ 412.989167][ T8517] cramfs: 00000000d53381d8(26)->00000000dd02d24f(4096) [ 412.991292][ T8517] cramfs: Error -3 while decompressing! [ 412.992903][ T8517] cramfs: 00000000ca30070c(16)->00000000d5059171(4096) [ 412.995484][ T8517] cramfs: Error -5 while decompressing! [ 412.997051][ T8517] cramfs: 0000000016a2a582(26)->000000005b9107f2(4096) [ 413.802488][ T4482] udevd[4482]: incorrect cramfs checksum on /dev/loop4 [ 415.445652][ T8537] loop3: detected capacity change from 0 to 1024 [ 416.425887][ T8544] loop1: detected capacity change from 0 to 256 [ 416.483187][ T8544] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 416.486600][ T8544] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 416.643281][ T8544] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 416.905954][ T4526] hfsplus: b-tree write err: -5, ino 4 [ 417.835654][ T8561] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1112'. [ 419.208469][ T8572] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1115'. [ 419.253433][ T8572] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1115'. [ 420.106056][ T8580] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1117'. [ 420.832529][ T8594] loop4: detected capacity change from 0 to 1024 [ 422.218561][ T5845] hfsplus: b-tree write err: -5, ino 4 [ 422.552947][ T8589] loop1: detected capacity change from 0 to 1024 [ 422.699803][ T8589] hfsplus: unable to load nls mapping "koi8-" [ 422.702293][ T8589] hfsplus: unable to parse mount options [ 422.827938][ T8605] tipc: Started in network mode [ 422.829500][ T8605] tipc: Node identity 42f0a0fcdb9, cluster identity 4711 [ 422.831646][ T8605] tipc: Enabled bearer , priority 0 [ 422.834142][ T8605] device syzkaller0 entered promiscuous mode [ 424.041061][ T4360] tipc: Node number set to 2573246716 [ 425.020629][ T8611] tipc: Resetting bearer [ 425.023060][ T8615] netlink: 'syz.0.1127': attribute type 21 has an invalid length. [ 425.108750][ T8601] tipc: Resetting bearer [ 425.300702][ T8624] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 425.307582][ T8624] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 426.841592][ T8601] tipc: Disabling bearer [ 430.103648][ T8651] Bluetooth: hci0: Opcode 0x080f failed: -4 [ 430.222058][ T8658] tipc: Enabled bearer , priority 0 [ 430.225061][ T8658] device syzkaller0 entered promiscuous mode [ 430.421337][ T8665] tipc: Resetting bearer [ 430.448975][ T8655] tipc: Resetting bearer [ 432.129879][ T8655] tipc: Disabling bearer [ 432.995099][ T8700] loop2: detected capacity change from 0 to 64 [ 432.997830][ T8700] hfs: unable to parse mount options [ 433.763746][ T2059] ieee802154 phy0 wpan0: encryption failed: -22 [ 433.765676][ T2059] ieee802154 phy1 wpan1: encryption failed: -22 [ 434.066004][ T8688] loop1: detected capacity change from 0 to 32768 [ 434.141246][ T8688] XFS (loop1): Mounting V5 Filesystem [ 434.194925][ T8688] XFS (loop1): Ending clean mount [ 434.357588][ T8700] loop2: detected capacity change from 0 to 32768 [ 434.459147][ T8700] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 434.580403][ T8697] loop3: detected capacity change from 0 to 4096 [ 434.599197][ T8697] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 0) do not match. Run ntfsfix or chkdsk. [ 434.602583][ T8697] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 434.616234][ T8700] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 434.631963][ T8697] ntfs: volume version 3.1. [ 434.646054][ T8697] ntfs: (device loop3): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 434.675562][ T8697] ntfs: (device loop3): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 435.443408][ T4305] XFS (loop1): Unmounting Filesystem [ 435.569522][ T8699] ocfs2: Unmounting device (7,2) on (node local) [ 438.685984][ T8745] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 438.706336][ T8745] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 442.288702][ T8763] loop1: detected capacity change from 0 to 8192 [ 443.353861][ T8775] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1171'. [ 443.378620][ T8775] bridge0: port 2(bridge_slave_1) entered disabled state [ 443.382193][ T8775] bridge0: port 1(bridge_slave_0) entered disabled state [ 444.435966][ T8789] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1175'. [ 445.096789][ T8791] loop1: detected capacity change from 0 to 128 [ 447.826444][ T8805] loop4: detected capacity change from 0 to 64 [ 448.007522][ T4297] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 448.167663][ T8815] loop3: detected capacity change from 0 to 64 [ 449.186220][ T8820] tipc: Enabled bearer , priority 0 [ 449.209217][ T8820] device syzkaller0 entered promiscuous mode [ 449.331345][ T8823] tipc: Resetting bearer [ 449.344215][ T8819] tipc: Resetting bearer [ 449.417824][ T8805] loop4: detected capacity change from 0 to 32768 [ 449.448086][ T8805] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.1181 (8805) [ 449.483919][ T8805] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 449.497946][ T8805] BTRFS info (device loop4): using crc32c (crc32c-generic) checksum algorithm [ 449.508939][ T8805] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 449.512030][ T8805] BTRFS info (device loop4): use zstd compression, level 3 [ 449.514019][ T8805] BTRFS info (device loop4): using free space tree [ 449.539424][ T8819] tipc: Disabling bearer [ 449.767533][ T27] audit: type=1326 audit(934.724:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.3.1189" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5ce28 code=0x7ffc0000 [ 449.785126][ T27] audit: type=1326 audit(934.724:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.3.1189" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5ce28 code=0x7ffc0000 [ 449.795195][ T8805] BTRFS info (device loop4): enabling ssd optimizations [ 449.849123][ T27] audit: type=1326 audit(934.724:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.3.1189" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffa8f5ce28 code=0x7ffc0000 [ 449.921167][ T27] audit: type=1326 audit(934.724:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.3.1189" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5ce28 code=0x7ffc0000 [ 450.024532][ T27] audit: type=1326 audit(934.744:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.3.1189" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5ce28 code=0x7ffc0000 [ 450.646666][ T4306] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 450.979911][ T8859] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 452.597054][ T8878] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1199'. [ 452.816986][ T8883] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1200'. [ 453.135310][ T8876] ieee802154 phy0 wpan0: encryption failed: -22 [ 453.671095][ T8883] bond0: (slave bond_slave_1): Releasing backup interface [ 456.119470][ T8909] tipc: Enabling of bearer rejected, failed to enable media [ 456.345707][ T8910] loop1: detected capacity change from 0 to 40427 [ 456.351956][ T8910] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 456.354119][ T8910] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 456.357712][ T8910] F2FS-fs (loop1): invalid crc value [ 456.405967][ T8910] F2FS-fs (loop1): Found nat_bits in checkpoint [ 456.600602][ T8910] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 456.602767][ T8910] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 457.520732][ T8933] tipc: Enabled bearer , priority 0 [ 457.717438][ T8939] device syzkaller0 entered promiscuous mode [ 459.031178][ T8949] tipc: Resetting bearer [ 459.059811][ T8932] tipc: Resetting bearer [ 460.709195][ T8932] tipc: Disabling bearer [ 461.577087][ T8951] tipc: Enabled bearer , priority 0 [ 461.587794][ T8960] device syzkaller0 entered promiscuous mode [ 461.600809][ T8965] netlink: 'syz.2.1216': attribute type 10 has an invalid length. [ 462.618062][ T8993] loop1: detected capacity change from 0 to 256 [ 462.629445][ T8963] netlink: 'syz.2.1216': attribute type 10 has an invalid length. [ 462.642288][ T8993] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 462.645408][ T8993] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 462.652937][ T8993] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 462.735741][ T8981] tipc: Enabling of bearer rejected, failed to enable media [ 462.934335][ T9001] tipc: Enabling of bearer rejected, failed to enable media [ 463.925068][ T9011] loop4: detected capacity change from 0 to 64 [ 464.363872][ T9011] syz.4.1230: attempt to access beyond end of device [ 464.363872][ T9011] loop4: rw=2049, sector=65, nr_sectors = 1 limit=64 [ 464.367691][ T9011] Buffer I/O error on dev loop4, logical block 65, lost async page write [ 464.370414][ T9011] syz.4.1230: attempt to access beyond end of device [ 464.370414][ T9011] loop4: rw=2049, sector=66, nr_sectors = 1 limit=64 [ 464.374297][ T9011] Buffer I/O error on dev loop4, logical block 66, lost async page write [ 464.377025][ T9011] syz.4.1230: attempt to access beyond end of device [ 464.377025][ T9011] loop4: rw=2049, sector=67, nr_sectors = 1 limit=64 [ 464.380831][ T9011] Buffer I/O error on dev loop4, logical block 67, lost async page write [ 464.383585][ T9011] syz.4.1230: attempt to access beyond end of device [ 464.383585][ T9011] loop4: rw=2049, sector=68, nr_sectors = 1 limit=64 [ 464.387273][ T9011] Buffer I/O error on dev loop4, logical block 68, lost async page write [ 464.390097][ T9011] syz.4.1230: attempt to access beyond end of device [ 464.390097][ T9011] loop4: rw=2049, sector=72, nr_sectors = 1 limit=64 [ 464.394052][ T9011] Buffer I/O error on dev loop4, logical block 72, lost async page write [ 464.396682][ T9011] syz.4.1230: attempt to access beyond end of device [ 464.396682][ T9011] loop4: rw=2049, sector=73, nr_sectors = 1 limit=64 [ 464.400512][ T9011] Buffer I/O error on dev loop4, logical block 73, lost async page write [ 464.403304][ T9011] syz.4.1230: attempt to access beyond end of device [ 464.403304][ T9011] loop4: rw=2049, sector=76, nr_sectors = 1 limit=64 [ 464.407133][ T9011] Buffer I/O error on dev loop4, logical block 76, lost async page write [ 464.409938][ T9011] syz.4.1230: attempt to access beyond end of device [ 464.409938][ T9011] loop4: rw=2049, sector=77, nr_sectors = 1 limit=64 [ 464.413458][ T9011] Buffer I/O error on dev loop4, logical block 77, lost async page write [ 464.430028][ T9011] syz.4.1230: attempt to access beyond end of device [ 464.430028][ T9011] loop4: rw=2049, sector=78, nr_sectors = 760 limit=64 [ 465.716620][ T9028] delete_channel: no stack [ 465.733435][ T9028] loop1: detected capacity change from 0 to 2048 [ 465.820382][ T9028] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 467.203049][ T9037] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 467.206155][ T9037] Mem abort info: [ 467.207201][ T9037] ESR = 0x0000000086000006 [ 467.208584][ T9037] EC = 0x21: IABT (current EL), IL = 32 bits [ 467.210426][ T9037] SET = 0, FnV = 0 [ 467.211574][ T9037] EA = 0, S1PTW = 0 [ 467.212675][ T9037] FSC = 0x06: level 2 translation fault [ 467.214349][ T9037] user pgtable: 4k pages, 48-bit VAs, pgdp=000000011e801000 [ 467.216424][ T9037] [0000000000000000] pgd=0800000110a0d003, p4d=0800000110a0d003, pud=0800000142e46003, pmd=0000000000000000 [ 467.219999][ T9037] Internal error: Oops: 0000000086000006 [#1] PREEMPT SMP [ 467.221996][ T9037] Modules linked in: [ 467.223143][ T9037] CPU: 1 PID: 9037 Comm: syz.2.1239 Not tainted 6.1.147-syzkaller #0 [ 467.225514][ T9037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 467.228480][ T9037] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 467.230739][ T9037] pc : 0x0 [ 467.231606][ T9037] lr : bond_xdp_xmit+0x27c/0x45c [ 467.233052][ T9037] sp : ffff800021e17220 [ 467.234278][ T9037] x29: ffff800021e172e0 x28: 000000000000000f x27: ffff800021e17248 [ 467.236562][ T9037] x26: dfff800000000000 x25: ffff800012b56b98 x24: ffff0000f8dd0000 [ 467.238911][ T9037] x23: fffffbffeffb4300 x22: ffff0000d119c000 x21: fffffbffeffb4300 [ 467.241307][ T9037] x20: 0000000000000001 x19: 0000000000000000 x18: 0000000000000000 [ 467.243658][ T9037] x17: 0000000000000000 x16: ffff8000082d0ec4 x15: 0000000000000002 [ 467.245983][ T9037] x14: 0000000000000001 x13: 0000000000ff0100 x12: 0000000000080000 [ 467.248300][ T9037] x11: 0000000000004bc4 x10: ffff800024529000 x9 : ffff800021e17280 [ 467.250629][ T9037] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000 [ 467.252988][ T9037] x5 : 0000000000000000 x4 : 0000000000000008 x3 : 0000000000000001 [ 467.255240][ T9037] x2 : ffff800021e172a0 x1 : 0000000000000001 x0 : ffff0000f8dd0000 [ 467.257483][ T9037] Call trace: [ 467.258524][ T9037] 0x0 [ 467.259324][ T9037] bq_xmit_all+0xab0/0xf10 [ 467.260703][ T9037] __dev_flush+0xc4/0x18c [ 467.261941][ T9037] xdp_do_flush+0x14/0x28 [ 467.263170][ T9037] bpf_test_run_xdp_live+0x10e0/0x1544 [ 467.264773][ T9037] bpf_prog_test_run_xdp+0x560/0xb88 [ 467.266356][ T9037] bpf_prog_test_run+0x2dc/0x364 [ 467.267789][ T9037] __sys_bpf+0x4ec/0x634 [ 467.269068][ T9037] __arm64_sys_bpf+0x80/0x98 [ 467.270407][ T9037] invoke_syscall+0x98/0x2bc [ 467.271714][ T9037] el0_svc_common+0x138/0x258 [ 467.273047][ T9037] do_el0_svc+0x58/0x13c [ 467.274305][ T9037] el0_svc+0x58/0x138 [ 467.275490][ T9037] el0t_64_sync_handler+0x84/0xf0 [ 467.277034][ T9037] el0t_64_sync+0x18c/0x190 [ 467.278356][ T9037] Code: bad PC value [ 467.279480][ T9037] ---[ end trace 0000000000000000 ]--- [ 467.792898][ T9037] Kernel panic - not syncing: Oops: Fatal exception in interrupt [ 467.795208][ T9037] SMP: stopping secondary CPUs [ 467.796505][ T9037] Kernel Offset: disabled [ 467.797729][ T9037] CPU features: 0x080000,02070084,26017203 [ 467.799488][ T9037] Memory Limit: none [ 468.292769][ T9037] Rebooting in 86400 seconds..