last executing test programs: 9.030805431s ago: executing program 0 (id=838): unshare(0x62040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20) syz_emit_ethernet(0x8e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000", @ANYRES8], 0x0) 5.896562376s ago: executing program 0 (id=858): r0 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000040)='memory.pressure\x00', 0x2, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002600)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d162718e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a47c721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f664222000000000000000d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d808f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bff000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6197155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300000000000000000000000000002bd4b643dc57db1f6c1e8c5eb6b10d180521100b56003a45fc56fde2608305b03e5ef6218e28dad07c4b5b68ba788ff40a64c9c0dc2cfb3dbd94e80aaa6dd2616eed0f4d04a9a7d3259d4148686d356e085b4075e182f1ebda216013"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = socket$netlink(0x10, 0x3, 0x0) writev(r3, &(0x7f00000003c0), 0x0) writev(r3, &(0x7f0000000100)=[{&(0x7f00000000c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r4, 0x6, 0x4, 0x0, 0x0) ioctl$int_in(r4, 0x5452, &(0x7f0000000300)=0x208) bind$inet6(r4, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) r5 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10) write(r5, &(0x7f0000000000)="240000001a005f0214f9f4070009040081000000000000000100000004001e0001000000", 0x24) getsockname$packet(r5, &(0x7f0000002580)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000025c0)=0x14) setsockopt$sock_int(r4, 0x1, 0x12, &(0x7f0000000180)=0x4000000, 0x4) sendto$inet6(r4, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) sendto$inet6(r4, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0) shutdown(r4, 0x1) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000003c80)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) ioctl$BTRFS_IOC_GET_DEV_STATS(r4, 0xc4089434, &(0x7f0000000640)={r7, 0x9, 0x0, [0xfffffffffffffffd, 0x0, 0x7fffffffffffffff, 0x400], [0x100, 0x7fd, 0x0, 0x0, 0x7, 0x1000000, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x100000001, 0x0, 0x0, 0x8000000000000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd74a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000, 0x40000, 0x0, 0x0, 0x0, 0x0, 0xb062, 0x0, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x5]}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000300)={{}, 0x0, 0x0, @inherit={0x58, 0x0}, @devid=r7}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{r3}, 0x0, 0x0, @unused=[0x0, 0x0, 0x115, 0x60], @subvolid=0x2}) ioctl$BTRFS_IOC_SCRUB(r2, 0xc400941b, &(0x7f00000001c0)={r7, 0x3, 0x0, 0x1}) ioctl$BTRFS_IOC_RESIZE(0xffffffffffffffff, 0x50009403, &(0x7f00000034c0)=ANY=[@ANYRES32, @ANYBLOB='\x00\x00\x00\x00', @ANYRESDEC=r7, @ANYBLOB="3a6de7283d627562124d161fd524c8563675b78d82ec1a32caba625f29f567d43ba75cab2e37cdd9b38a91367feda82a05f46fe786e10f55be540a551dffc8666f1b0766a6a4b19b46bf4d36b1ef5fbe1c9e7e05982ec043765197540b5a5815c9f165e7b352e560385ba4870face5b94c933645aed158a01556e9335da06ccc62f8d876bc391c6d54c14f86ce8a2ee91b061757e3da72b808a25c32e81c26ac0df494e8f7dbed0d49ec9f29acf7bca755dc9e13d83967b968957aa0cd00893a4b98e7eb1a553b9fb6d57518e1b6d9b250200153d68c4dfadc9cde9b144e9659af3177235fbbb47a98df47baea572a124aa61f17de378c26e288588c68ac972b63f0bdd11e06d72e8672d89670003b03a9c7c80b3d1ecc5e892314fba47051c6c3344038fc94548146aa774bc2f1261ca9f580f7480b87cd791df8af12e14a865a17c62a0ea670b9d5433d79106675485a2be2d14d609d9946139d0391ede66dea1c884e74fe55b85f486aa958f8eac37f6079423b35fee13f1e0c70d25b8ef4b0142722da19b6e4d1d0e6548b660cac6fb38e131cffdc928010ca77867f46241c0ade6b0ab4ce32c454dfdb9105a861d8b34ecdd3c75a333915bdcc5342c9f5a8b01f66ed050bba68ccf8d52029ba7c1af0b58c8f142bc5962a151fe407a383c445e58bde06e69638b175bcfa0cc653de52c846de1b970db9669b15664524b3b33b773df0b91fbd6163d1f5d919bce33405b06bec4ba0d3bf5817cb7ed457891ef0ec2c7fc4390d417a492e78f9cc812b0aa87b1308371a347f7dc88a6d6d"]) ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000200)={r7, 0x9, 0x8, 0x1}) ioctl$BTRFS_IOC_DEV_INFO(r1, 0xd000941e, &(0x7f00000013c0)={r7, "9125587169283e8e19a9c00264ea2b63"}) ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f0000000240)={r7, 0x5, 0x1, [0x7f, 0x7fffffff, 0x2, 0x4, 0x9], [0x5a0, 0xade, 0x3, 0x0, 0x2, 0x8000000000000001, 0x4, 0xfff, 0x6, 0x7ff, 0x0, 0x3, 0x1, 0x50bb9b81, 0x22a4, 0x7ff, 0x9, 0x203, 0x531, 0x6, 0x4, 0x8001, 0x80000, 0xe, 0x9, 0x8, 0x5, 0x177, 0x8, 0x8, 0x6, 0x7, 0x3, 0x9bb7, 0x7, 0x8, 0x8, 0xfffffffffffffff7, 0x2, 0x8, 0x10000, 0x7f, 0x3c41, 0xf52, 0x10000, 0xffffffffffffeecc, 0xd33, 0xff, 0x2fa2, 0x5, 0x5, 0x1, 0x2, 0x9, 0x2, 0x8, 0x400, 0x2, 0x1, 0x438e000, 0x321, 0x8b2a, 0x0, 0x3069, 0x800, 0xffffffffffff7fff, 0x9, 0x9, 0x100000000, 0x81, 0xf9d, 0x7, 0x100000001, 0x5, 0x4, 0x840c, 0x8, 0x4, 0x4, 0x5, 0x1, 0x202000000000000, 0x1, 0x7, 0xfff, 0xffff, 0x0, 0x9, 0x3, 0x3f, 0x6, 0xafdf, 0x1, 0x3, 0x5, 0x4, 0xffffffff00000000, 0x3, 0x6, 0x6, 0x4, 0x2, 0x2, 0x2, 0x433, 0x6, 0x10001, 0xfffffffffffeffff, 0x1, 0x4, 0x100, 0x80, 0xfffffffffffffffd, 0xc, 0x4, 0x0, 0x101, 0x6, 0x6, 0x20, 0x2]}) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x10, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x15}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bind$packet(r5, &(0x7f0000003480)={0x11, 0x1, r6, 0x1, 0xe6, 0x6, @local}, 0x14) 5.332692978s ago: executing program 3 (id=867): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x4}}}, @IFLA_ADDRESS={0xa}]}, 0x44}}, 0x0) 5.311416569s ago: executing program 4 (id=868): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000100)={[{@type={'type', 0x3d, "0a521470"}}, {@part={'part', 0x3d, 0x80}}, {@umask={'umask', 0x3d, 0x9}}, {@umask={'umask', 0x3d, 0x6}}, {@codepage={'codepage', 0x3d, 'euc-jp'}}, {@iocharset={'iocharset', 0x3d, 'cp865'}}, {@umask={'umask', 0x3d, 0x540c}}]}, 0x3, 0x2a3, &(0x7f00000005c0)="$eJzs3c1qE1EYxvHnTNI2/aBOP6TgslpwJbZuxI0ivQgXImoToRgqaAV1Ja5F3Anu3bkWb8CNK/EGdOXKCyi4GDlnZpJJOl+JSSat/x80TDPnPfOezCRz3oFkBOC/dXP3x4crv+yfkWqqSbomeZIaUl3SWW00nh4c7h+2W00XsTCT2lHNRdg/ozDSHGuzd9BKC7VxLiLi2//qWko+h/EIgiD4WXUSqJx796fwpLno3enWNyae2Xi8rDqBipkjHemZlqvOAwBQrej870Xn+aVo/u550lZ02j9V5/+jqhOoWOL876qswNj9e8at6tZ7roSz6724SszpMXPNrMIjq2eCaXqryuNcLt78g/1269Leo3bT0ytdjySarbvHZnjoxgqy3cxJNkXx2LMsujHM2DHsZOS/NswW3w2eSof5ar6ZO8bXezU78796YOxucnvKd3vK7wSE+V/O7jGMCltljHLFbeRc1FafP5YYZSO9IulscUW9Fwj8OM+3szlRq31R4ei2C0a3lhq1UxC13h/VPZqzI4eXMew+5o25ZTb1W5+0m5j/e/bV3lKZd6Zt41pGR0bueOqupV8iMa9U+igr/Tpd7LXu66qWnzx/8fBeu916PLUL8YzDPlObgnxyFmyaY+m5rkmMIj5gpuPFnIKF+MN79D3rn/upaU5u4U8QGvWLkPfhMT+CjydMg+5O18btqpNBFey8y4T1X6JeueHW2TrJd/P0GaXN04OizhM9bmfUBqvucWGgCm4xu4IrW3OdvyhdyNnil95u/SjPU8Ls6rvucv0fAAAAAAAAAAAAAAAAAADgpCn3fYC5qPVwXyeoeIgAAAAAAAAAAAAAAAAAAAAAAJx4g9//N0Pm/X8Tv+pdfP9f9yvd3P8XmIy/AQAA//9VdncK") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.sectors\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000580), 0x1517460) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x800001, 0x28011, r0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) 5.260338471s ago: executing program 0 (id=869): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000140), 0x12) 5.203769164s ago: executing program 3 (id=870): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c00)=@newtaction={0x8c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x78, 0x1, [@m_police={0x74, 0x1, 0x0, 0x0, {{0xb}, {0x48, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}], [@TCA_POLICE_RESULT={0x8, 0x5, 0xfffffff9}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x8c}}, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x24, &(0x7f0000000cc0)=ANY=[@ANYBLOB="1808000003000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100000000009500000000000000b702000000000000739a00fe00000000b5090000000000007baaf8ff00000000bf8600000000000007080000fffdffffbfa400000000000007040000f0ffffffc70200000800000018220000d3d7", @ANYRES32=r1, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000180100002020752500000000002020207b94f8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000009f9800000000000056080000000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000080)='./file0\x00', 0x11100eb, &(0x7f0000000140)=ANY=[@ANYRESOCT=r1], 0x6, 0x2c0, &(0x7f0000000440)="$eJzs3U9rK1UUAPAz+TOJukgWrkRwQBeuHu+9rZsUeQ/ErnxkoS60+FqQJggtFKri2JVbNy78DILgB3HjNxDcCu6sUBiZyaRJ2pg2palof79Fe3vnnLlnboZ2WujJx6+O959nsXfy5a/R7SbRGMQgTpPoRyOmvo4Fg28DAPgvOy2K+KOYWCcviYju5soCADboej//W7PhT3dSFgCwQc/e/+Ddre3tJ+9lWTeejr85Gpa/2ZefJ8e39uLTGMVuPIxenEVUDwrtqJ4WyuHToijyVlbqxxvj/GhYZo4/+rk+/9bv9R8LSv3q4/nTRpX/zvaTR9nEXH5e1vFivf6gXP9x9OLl8+SF/MdL8mOYxpuvz9X/IHrxyyfxWYzieVXELP+rR1n2dvHdn198WJZX5if50bBTxc0UzTt8WQAAAAAAAAAAAAAAAAAAAAAA+J97UPfO6UTVv6ecqvvvNM/KL9qRTfUX+/NM8qetfRb6AxVFkVftcib9dR5mWVbUgbP8VrzSmm8sCAAAAAAAAAAAAAAAAAAAAPfX4fHn+zuj0e7BrQym3QBaEfHXs4ibnmcwN/NarA7u1GvujEaNergY05qfieY0JolYWUZ5Ebe0LVcNXrhUcz344cd1T9i9Oqa9fK3D4+ZNX6/84sz07trfSZbvYSemM9160e/TiFlMGtdcPf2nQ0Wsc/ulSw/11t6N9KVqkK+IiWRVYW/9Ntm5eia5eBVptatL09v1YC79wr1xrfs5upP0y98rEt06AAAAAAAAAAAAAAAAAABgo2b//bvk4MnK1EbR2VhZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCnZu//v8Ygj4h2fYIrgtM4OPyXLxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB74O8AAAD//0aWVl0=") bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000001200000000000000850000009e000200950000004000b408"], 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='jbd2_handle_stats\x00', r4}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x1c000000) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r8, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r7, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r10, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r9, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r12, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg(r11, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0) unshare(0x8040480) accept4$unix(r12, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x5, &(0x7f0000000200)=[{}, {0x7}, {0x1}, {0x3}, {0x6}]}) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) 5.127666067s ago: executing program 2 (id=871): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000010018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) socket$inet6_tcp(0xa, 0x1, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = getpid() sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) dup(r6) r7 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r7, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x80) r9 = fsopen(&(0x7f0000000500)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0) r10 = fsmount(r9, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r8, r10, 0x1, 0x0, @void}, 0x10) 4.947673244s ago: executing program 0 (id=873): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000abbe6740e9174e8b089c000000010902120001000000000904000000ff"], 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000001140)={0x24, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 4.736135722s ago: executing program 4 (id=874): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000800000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000002c0)='ext4_remove_blocks\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r1, &(0x7f00000000c0), 0x12) ioctl$SIOCSIFHWADDR(r1, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc, 0x2}}) 3.619158056s ago: executing program 3 (id=877): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="415b7ac700000000", 0x8) r1 = accept(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000180)="564004c6852da7a299e4c397614090d1a6e12edf1767f157", 0x18}], 0x1}], 0x1, 0x0) recvmsg(r1, &(0x7f000000b680)={0x0, 0x0, &(0x7f000000b600)=[{&(0x7f000000b500)=""/153, 0x99}], 0x1, 0x0, 0x0, 0x810}, 0x0) writev(r1, &(0x7f0000000100)=[{&(0x7f00000004c0)='H', 0x1}], 0x1) 3.617705426s ago: executing program 2 (id=878): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="d80000001a0081044e81f782db4cb904021d0800fe007c05e8fe55a1150002", 0x1f}], 0x1}, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="001000001a00911c01000000000041da81"], 0xfe33) 3.468537172s ago: executing program 2 (id=879): syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) getsockname(0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x121801) socket$inet6_sctp(0xa, 0x1, 0x84) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xff, 0xfffffffffffffffc}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000000c0)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000140)={@private0}, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000000)={0x0, 0x8}, &(0x7f0000000040)=0x20) io_setup(0x3, &(0x7f0000000180)=0x0) io_submit(r4, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) socket$inet6(0xa, 0x2, 0x0) 3.411795395s ago: executing program 4 (id=880): r0 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000040)='memory.pressure\x00', 0x2, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002600)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d162718e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a47c721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f664222000000000000000d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d808f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bff000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6197155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300000000000000000000000000002bd4b643dc57db1f6c1e8c5eb6b10d180521100b56003a45fc56fde2608305b03e5ef6218e28dad07c4b5b68ba788ff40a64c9c0dc2cfb3dbd94e80aaa6dd2616eed0f4d04a9a7d3259d4148686d356e085b4075e182f1ebda216013"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = socket$netlink(0x10, 0x3, 0x0) writev(r3, &(0x7f00000003c0), 0x0) writev(r3, &(0x7f0000000100)=[{&(0x7f00000000c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r4, 0x6, 0x4, 0x0, 0x0) ioctl$int_in(r4, 0x5452, &(0x7f0000000300)=0x208) bind$inet6(r4, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) r5 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10) write(r5, &(0x7f0000000000)="240000001a005f0214f9f4070009040081000000000000000100000004001e0001000000", 0x24) getsockname$packet(r5, &(0x7f0000002580)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000025c0)=0x14) setsockopt$sock_int(r4, 0x1, 0x12, &(0x7f0000000180)=0x4000000, 0x4) sendto$inet6(r4, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) sendto$inet6(r4, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0) shutdown(r4, 0x1) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000003c80)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) ioctl$BTRFS_IOC_GET_DEV_STATS(r4, 0xc4089434, &(0x7f0000000640)={r7, 0x9, 0x0, [0xfffffffffffffffd, 0x0, 0x7fffffffffffffff, 0x400], [0x100, 0x7fd, 0x0, 0x0, 0x7, 0x1000000, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x100000001, 0x0, 0x0, 0x8000000000000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd74a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000, 0x40000, 0x0, 0x0, 0x0, 0x0, 0xb062, 0x0, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x5]}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000300)={{}, 0x0, 0x0, @inherit={0x58, 0x0}, @devid=r7}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{r3}, 0x0, 0x0, @unused=[0x0, 0x0, 0x115, 0x60], @subvolid=0x2}) ioctl$BTRFS_IOC_SCRUB(r2, 0xc400941b, &(0x7f00000001c0)={r7, 0x3, 0x0, 0x1}) ioctl$BTRFS_IOC_RESIZE(0xffffffffffffffff, 0x50009403, &(0x7f00000034c0)=ANY=[@ANYRES32, @ANYBLOB='\x00\x00\x00\x00', @ANYRESDEC=r7, @ANYBLOB="3a6de7283d627562124d161fd524c8563675b78d82ec1a32caba625f29f567d43ba75cab2e37cdd9b38a91367feda82a05f46fe786e10f55be540a551dffc8666f1b0766a6a4b19b46bf4d36b1ef5fbe1c9e7e05982ec043765197540b5a5815c9f165e7b352e560385ba4870face5b94c933645aed158a01556e9335da06ccc62f8d876bc391c6d54c14f86ce8a2ee91b061757e3da72b808a25c32e81c26ac0df494e8f7dbed0d49ec9f29acf7bca755dc9e13d83967b968957aa0cd00893a4b98e7eb1a553b9fb6d57518e1b6d9b250200153d68c4dfadc9cde9b144e9659af3177235fbbb47a98df47baea572a124aa61f17de378c26e288588c68ac972b63f0bdd11e06d72e8672d89670003b03a9c7c80b3d1ecc5e892314fba47051c6c3344038fc94548146aa774bc2f1261ca9f580f7480b87cd791df8af12e14a865a17c62a0ea670b9d5433d79106675485a2be2d14d609d9946139d0391ede66dea1c884e74fe55b85f486aa958f8eac37f6079423b35fee13f1e0c70d25b8ef4b0142722da19b6e4d1d0e6548b660cac6fb38e131cffdc928010ca77867f46241c0ade6b0ab4ce32c454dfdb9105a861d8b34ecdd3c75a333915bdcc5342c9f5a8b01f66ed050bba68ccf8d52029ba7c1af0b58c8f142bc5962a151fe407a383c445e58bde06e69638b175bcfa0cc653de52c846de1b970db9669b15664524b3b33b773df0b91fbd6163d1f5d919bce33405b06bec4ba0d3bf5817cb7ed457891ef0ec2c7fc4390d417a492e78f9cc812b0aa87b1308371a347f7dc88a6d6d"]) ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000200)={r7, 0x9, 0x8, 0x1}) ioctl$BTRFS_IOC_DEV_INFO(r1, 0xd000941e, &(0x7f00000013c0)={r7, "9125587169283e8e19a9c00264ea2b63"}) ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f0000000240)={r7, 0x5, 0x1, [0x7f, 0x7fffffff, 0x2, 0x4, 0x9], [0x5a0, 0xade, 0x3, 0x0, 0x2, 0x8000000000000001, 0x4, 0xfff, 0x6, 0x7ff, 0x0, 0x3, 0x1, 0x50bb9b81, 0x22a4, 0x7ff, 0x9, 0x203, 0x531, 0x6, 0x4, 0x8001, 0x80000, 0xe, 0x9, 0x8, 0x5, 0x177, 0x8, 0x8, 0x6, 0x7, 0x3, 0x9bb7, 0x7, 0x8, 0x8, 0xfffffffffffffff7, 0x2, 0x8, 0x10000, 0x7f, 0x3c41, 0xf52, 0x10000, 0xffffffffffffeecc, 0xd33, 0xff, 0x2fa2, 0x5, 0x5, 0x1, 0x2, 0x9, 0x2, 0x8, 0x400, 0x2, 0x1, 0x438e000, 0x321, 0x8b2a, 0x0, 0x3069, 0x800, 0xffffffffffff7fff, 0x9, 0x9, 0x100000000, 0x81, 0xf9d, 0x7, 0x100000001, 0x5, 0x4, 0x840c, 0x8, 0x4, 0x4, 0x5, 0x1, 0x202000000000000, 0x1, 0x7, 0xfff, 0xffff, 0x0, 0x9, 0x3, 0x3f, 0x6, 0xafdf, 0x1, 0x3, 0x5, 0x4, 0xffffffff00000000, 0x3, 0x6, 0x6, 0x4, 0x2, 0x2, 0x2, 0x433, 0x6, 0x10001, 0xfffffffffffeffff, 0x1, 0x4, 0x100, 0x80, 0xfffffffffffffffd, 0xc, 0x4, 0x0, 0x101, 0x6, 0x6, 0x20, 0x2]}) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x10, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x15}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bind$packet(r5, &(0x7f0000003480)={0x11, 0x1, r6, 0x1, 0xe6, 0x6, @local}, 0x14) 3.406506035s ago: executing program 1 (id=881): syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZDzqcmWJElOOYX1XWrv7b//7f9l72/3/+xvz/27rnW9677Wc69nrfdm3ud5rjn80HlojUY1qzYgIvEvgd9eUoQQMUKIAUKIPEKIQAhRNr5s/JXxXApS/rWTsD/W42nXewXseuL6Z29c/+yN65+9cf2zN65/9sb1z964/tkb15+x7Gzz9II3ccu+7V9//h/z2ws/////EH/+Z29c//80p3P9M0dz/f+TXPbe/3MZXP/sjeufvXH9szeuf/bG9c/euP6MZWfX+/kzt+vbrve/P8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj2cM5f5UWQvylf73XxRhjjDHGGGOMsT+Oz3m9V8AYY4wxxhhjjLH/fSCkUEKLQOQQOUWMyCVixQ0iTtwocos8IiJuEvHiZpFX3CLyifyigCgoEkQhUVgYgcIKEqEoIoqKqLhVFBO3iURRXJQQJYUTpUSSuF2UFneIMuJOUVbcJcqJu0V5UUFUFJXEPaKyuFdUEfeJquJ+UU1UFzVETfGAqCUeFLXFQ6KOeFjUFY+IeuJRUV88JhqIx0VD8YRoJJ4UjcVTooloKpqJ5qLF/1X+a6K7eF30ED1Fiugleos3RB/RV/QT/cUA8aYYKN4Sg8TbYrAYIoaKd8Qw8a4YLt4TI8RIMUq8L0aLMWKsGCfGiwkiVXwgJooPxSTxkZgspoipYppIE9PFDPGxmClmidniEzFHfCrminlivlgg0sVnYqFYJDLE52Kx+EJkiiViqVgmlosVYqVYJVaLNWKtWCfWiw1io9gkNosvxRaxVWwT28UOsVPsErvFHrFX7BNfiSzx9T+Zf/a/5XcBAQIkSNCgIQfkgBiIgViIhTiIg9yQGyIQgXiIh7yQF/JBPigABSABEqAwFAYEBAKCIlAEohCFYlAMEiERSkAJcOAgCZKgNNwBZaAMlIWyUA7KQXmoABWgElSCylAZqkAVqApVoRpUgxpQAx6AB+BBqA21oQ7UgbpQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBZtAMWkALaAktoRW0gjbQBtpCW2gH7SAZkqE9tIcO0AE6QkfoBJ2gM3SGLtAVusJr8Bq8Dq9DT6gme0Fv6A19oA/0g/7QH96EgfAWvAVvw2AYAkPhHXgH3oXhcAZGwEgYBaOgshwDY2EckJwAqZAKE2EiTIJJMBmmwBSYBmkwHWbADJgJs2AWfAJz4FP4FObBPFgA6ZAOC2ERZEAGLIazkAlLYCksg+WwApbDKlgNq2AtrIO1sAE2wCbYBF/Cl7AVtsJ22A47YSfsht2wF/bCYMiCLNgP++EAHICDcBAOwSE4DIfhCByBo3AUjsExOA4n4CScgNNwGs7AWTgH5+ACXICLcBEuw+Ur//nlFVpqmUPmkDEyRsbKWBkn42RumVtGZETGy3iZV+aV+WQ+WUAWkAkyQRaWhSVKlCRDWUQWkVEZlcVkMZkoE2UJWUI66WSSTJKlZWlZRpaRZeVdspy8W5aXFWRrV0lWkpVlG1dF3ieryqqymqwua8iasqasJWvJ2rK2rCPryLqyrqwnH5X1ZS/oB4/LK5VpJIdAYzkUmsimsplsLt+Fp2VLORxaydayjXxWjoQR0E62dMnyBdlejoUO8iU5Dl6WneQE6CxflV1kV9lNvia7y1auh+wpJ0Mv2VtOgz6yr+wn+8uZUF1eqVgN+bYcLIfIofIduQDelcPle3KEHClHyfflaDlGjpXj5Hg5QabKD+RE+aGcJD+Sk+UUOVVOk2lyupwhP5Yz5Sw5W34i58hP5Vw5T86XC2S6/EwulItkhvxcLpZfyEy5RC6Vy+RyuUKulKvkarlGrpXr5Hq5QW6Um+Rm+aXcIrfKbXK73CF3yl1yt9wj98p98iuZJb+W++Wf5AH5jTwov5WH5HfysPxeHpE/yKPyR3lM/iSPyxPypDwlT8uf5Rl5Vp6T5+UF+Yu8KC/Jy9JLoUBJpZRWgcqhcqoYlUvFqhtUnLpR5VZ5VETdpOLVzSqvukXlU/lVAVVQJahCqrAyCpVVpEJVRBVVUXWrKqZuU4mquCqhSiqnSqkkdbsqre5QZdSdqqy6S5VTd6vyqoKqqCqpe1Rlda+qou5TVdX9qpqqrmqomuoBVUs9qGqrh1Qd9bCqqx5R9dSjqr56TDVQj6uG6gnVSD2pGqunVBPVVDVTzVUL9bRqqZ5RrVRr1UY9q9qq51Q79bxKVi+o9upF1UG9pDqql1Un9YrqrF5VXVRX1U1dUpeVVz1UT5Wieqne6g3VR/VV/VR/NUC9qQaqt9Qg9bYarIaooeodNUy9q4ar99QINVKNUu+r0WqMGqvGqfFqgkpVH6iJ6kM1SX2kJqspaqqaptLUdNXvzzPN/gfyP/w7+YN+PfsmtVl9qbaorWqb2q52qJ1ql9ql9qg9ap/ap7JUltqv9qsD6oA6qA6qQ+qQOqwOqyPqiDqqjqpj6pg6rk6o8+qUOq1+VmfUWXVWnVcX1AV18c/vgdCgpVZa60Dn0Dl1jM6lY/UNOk7fqHPrPDqib9Lx+madV9+i8+n8uoAuqBN0IV1YG43aatKhLqKL6qi+VRfTt+lEXVyX0CW106V0kr79X86/1vpa6Ba6pW6pW+lWuo1uo9vqtrqdbqeTdbJur9vrDrqD7qg76k66k+6sO+suuovuprvp7rq79kKIFJ2ie+s3dB/dV/fT/fUA/aYeqAfqQXqQHqwH66F6qB6mh+nhergeoUfoUXqUHq1H67F6rB6vx+tUnaon6ol6kp6kJ+vJeqqeqtN0mp6hZ+iZeqaerWfrOXqOnqvn6vl6vk7X6XqhXqgzdIZerBfrTL1EL9HL9DK9Qq/Qq/QqvUav0ev0Or1Bb9CZ+i/foLlNb9M79A69S+/Se/QevU/v01k6S+/X+/UBfUAf1Af1IX1IH9aH9RF9RB/VR/UxfUwf18f1SX1Sn9an9Rl9Rp/T5/QFfUFf1Bf1ZX35ymVfIAMZ6EAHOYIcQUwQE8QGsUFcEBfkDnIHkSASxAfxQd7gliBfkD8oEBQMEoJCQeHABBjYgIIwKBIUDaLBrUGx4LYgMSgelAhKBi4oFSQFtwelgzuCMsGdQdngrqBccHdQPqgQVAwqBfcElYN7gyrBfUHV4P6gWlA9qBHUDB4IagUPBrWDh4I6wcNB3eCRoF7waFA/eCxoEDweNAyeCBoFTwaNg6eCJkHToFnQPGjxh87v/Zn8z7gepqdJMb1Mb/OG6WP6mn6mvxlg3jQDzVtmkHnbDDZDzFDzjhlm3jXDzXtmhBlpRpn3zWgzxow148x4M8Gkmg/MRPOhmWQ+MpPNFDPVTDNpZrqZYT42M80sM9t8YuaYT81cM8/MNwtMuvnMLDSLTIb53Cw2X5hMs8QsNcvMcrPCrDSrzGqzxqw168x6s8FsNJvMZvOl2WK2mm1mu9lhdppdZrfZY/aafeYrk2W+NvvNn8wB8405aL41h8x35rD53hwxP5ij5kdzzPxkjpsT5qQ5ZU6bn80Zc9acM+fNBfOLuWgumcvGX7m4v/Lxjho15sAcGIMxGIuxGIdxmBtzYwQjGI/xmBfzYj7MhwWwACZgAhbGwngFIWERLIJRjGIxLIaJmIglsAQ6dJiESVgaS2MZLINlsSyWw3JYHstjRbxyP3IP3ov34n14H96P92N1rI41sSbWwlpYG2tjHayDdbEu1sN6WB/rYwNsgA2xITbCRtgYG2MTbILNsBm2wBbYEltiK2yFbbANtsW22A7bYTImY3tsjx2wA3bEjtgJO2Fn7IxdsAt2w27YHbtjD+yBKZiCvbE39sE+2A/74QAcgANxIA7CQTgYB+NQHIrDcBgOx+E4AkfiKHwfR+MYHIvjcDxOwFRMxYk4ESfhJJyMk3EqTsU0TMMZOANn4kycjbNxDs7BuTgX5+N8TMd0XIgLMQMzcDEuxkzMxKW4FJfjclyJK3E1rsa1uBbX43rciBtxM27GLbgFt+E23IE7cBfuwj24B/fhPszCLNyP+/EAHsCDeBAP4SE8jIfxCB7Bo3gUj+ExPI7H4SSexNN4Gs/gGTyH5/AC/oIX8RJeRo8xNpeNtTfYOHujzW3z2Bibq6cQ4q9xAVvQJthCtrA1Np/N/zcxWmsTbXFbwpa0zpaySfb238XlbQVb0Vay99jK9l5b5XdxLfugrW0fsnXsw7amfeBv4rr2EVvPPmnr26dsA9vUNrTNbSP7pG1sn7JNbFPbzDa3be1ztp193ibbF2x7++Lv4oV2kV1t19i1dp3dY/fac/a8PWJ/sBfsL7aH7WkH2DftQPuWHWTftoPtkN/Fo+z7drQdY8facXa8nfC7eKqdZtPsdDvDfmxn2lm/i9PtZ3aOzbBz7Tw73y74Nb6ypgz7uV1sv7CZdoldapfZ5XaFXWlX/XWty+wGu9FusrvsbrvFbrXb7Ha7w+78Nb6yj332K5tlv7aH7ff2gP3GHrRH7SH73a/xlf0dtT/aY/Yne9yesCftKXva/mzP2LO/7v/K3k/ZS/ay9VYQkCRFmgLKQTkphnJRLN1AcXQj5aY8FKGbKJ5uprx0C+Wj/FSAClICFaLCZAjJElFIRagoRelWKka3USIVpxJUkhyVoiS6nUrTHVSG7qSydBeVo7upPFWgilSJ7qHKdC9VofuoKt1P1ag61aCa9ADVogepNj1EdehhqkuPUD16lOrTY9SAHqeG9AQ1oiepMT1FTagpNaPm1IKeppb0DLWi1tSGnqW29By1o+cpmV6g9vQidaCXqCO9TJ3oFepMr1IX6krd6DXqTq9TD+pJKdSLetMb1If6Uj/qTwPoTRpIb9EgepsG0xAaSu/QMHqXhtN7NIJG0ih6n0bTGBpL42g8TaBU+oAm0oc0iT6iyTSFptI0SqPpNIM+ppk0i2bTJzSHPqW5NI/m0wJKp89oIS2iDPqcFtMXlElLaCkto+W0glbSKlpNa2gtraP1tIE20ibaTF/SFtpK22g77aCdtIt20x7aS/voK8qir2k//YkO0Dd0kL6lQ/QdHabv6Qj9QEfpRzpGP9FxOkEn6RSdpp/pDJ2lc3SeLtAvdJEu0WXyJEIIZahCHQZhjjBnGBPmCmPDG8K48MYwd5gnjIQ3hfHhzWHe8JYwX5g/LBAWDBPCQmHh0IQY2pDCMCwSFg2j4a1hsfC2MDEsHpYIS4YuLBUmhbeHpcM7wjLhnWHZ8K6wXHh3WD6sEFYMK4X3hJXDe8Mq4X1h1fD+sFpYPawR1gwfCGuFD4a1w4fCOuHDYZnwkbBe+GhYP3wsbBA+HjYMnwgbhU+GjcOnwiZh07BZ2DxsET4dtgyfCVuFrcM24bNh2/C5sF34fJgcvhC2D1+85nhK2CvsHb4RvhF6/5CaH10QTY9+Fl0YXRTNiH4eXRz9IpoZXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10f3RDdGN0U9b5mTuHASaecdoHL4XK6GJfLxbobXJy70eV2eVzE3eTi3c0ur7vF5XP5XQFX0CW4Qq6wMw6ddeRCV8QVdVF3qyvmbnOJrrgr4Uo650q5JNfctXAtXEv3jGvlWrs27ln3rHvOPeeed8+7F1x796Lr4F5yHd3LrpN7xb3iXnVdXFfXzb3murvXXQ/X06W4FNfb9XZ9XB/Xz/VzA9wAN9ANdIPcIDfYDXZD3VA3zA1zw91wN8KNcKPcKDfajXZj3Vg33o13qS7VTXQT3SQ3yU12k91UN9WluTQ3w81wM91MN9vNdnPcHDfXzXXz3XyX7tLdQrfQZbgMt9gtdpku0y11S91yt9ytdCvdarfarXVr3Xq33m10G91mt9ltcVvcNrfN7XA73C63y+1xe9w+t89luSy33+13B9wBd9B96w6579xh97074n5wR92P7pj7yR13J9xJd8qddj+7M+6sO+fOuwvuF3fRXXKXnXepkQ8iEyMfRiZFPopMjkyJTI1Mi6RFpkdmRD6OzIzMisyOfBKZE/k0MjcyLzI/siCSHvkssjCyKJIR+TyyOPJFJDOyJLI0siyyPLIi4n2hLaEv4ov6qL/VF/O3+URf3JfwJb3zpXySv92X9nf4Mv5OX9bf5cv5u315X8FX9E/5Jr6pb+ab+xb+ad/SP+Nb+da+jX/Wt/XP+Xb+eZ/sX/Dt/Yu+g3/Jd/Qv+07+Fd/Zv+q7+K6+m3/Nd/ev+x6+p0/xvXxv/4bv4/v6fr6/H+Df9AP9W36Qf9sP9kP8UP+OH+bf9cP9e36EH+lH+ff9aD/Gj/Xj/Hg/waf6D/xE/6Gf5D/yk/0UP9VP82l+up/hP/Yz/Sw/23/i5/hP/Vw/z8/3C3y6/8wv9It8hv/cL/Zf+Ey/xC/1y/xyv8Kv9Kv8ar/Gr/Xr/Hq/wW/0m/xm/6Xf4rf6bX673+F3+l1+t9/j9/p9/iuf5b/2+/2f/AH/jT/ov/WH/Hf+sP/eH/E/+KP+R3/M/+SP+xP+pD/lT/uf/Rl/1p/z5/0F/4u/6C/5y/wza4wxxhhj/xB1jfFe/0OO/HO/txDixq0FD/338fX5fuv3zZnQNiKEeKFn58f/0qpVS0lJ+fOxmUoERecJISJX83OIq/ES0UY8J5JFa1H6r+Mx/+VcfWXXC3SN+aN3CRH7NzuAv8ZX57/j7+6/rxwz55rzzxMisejVnFzianx1/jL/w/z5W15j/lzfpArR6r/kxImr8dX5k8Qz4kWR/DdHMsYYY4wxxhhjv+krK3a81v3tlfvzBH01J6e4Gv+9+3PGGGOMMcYYY4z9e3m5a7fnn05Obt2RO/9bHZ/nt7f632U93OHOP9C53l+ZGGOMMcYYY3+0qxf913sljDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZY9vX/4teJ/eVc1/pbg4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxth/qv8TAAD//3iQOws=") truncate(&(0x7f0000000080)='./file1\x00', 0xf000) 3.350163877s ago: executing program 3 (id=882): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x4}}}, @IFLA_ADDRESS={0xa}]}, 0x44}}, 0x0) 2.582573798s ago: executing program 3 (id=883): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x3, 0xd, &(0x7f0000000080)=@framed={{0x18, 0x2}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}, @call={0x85, 0x0, 0x0, 0xd0}]}, &(0x7f0000000040)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000000)="0000000000000000009dc9000000", 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.319124998s ago: executing program 1 (id=884): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0) getsockopt$X25_QBITINCL(r2, 0x106, 0x1, 0x0, &(0x7f0000000140)) 2.226164122s ago: executing program 4 (id=885): bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r3, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = socket$xdp(0x2c, 0x3, 0x0) mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x11, r5, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x10, 0x2, [@enum={0x0, 0x1, 0x0, 0x6, 0x4, [{0x1}]}]}}, &(0x7f0000001f80)=""/237, 0x2e, 0xed, 0x1}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r4}, 0x10) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r6, 0x800448d2, 0x0) bind$bt_hci(r6, &(0x7f0000000080)={0x1f, 0xffff}, 0x6) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000001c0)={'ip6gre0\x00', &(0x7f0000000300)={'syztnl0\x00', 0x0, 0x4, 0x0, 0x6, 0x0, 0x9, @dev={0xfe, 0x80, '\x00', 0x1a}, @mcast2, 0x7800, 0x7, 0x6, 0x5}}) 2.159637804s ago: executing program 2 (id=886): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x563, &(0x7f0000000640)="$eJzs3U9sFFUYAPBvZmmBUmkxxgAXm3CAxLhQagQ9Ad6MMf49mtCULWlYKGlrQpse4O7BAwevJl68ekE9NdF48ODBE3jybEJMo9TEmNTM7my7trtt07RM6fx+yey+N2/hvW8nH/Pe7r4QQGkNZQ9pxImIuJpEDLS1HYi8caj5uqXF+bG/F+fHklhe/uCPJJKIeLI4P9Z6fZI/H8krhyLilysRz1fW9zs9O3djtF6vTeX1szM3b5+dnp17ZeLm6PXa9dqtkeHzr786MjJy4eKOxfrR+yffqX781qOvJl/79/57R39K4lL0523tceyUoRhaeU/aZe/rhZ3urCCVPJ5OcbL3ta5fT0S8GANRybM+MxATnxY6OGBXLVciloGSSuQ/lFRrHpCtf1tHsTOSp+vx5eYCKIt7KT+aLQean43EocbaqO/PpG1l1FzvDu5A/1kfd05f+T47Ypc+h9jI3XsRcbzT9U8aYxtsfIqTxZ/+L/40Is7lz9n589vsf2hN/VmK/1Jb/Fe22X/R8QNQTguXmzfy9fe/dGX+Ex3mP/0d7l3bUfT9rzX/W1o3/1uNv9Jl/vfuFvv49ccHP3dra5//ZUfWf2su+DQ8vhdxsmP8yUr8SYf4s3nP1S328fU3pw52ays6/uUvIk5H5/hbko2/nzw7PlGvnWs+duzjt+NvPujWf9HxZ9e/r0v8G13/7NztLfZxse/M593aNo8//b03+bBR6s3P3BmdmZkajuhN3l5/fpOFSOs1rb8ji//MqY3zv1P8h7O1wxbjfzL53T/bj393ZfFf2+b1/2yLfXz75Q8Pu7UVHT8AAAAAAADsJ2njtxxJWl0pp2m12tzD+0L0pfXJ6ZmXxyc/uXWt+ZuPwehJW990DzTrSVYfzn8P26qfX1MfiYhjEXG/crhRr45N1q8VHTwAAAAAAAAAAAAAAAAAAADsEUfW7P//q9Lc/w+UxIGiBwAURv5Decl/KC/5D+Ul/6G85D+Ul/yH8pL/UF7yH8pL/kN5yX8AAAAA2JeOvbTwKImIu28cbhyZ3rytp9CRAbstLXoAQGEqRQ8AKIyv/qG8rPGBZJP2Q90aFjb7kwAAAAAAAAAAAADATjl9wv5/KCv7/6G87P+H8rL/H8rLGh+w/x8AAAAAAAAAAAAA9r7+xpGk1XwvcH+kabUa8VxEDEZPMj5Rr52LiKMR8bDSczCrDxc9aAAAAAAAAAAAAAAAAAAAANhnpmfnbozW67UpBQUFhZVC0f8yAQAAAAAAAAAAAAAAAABA+axu+i16JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQnNX//3/3CkXHCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8m/4LAAD//2EREuQ=") syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x8a, &(0x7f00000001c0)={[{@journal_async_commit}, {@data_err_abort}, {@data_ordered}, {@mblk_io_submit}, {@grpjquota}, {@nombcache}]}, 0xfa, 0x44e, &(0x7f0000000d80)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0xe1, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000)) 1.662772474s ago: executing program 1 (id=887): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZE(r0, 0x5603, 0xfffffffffffffffc) 1.591080297s ago: executing program 0 (id=888): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c00)=@newtaction={0x8c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x78, 0x1, [@m_police={0x74, 0x1, 0x0, 0x0, {{0xb}, {0x48, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}], [@TCA_POLICE_RESULT={0x8, 0x5, 0xfffffff9}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x8c}}, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x24, &(0x7f0000000cc0)=ANY=[@ANYBLOB="1808000003000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100000000009500000000000000b702000000000000739a00fe00000000b5090000000000007baaf8ff00000000bf8600000000000007080000fffdffffbfa400000000000007040000f0ffffffc70200000800000018220000d3d7", @ANYRES32=r1, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000180100002020752500000000002020207b94f8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000009f9800000000000056080000000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000080)='./file0\x00', 0x11100eb, &(0x7f0000000140)=ANY=[@ANYRESOCT=r1], 0x6, 0x2c0, &(0x7f0000000440)="$eJzs3U9rK1UUAPAz+TOJukgWrkRwQBeuHu+9rZsUeQ/ErnxkoS60+FqQJggtFKri2JVbNy78DILgB3HjNxDcCu6sUBiZyaRJ2pg2palof79Fe3vnnLlnboZ2WujJx6+O959nsXfy5a/R7SbRGMQgTpPoRyOmvo4Fg28DAPgvOy2K+KOYWCcviYju5soCADboej//W7PhT3dSFgCwQc/e/+Ddre3tJ+9lWTeejr85Gpa/2ZefJ8e39uLTGMVuPIxenEVUDwrtqJ4WyuHToijyVlbqxxvj/GhYZo4/+rk+/9bv9R8LSv3q4/nTRpX/zvaTR9nEXH5e1vFivf6gXP9x9OLl8+SF/MdL8mOYxpuvz9X/IHrxyyfxWYzieVXELP+rR1n2dvHdn198WJZX5if50bBTxc0UzTt8WQAAAAAAAAAAAAAAAAAAAAAA+J97UPfO6UTVv6ecqvvvNM/KL9qRTfUX+/NM8qetfRb6AxVFkVftcib9dR5mWVbUgbP8VrzSmm8sCAAAAAAAAAAAAAAAAAAAAPfX4fHn+zuj0e7BrQym3QBaEfHXs4ibnmcwN/NarA7u1GvujEaNergY05qfieY0JolYWUZ5Ebe0LVcNXrhUcz344cd1T9i9Oqa9fK3D4+ZNX6/84sz07trfSZbvYSemM9160e/TiFlMGtdcPf2nQ0Wsc/ulSw/11t6N9KVqkK+IiWRVYW/9Ntm5eia5eBVptatL09v1YC79wr1xrfs5upP0y98rEt06AAAAAAAAAAAAAAAAAABgo2b//bvk4MnK1EbR2VhZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCnZu//v8Ygj4h2fYIrgtM4OPyXLxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB74O8AAAD//0aWVl0=") bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000001200000000000000850000009e000200950000004000b408"], 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='jbd2_handle_stats\x00', r4}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x1c000000) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r8, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r7, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r10, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r9, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r12, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg(r11, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0) unshare(0x8040480) accept4$unix(r12, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x5, &(0x7f0000000200)=[{}, {0x7}, {0x1}, {0x3}, {0x6}]}) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) 1.00613797s ago: executing program 4 (id=889): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) recvfrom$inet6(r0, 0x0, 0x2, 0x2, 0x0, 0x0) 1.00548534s ago: executing program 3 (id=890): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402609333340000000000109022400010000000009040000010301000009210000000122010009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000011c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) syz_usb_connect$uac1(0x0, 0x0, 0x0, &(0x7f0000000940)={0x0, 0x0, 0x5, &(0x7f0000000640)={0x5, 0xf, 0x5}}) r1 = syz_open_dev$evdev(&(0x7f0000000600), 0x6828, 0x0) ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000640)=""/146) 917.102804ms ago: executing program 1 (id=891): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="020300020c0000002abd70000000000002000800080000006d0000000000000003000600000000000200000000000000000000000000000002000100000000000000080000000000030005000000000002"], 0x60}, 0x1, 0x7}, 0x0) 841.754427ms ago: executing program 2 (id=892): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0) ioctl$BLKPG(r0, 0x1269, &(0x7f00000000c0)={0x1, 0x0, 0x98, &(0x7f0000000000)={0x0, 0x200, 0x791}}) 777.349699ms ago: executing program 4 (id=893): syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100002911ad080a1110115dab010203010902240001010000000904000002c688ff0009050f020000000000090506"], 0x0) 757.40854ms ago: executing program 1 (id=894): r0 = socket$tipc(0x1e, 0x4, 0x0) bind$tipc(r0, &(0x7f0000000100)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) r2 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r2, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0}, 0x0) dup3(r1, r2, 0x0) 618.115406ms ago: executing program 2 (id=895): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = syz_io_uring_setup(0x231b, &(0x7f0000000440), &(0x7f0000000280)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x80, &(0x7f0000000340)=@rc={0x1f, @fixed, 0x5}}) socket$inet6(0xa, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0) 617.619275ms ago: executing program 1 (id=896): syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) getsockname(0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x121801) socket$inet6_sctp(0xa, 0x1, 0x84) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xff, 0xfffffffffffffffc}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000000c0)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000140)={@private0}, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000000)={0x0, 0x8}, &(0x7f0000000040)=0x20) io_setup(0x3, &(0x7f0000000180)=0x0) io_submit(r4, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) socket$inet6(0xa, 0x2, 0x0) 0s ago: executing program 0 (id=897): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) kernel console output (not intermixed with test programs): 262][ T4298] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:477: comm syz.0.199: Invalid block bitmap block 0 in block_group 0 [ 116.459913][ T3597] usb 2-1: Product: syz [ 116.471853][ T4298] Quota error (device loop0): write_blk: dquota write failed [ 116.479985][ T4298] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 116.490073][ T4298] EXT4-fs error (device loop0): ext4_acquire_dquot:6777: comm syz.0.199: Failed to acquire dquot type 0 [ 116.501675][ T4298] EXT4-fs error (device loop0): ext4_free_blocks:6213: comm syz.0.199: Freeing blocks not in datazone - block = 0, count = 4096 [ 116.515694][ T4298] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.199: Invalid inode bitmap blk 0 in block_group 0 [ 116.526272][ T3597] usb 2-1: Manufacturer: syz [ 116.533839][ T4298] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem [ 116.544485][ T4298] EXT4-fs (loop0): 1 orphan inode deleted [ 116.550273][ T4298] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 116.601799][ T3597] usb 2-1: SerialNumber: syz [ 116.627570][ T3970] Quota error (device loop0): do_check_range: Getting block 0 out of range 1-8 [ 116.647751][ T3970] EXT4-fs error (device loop0): ext4_release_dquot:6800: comm kworker/u4:12: Failed to release dquot type 0 [ 116.663581][ T3597] usbhid 2-1:1.0: couldn't find an input interrupt endpoint [ 116.749841][ T4276] loop2: detected capacity change from 0 to 32768 [ 116.831549][ T3858] EXT4-fs (loop0): unmounting filesystem. [ 116.872353][ T4276] XFS (loop2): Mounting V5 Filesystem [ 116.914365][ T3597] usb 2-1: USB disconnect, device number 7 [ 116.988424][ T4276] XFS (loop2): Ending clean mount [ 117.000369][ T4276] XFS (loop2): Quotacheck needed: Please wait. [ 117.036448][ T4276] XFS (loop2): Quotacheck: Done. [ 117.207993][ T3714] XFS (loop2): Unmounting Filesystem [ 117.343404][ T4323] kvm [4322]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc1 data 0x4000 [ 117.651701][ T4333] syz.4.211 (pid 4333) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 117.879849][ T4342] loop3: detected capacity change from 0 to 8 [ 117.958102][ T4342] SQUASHFS error: lzo decompression failed, data probably corrupt [ 117.966259][ T4348] loop1: detected capacity change from 0 to 512 [ 117.985346][ T4348] EXT4-fs (loop1): unsupported inode size: 0 [ 117.991471][ T4348] EXT4-fs (loop1): blocksize: 2048 [ 117.999303][ T4342] SQUASHFS error: Failed to read block 0x91: -5 [ 118.020135][ T4342] SQUASHFS error: Unable to read metadata cache entry [8f] [ 118.028223][ T4342] SQUASHFS error: Unable to read inode 0x11f [ 118.034592][ T3623] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 118.251922][ T4333] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-avx2)" [ 118.274392][ T3623] usb 3-1: Using ep0 maxpacket: 8 [ 118.459926][ T4362] loop0: detected capacity change from 0 to 256 [ 118.525470][ T3567] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 118.563157][ T3623] usb 3-1: New USB device found, idVendor=0abf, idProduct=3370, bcdDevice=9b.54 [ 118.582486][ T3623] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.635044][ T3623] usb 3-1: Product: syz [ 118.655934][ T3623] usb 3-1: Manufacturer: syz [ 118.691124][ T3623] usb 3-1: SerialNumber: syz [ 118.724683][ T3623] usb 3-1: config 0 descriptor?? [ 119.018646][ T3623] usb 3-1: USB disconnect, device number 5 [ 119.046286][ T4370] loop3: detected capacity change from 0 to 4096 [ 119.080459][ T4370] ntfs3: Unknown parameter 'ui' [ 119.514595][ T4361] loop4: detected capacity change from 0 to 32768 [ 119.609122][ T4361] XFS (loop4): Mounting V5 Filesystem [ 119.634427][ T4381] kvm [4380]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc1 data 0x4000 [ 119.769781][ T4361] XFS (loop4): Ending clean mount [ 119.797818][ T4361] XFS (loop4): Quotacheck needed: Please wait. [ 119.858166][ T4361] XFS (loop4): Quotacheck: Done. [ 119.937130][ T4397] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 120.022181][ T3553] XFS (loop4): Unmounting Filesystem [ 120.172942][ T3563] Bluetooth: hci1: command tx timeout [ 120.278048][ T4408] loop3: detected capacity change from 0 to 256 [ 120.404763][ T3567] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 120.526729][ T4416] loop1: detected capacity change from 0 to 512 [ 120.539293][ T4416] EXT4-fs (loop1): unsupported inode size: 0 [ 120.545695][ T4416] EXT4-fs (loop1): blocksize: 2048 [ 121.001830][ T4424] loop0: detected capacity change from 0 to 4096 [ 121.040710][ T4424] ntfs3: Unknown parameter 'ui' [ 121.991809][ T4455] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 122.158397][ T26] audit: type=1800 audit(1719856676.228:7): pid=4457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.248" name="file2" dev="sda1" ino=1983 res=0 errno=0 [ 122.653888][ T3555] Bluetooth: hci1: command tx timeout [ 122.723611][ T4463] loop3: detected capacity change from 0 to 4096 [ 122.740346][ T4463] ntfs3: Unknown parameter 'ui' [ 123.213604][ T4479] loop3: detected capacity change from 0 to 2048 [ 123.243744][ T26] audit: type=1800 audit(1719856677.318:8): pid=4483 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.259" name="file2" dev="sda1" ino=1973 res=0 errno=0 [ 123.410910][ T26] audit: type=1326 audit(1719856677.478:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4487 comm="syz.2.262" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2695d75b99 code=0x0 [ 123.942054][ T4490] loop1: detected capacity change from 0 to 32768 [ 123.976979][ T4490] ERROR: (device loop1): dtSearch: DT_GETPAGE: dtree page corrupt [ 123.976979][ T4490] [ 123.988492][ T4490] ERROR: (device loop1): remounting filesystem as read-only [ 124.002262][ T4490] jfs_lookup: dtSearch returned -5 [ 124.406092][ T26] audit: type=1326 audit(1719856678.478:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4510 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2695d75b99 code=0x7ffc0000 [ 124.538624][ T26] audit: type=1326 audit(1719856678.508:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4510 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2695d75b99 code=0x7ffc0000 [ 124.618699][ T26] audit: type=1326 audit(1719856678.518:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4510 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2695d75b99 code=0x7ffc0000 [ 124.697840][ T4511] loop1: detected capacity change from 0 to 4096 [ 124.754439][ T4511] ntfs3: Unknown parameter 'ui' [ 124.773074][ T26] audit: type=1326 audit(1719856678.518:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4510 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2695d75b99 code=0x7ffc0000 [ 124.889286][ T26] audit: type=1326 audit(1719856678.518:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4510 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2695d75b99 code=0x7ffc0000 [ 124.912450][ T26] audit: type=1326 audit(1719856678.518:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4510 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2695d75bd3 code=0x7ffc0000 [ 124.935300][ T26] audit: type=1326 audit(1719856678.648:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4510 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2695d7471f code=0x7ffc0000 [ 125.562236][ T4512] loop2: detected capacity change from 0 to 8192 [ 125.659280][ T4512] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 125.659357][ T4512] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 125.659422][ T4512] loop2: p2 p3 p4 [ 125.659444][ T4512] loop2: partition table partially beyond EOD, truncated [ 125.659617][ T4512] loop2: p2 start 452985600 is beyond EOD, truncated [ 125.659639][ T4512] loop2: p3 size 33554432 extends beyond EOD, truncated [ 125.700429][ T4512] loop2: p4 start 8388607 is beyond EOD, truncated [ 125.800219][ T4527] loop1: detected capacity change from 0 to 2048 [ 126.968752][ T4558] loop0: detected capacity change from 0 to 2048 [ 127.309907][ T4565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 127.322115][ T4544] loop2: detected capacity change from 0 to 32768 [ 127.388455][ T4544] XFS (loop2): Mounting V5 Filesystem [ 127.439008][ T4566] loop3: detected capacity change from 0 to 4096 [ 127.457531][ T4566] __ntfs_error: 26 callbacks suppressed [ 127.457549][ T4566] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 127.478824][ T4566] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 127.564500][ T4566] ntfs: (device loop3): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 127.625798][ T4566] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 127.659542][ T4566] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 127.683831][ T4566] ntfs: volume version 3.1. [ 127.690158][ T4544] XFS (loop2): Ending clean mount [ 127.708491][ T4566] ntfs: (device loop3): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 127.731531][ T4544] XFS (loop2): Quotacheck needed: Please wait. [ 127.758693][ T4566] ntfs: (device loop3): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 127.780441][ T4544] XFS (loop2): Quotacheck: Done. [ 127.793962][ T4566] ntfs: (device loop3): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 127.812487][ T4566] ntfs: (device loop3): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 127.837606][ T4566] ntfs: (device loop3): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 127.966564][ T3714] XFS (loop2): Unmounting Filesystem [ 127.996109][ T3593] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 128.272901][ T3593] usb 2-1: Using ep0 maxpacket: 8 [ 128.378264][ T4599] loop3: detected capacity change from 0 to 512 [ 128.408002][ T4599] EXT4-fs: Ignoring removed nomblk_io_submit option [ 128.421514][ T4601] loop0: detected capacity change from 0 to 2048 [ 128.445378][ T4599] EXT4-fs (loop3): orphan cleanup on readonly fs [ 128.465677][ T4599] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.302: bg 0: block 248: padding at end of block bitmap is not set [ 128.496878][ T4599] EXT4-fs error (device loop3): ext4_acquire_dquot:6777: comm syz.3.302: Failed to acquire dquot type 1 [ 128.539823][ T4599] EXT4-fs (loop3): 1 truncate cleaned up [ 128.592904][ T4599] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 128.592982][ T3593] usb 2-1: New USB device found, idVendor=0abf, idProduct=3370, bcdDevice=9b.54 [ 128.682938][ T3593] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 128.691063][ T3593] usb 2-1: Product: syz [ 128.703108][ T3593] usb 2-1: Manufacturer: syz [ 128.707775][ T3593] usb 2-1: SerialNumber: syz [ 128.724546][ T3912] EXT4-fs (loop3): unmounting filesystem. [ 128.750113][ T3593] usb 2-1: config 0 descriptor?? [ 129.060781][ T3597] usb 2-1: USB disconnect, device number 8 [ 129.295183][ T4616] loop3: detected capacity change from 0 to 512 [ 129.320345][ T4616] EXT4-fs (loop3): unsupported inode size: 0 [ 129.350624][ T4616] EXT4-fs (loop3): blocksize: 2048 [ 129.689027][ T4619] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 129.980293][ T4630] loop4: detected capacity change from 0 to 1024 [ 130.004240][ T4630] EXT4-fs: Ignoring removed orlov option [ 130.010197][ T4630] EXT4-fs: Ignoring removed nobh option [ 130.036472][ T4630] EXT4-fs (loop4): Couldn't mount because of unsupported optional features (28) [ 130.172339][ T4632] loop2: detected capacity change from 0 to 512 [ 130.251094][ T4632] EXT4-fs error (device loop2): ext4_orphan_get:1422: comm syz.2.315: bad orphan inode 15 [ 130.282342][ T4632] EXT4-fs (loop2): Remounting filesystem read-only [ 130.293943][ T4632] ext4_test_bit(bit=14, block=5) = 0 [ 130.299285][ T4632] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 130.360400][ T4632] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters [ 130.389588][ T4632] EXT4-fs (loop2): Remounting filesystem read-only [ 130.403797][ T4632] fuse: Unknown parameter 'hash' [ 130.552797][ T4650] random: crng reseeded on system resumption [ 132.144570][ T3555] Bluetooth: hci3: command tx timeout [ 132.545778][ T3714] EXT4-fs (loop2): unmounting filesystem. [ 132.628204][ T4663] syz.4.328[4663] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 132.628309][ T4663] syz.4.328[4663] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 132.655945][ T1254] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.673699][ T1254] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.734704][ T4665] loop1: detected capacity change from 0 to 1024 [ 132.742300][ T4665] EXT4-fs: Ignoring removed orlov option [ 132.752843][ T3597] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 132.788633][ T4665] EXT4-fs: Ignoring removed nobh option [ 132.809462][ T4665] EXT4-fs (loop1): Couldn't mount because of unsupported optional features (28) [ 133.048530][ T3597] usb 4-1: Using ep0 maxpacket: 8 [ 133.073405][ T3555] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 133.083533][ T3555] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 133.091383][ T3555] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 133.106034][ T3555] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 133.114579][ T3555] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 133.121835][ T3555] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 133.213958][ T4680] loop1: detected capacity change from 0 to 4096 [ 133.231525][ T4680] __ntfs_error: 12 callbacks suppressed [ 133.231542][ T4680] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 133.254277][ T3970] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.268419][ T4680] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 133.287232][ T4680] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 133.300426][ T4680] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 133.357906][ T4680] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 133.381487][ T3970] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.396884][ T3597] usb 4-1: New USB device found, idVendor=0abf, idProduct=3370, bcdDevice=9b.54 [ 133.398660][ T4680] ntfs: volume version 3.1. [ 133.416952][ T3597] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 133.420926][ T4680] ntfs: (device loop1): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 133.451666][ T3597] usb 4-1: Product: syz [ 133.462902][ T4680] ntfs: (device loop1): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 133.463908][ T3597] usb 4-1: Manufacturer: syz [ 133.489585][ T4680] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 133.507248][ T4680] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 133.520598][ T3597] usb 4-1: SerialNumber: syz [ 133.520880][ T4680] ntfs: (device loop1): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 133.544845][ T3597] usb 4-1: config 0 descriptor?? [ 133.591185][ T3970] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.617203][ T4685] loop4: detected capacity change from 0 to 512 [ 133.726895][ T4685] EXT4-fs error (device loop4): ext4_orphan_get:1422: comm syz.4.336: bad orphan inode 15 [ 133.741014][ T4685] EXT4-fs (loop4): Remounting filesystem read-only [ 133.756912][ T4685] ext4_test_bit(bit=14, block=5) = 0 [ 133.783919][ T4685] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 133.916549][ T3970] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.328454][ T4685] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters [ 134.458635][ T3593] usb 4-1: USB disconnect, device number 3 [ 134.639751][ T4685] EXT4-fs (loop4): Remounting filesystem read-only [ 134.689940][ T4685] fuse: Unknown parameter 'hash' [ 134.754077][ T4675] chnl_net:caif_netlink_parms(): no params data found [ 134.821627][ T4703] loop0: detected capacity change from 0 to 1024 [ 134.891526][ T4703] hfsplus: request for non-existent node 3 in B*Tree [ 134.942879][ T4703] hfsplus: request for non-existent node 3 in B*Tree [ 135.010606][ T4703] hfsplus: request for non-existent node 4 in B*Tree [ 135.018925][ T4703] hfsplus: request for non-existent node 4 in B*Tree [ 135.227874][ T3563] Bluetooth: hci4: command tx timeout [ 135.460155][ T4703] hfsplus: request for non-existent node 5 in B*Tree [ 135.668426][ T4703] hfsplus: request for non-existent node 5 in B*Tree [ 135.724297][ T3553] EXT4-fs (loop4): unmounting filesystem. [ 135.745867][ T4708] hfsplus: request for non-existent node 6 in B*Tree [ 135.790794][ T4708] hfsplus: request for non-existent node 6 in B*Tree [ 135.831490][ T4675] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.893509][ T4675] bridge0: port 1(bridge_slave_0) entered disabled state [ 135.918466][ T4675] device bridge_slave_0 entered promiscuous mode [ 136.047136][ T4675] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.064873][ T4675] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.129624][ T4675] device bridge_slave_1 entered promiscuous mode [ 136.192318][ T4675] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 136.547557][ T4724] syz.1.345[4724] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 136.548956][ T4724] syz.1.345[4724] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 136.823076][ T4723] 9pnet_fd: Insufficient options for proto=fd [ 136.888815][ T4675] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 137.064164][ T4675] team0: Port device team_slave_0 added [ 137.288106][ T4729] loop0: detected capacity change from 0 to 4096 [ 137.295151][ T3555] Bluetooth: hci4: command tx timeout [ 137.384541][ T4675] team0: Port device team_slave_1 added [ 137.770341][ T4729] ntfs: volume version 3.1. [ 138.218738][ T4750] loop3: detected capacity change from 0 to 512 [ 138.227104][ T4675] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 138.258321][ T4675] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.323652][ T4750] EXT4-fs error (device loop3): ext4_orphan_get:1422: comm syz.3.352: bad orphan inode 15 [ 138.364072][ T4675] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 138.402259][ T4757] loop0: detected capacity change from 0 to 1024 [ 138.413760][ T4750] EXT4-fs (loop3): Remounting filesystem read-only [ 138.434093][ T4750] ext4_test_bit(bit=14, block=5) = 0 [ 138.439651][ T4750] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 138.477353][ T4757] hfsplus: request for non-existent node 3 in B*Tree [ 138.484360][ T4757] hfsplus: request for non-existent node 3 in B*Tree [ 138.546818][ T4675] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 138.557214][ T4750] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters [ 138.583427][ T4675] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.608686][ T4763] fuse: Bad value for 'fd' [ 138.635720][ T4757] hfsplus: request for non-existent node 4 in B*Tree [ 138.642447][ T4757] hfsplus: request for non-existent node 4 in B*Tree [ 138.685814][ T4750] EXT4-fs (loop3): Remounting filesystem read-only [ 138.711734][ T4675] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 138.725293][ T4757] hfsplus: request for non-existent node 5 in B*Tree [ 138.732015][ T4757] hfsplus: request for non-existent node 5 in B*Tree [ 138.782575][ T4767] hfsplus: request for non-existent node 6 in B*Tree [ 138.790621][ T4767] hfsplus: request for non-existent node 6 in B*Tree [ 139.036026][ T4675] device hsr_slave_0 entered promiscuous mode [ 139.066739][ T4675] device hsr_slave_1 entered promiscuous mode [ 139.095243][ T4675] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 139.119285][ T4675] Cannot create hsr debugfs directory [ 139.285907][ T3912] EXT4-fs (loop3): unmounting filesystem. [ 139.332187][ T4782] netlink: 24 bytes leftover after parsing attributes in process `syz.0.361'. [ 139.372907][ T3555] Bluetooth: hci4: command tx timeout [ 139.614764][ T4788] use of bytesused == 0 is deprecated and will be removed in the future, [ 139.805028][ T4788] use the actual size instead. [ 141.459643][ T26] kauditd_printk_skb: 22 callbacks suppressed [ 141.459660][ T26] audit: type=1326 audit(1719856695.528:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4803 comm="syz.1.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd178175b99 code=0x7ffc0000 [ 141.483011][ T3555] Bluetooth: hci4: command tx timeout [ 141.489783][ T26] audit: type=1326 audit(1719856695.528:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4803 comm="syz.1.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd178175b99 code=0x7ffc0000 [ 141.617506][ T26] audit: type=1326 audit(1719856695.538:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4803 comm="syz.1.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fd178175b99 code=0x7ffc0000 [ 141.740992][ T26] audit: type=1800 audit(1719856695.538:50): pid=4805 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.367" name="bus" dev="sda1" ino=1975 res=0 errno=0 [ 141.789783][ T26] audit: type=1326 audit(1719856695.538:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4803 comm="syz.1.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd178175b99 code=0x7ffc0000 [ 141.798536][ T4819] loop3: detected capacity change from 0 to 512 [ 141.819256][ T26] audit: type=1326 audit(1719856695.538:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4803 comm="syz.1.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd178175b99 code=0x7ffc0000 [ 141.873050][ T3970] device hsr_slave_0 left promiscuous mode [ 141.892578][ T3970] device hsr_slave_1 left promiscuous mode [ 141.937156][ T3970] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 141.952522][ T3970] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 142.046105][ T4829] loop0: detected capacity change from 0 to 2048 [ 142.206447][ T4829] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 142.466402][ T4819] EXT4-fs error (device loop3): ext4_orphan_get:1422: comm syz.3.372: bad orphan inode 15 [ 142.514047][ T26] audit: type=1326 audit(1719856695.538:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4803 comm="syz.1.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7fd178175b99 code=0x7ffc0000 [ 142.640990][ T26] audit: type=1326 audit(1719856695.538:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4803 comm="syz.1.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd178175b99 code=0x7ffc0000 [ 142.665257][ T4819] EXT4-fs (loop3): Remounting filesystem read-only [ 142.706330][ T4819] ext4_test_bit(bit=14, block=5) = 0 [ 142.711701][ T4819] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 142.726127][ T3970] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 142.737822][ T3970] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 142.765424][ T26] audit: type=1326 audit(1719856695.538:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4803 comm="syz.1.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd178175b99 code=0x7ffc0000 [ 142.791220][ T4819] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters [ 142.813268][ T3970] device bridge_slave_1 left promiscuous mode [ 142.819543][ T3970] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.863207][ T3970] device bridge_slave_0 left promiscuous mode [ 142.869509][ T3970] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.903250][ T26] audit: type=1326 audit(1719856695.768:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4812 comm="syz.4.370" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a83175b99 code=0x0 [ 142.912669][ T4819] EXT4-fs (loop3): Remounting filesystem read-only [ 142.993454][ T4840] fuse: Bad value for 'fd' [ 143.027499][ T4844] loop0: detected capacity change from 0 to 1024 [ 143.082493][ T3970] device veth1_macvtap left promiscuous mode [ 143.102176][ T3970] device veth0_macvtap left promiscuous mode [ 143.107157][ T4844] hfsplus: request for non-existent node 3 in B*Tree [ 143.121559][ T3970] device veth1_vlan left promiscuous mode [ 143.122581][ T4844] hfsplus: request for non-existent node 3 in B*Tree [ 143.140289][ T3970] device veth0_vlan left promiscuous mode [ 143.251361][ T4844] hfsplus: request for non-existent node 4 in B*Tree [ 143.285941][ T4844] hfsplus: request for non-existent node 4 in B*Tree [ 143.305868][ T4844] hfsplus: request for non-existent node 5 in B*Tree [ 143.323019][ T4844] hfsplus: request for non-existent node 5 in B*Tree [ 143.345273][ T4844] hfsplus: request for non-existent node 6 in B*Tree [ 143.364509][ T4844] hfsplus: request for non-existent node 6 in B*Tree [ 144.255702][ T3912] EXT4-fs (loop3): unmounting filesystem. [ 144.255732][ T4858] netlink: 24 bytes leftover after parsing attributes in process `syz.0.382'. [ 145.615851][ T3970] team0 (unregistering): Port device team_slave_1 removed [ 145.656777][ T3970] team0 (unregistering): Port device team_slave_0 removed [ 145.695004][ T3970] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 145.743820][ T3970] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 147.243814][ T3970] bond0 (unregistering): Released all slaves [ 147.268085][ T4891] capability: warning: `syz.1.394' uses deprecated v2 capabilities in a way that may be insecure [ 147.294776][ T4891] program syz.1.394 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 148.300014][ T4675] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 148.339227][ T26] kauditd_printk_skb: 1 callbacks suppressed [ 148.339242][ T26] audit: type=1326 audit(1719856702.408:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4910 comm="syz.0.401" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa70d775b99 code=0x0 [ 148.412028][ T4675] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 148.452097][ T4675] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 148.505527][ T4675] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 148.849362][ T4675] 8021q: adding VLAN 0 to HW filter on device bond0 [ 148.922566][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 148.941173][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 148.997786][ T4675] 8021q: adding VLAN 0 to HW filter on device team0 [ 149.042251][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 149.079720][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 149.144776][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 149.151967][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 149.207009][ T3623] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 149.226123][ T3623] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 149.264091][ T3623] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 149.307118][ T3623] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.314436][ T3623] bridge0: port 2(bridge_slave_1) entered forwarding state [ 149.360938][ T3623] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 149.397007][ T3623] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 149.444559][ T3623] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 149.489389][ T3623] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 149.538033][ T4930] loop0: detected capacity change from 0 to 164 [ 149.586936][ T4675] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 149.619916][ T4930] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 149.639425][ T4675] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 149.706719][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 149.722277][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 149.760325][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 149.790638][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 149.819321][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 149.830900][ T4935] netlink: 24 bytes leftover after parsing attributes in process `syz.1.406'. [ 149.859432][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 149.882257][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 149.914977][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 150.546454][ T26] audit: type=1326 audit(1719856704.618:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a83175b99 code=0x7ffc0000 [ 150.621461][ T3600] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 150.632472][ T3600] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 150.643094][ T26] audit: type=1326 audit(1719856704.648:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a83175b99 code=0x7ffc0000 [ 150.671418][ T4675] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 150.753774][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 150.783988][ T26] audit: type=1326 audit(1719856704.648:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a83175b99 code=0x7ffc0000 [ 150.792969][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 150.927862][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 151.057789][ T26] audit: type=1326 audit(1719856704.648:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a83175b99 code=0x7ffc0000 [ 151.936170][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 151.964542][ T4675] device veth0_vlan entered promiscuous mode [ 152.020977][ T4675] device veth1_vlan entered promiscuous mode [ 152.192554][ T4977] loop3: detected capacity change from 0 to 2048 [ 152.224745][ T4977] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 152.869408][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 152.918300][ T26] audit: type=1326 audit(1719856704.648:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a83175b99 code=0x7ffc0000 [ 152.919066][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 152.976262][ T4957] loop4: detected capacity change from 0 to 8192 [ 153.052409][ T26] audit: type=1326 audit(1719856704.658:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1a83175b99 code=0x7ffc0000 [ 153.052459][ T26] audit: type=1326 audit(1719856704.658:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1a83175bd3 code=0x7ffc0000 [ 153.052496][ T26] audit: type=1326 audit(1719856704.848:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1a8317471f code=0x7ffc0000 [ 153.052530][ T26] audit: type=1326 audit(1719856707.048:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f1a83175c27 code=0x7ffc0000 [ 153.147168][ T4957] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 153.147222][ T4957] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 153.147285][ T4957] loop4: p2 p3 p4 [ 153.147308][ T4957] loop4: partition table partially beyond EOD, truncated [ 153.158946][ T4957] loop4: p2 start 452985600 is beyond EOD, truncated [ 153.159055][ T4957] loop4: p3 size 33554432 extends beyond EOD, truncated [ 153.174045][ T4957] loop4: p4 start 8388607 is beyond EOD, [ 153.203826][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 153.364256][ T4957] truncated [ 153.439615][ T26] kauditd_printk_skb: 5 callbacks suppressed [ 153.439631][ T26] audit: type=1326 audit(1719856707.488:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f1a8317444a code=0x7ffc0000 [ 153.530293][ T26] audit: type=1326 audit(1719856707.578:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f1a8317444a code=0x7ffc0000 [ 153.578194][ T3003] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 153.578218][ T3003] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 153.578281][ T3003] loop4: p2 p3 p4 [ 153.578303][ T3003] loop4: partition table partially beyond EOD, truncated [ 153.578462][ T3003] loop4: p2 start 452985600 is beyond EOD, truncated [ 153.578484][ T3003] loop4: p3 size 33554432 extends beyond EOD, truncated [ 153.581612][ T3003] loop4: p4 start 8388607 is beyond EOD, truncated [ 153.639477][ T26] audit: type=1326 audit(1719856707.588:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f1a8317444a code=0x7ffc0000 [ 153.639524][ T26] audit: type=1326 audit(1719856707.598:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f1a831751b7 code=0x7ffc0000 [ 153.639559][ T26] audit: type=1326 audit(1719856707.638:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f1a8317444a code=0x7ffc0000 [ 153.639595][ T26] audit: type=1326 audit(1719856707.638:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f1a8317444a code=0x7ffc0000 [ 153.639632][ T26] audit: type=1326 audit(1719856707.638:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f1a8317444a code=0x7ffc0000 [ 153.639669][ T26] audit: type=1326 audit(1719856707.638:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f1a8317444a code=0x7ffc0000 [ 153.639704][ T26] audit: type=1326 audit(1719856707.638:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f1a831748ca code=0x7ffc0000 [ 153.639740][ T26] audit: type=1326 audit(1719856707.658:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4956 comm="syz.4.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a83175b99 code=0x7ffc0000 [ 153.660508][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 153.669734][ T4675] device veth0_macvtap entered promiscuous mode [ 153.677882][ T4675] device veth1_macvtap entered promiscuous mode [ 153.741094][ T4675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.741128][ T4675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.741139][ T4675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.741154][ T4675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.741167][ T4675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.741181][ T4675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.741192][ T4675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.741207][ T4675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.751401][ T4675] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 153.751532][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 153.752285][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 153.753340][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 153.754048][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 153.774813][ T4675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.774837][ T4675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.774848][ T4675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.774863][ T4675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.774877][ T4675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.774891][ T4675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.774903][ T4675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.774916][ T4675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.791122][ T4675] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 153.791688][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 153.792495][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 153.806829][ T4675] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.806919][ T4675] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.806947][ T4675] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.806994][ T4675] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.641343][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 156.664665][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 156.692333][ T3593] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 156.750698][ T5019] loop3: detected capacity change from 0 to 1024 [ 156.787407][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 156.845760][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 156.900816][ T5019] hfsplus: bad catalog entry type [ 156.928434][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 157.087070][ T11] hfsplus: b-tree write err: -5, ino 4 [ 157.262872][ T3593] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 157.278743][ T5021] loop0: detected capacity change from 0 to 4096 [ 157.316952][ T5021] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 157.403211][ T5021] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 157.411101][ T5021] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 157.462036][ T5036] program syz.2.431 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 157.464848][ T5021] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 157.521714][ T5021] ntfs3: loop0: try to read out of volume at offset 0x3fffffc1c00 [ 157.529929][ T3593] usb 2-1: Using ep0 maxpacket: 16 [ 157.554368][ T5021] ntfs3: loop0: try to read out of volume at offset 0x3fffffc2c00 [ 157.593944][ T5021] ntfs3: loop0: try to read out of volume at offset 0x3fffffc4c00 [ 157.601925][ T5021] ntfs3: loop0: try to read out of volume at offset 0x3fffffc8c00 [ 157.633943][ T5021] ntfs3: loop0: try to read out of volume at offset 0x3fffffd0c00 [ 157.660778][ T5021] ntfs3: loop0: try to read out of volume at offset 0x3fffffe0c00 [ 157.671865][ T3593] usb 2-1: config 0 has an invalid interface number: 8 but max is 0 [ 157.681095][ T3593] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 157.709892][ T3593] usb 2-1: config 0 has no interface number 0 [ 157.720865][ T3593] usb 2-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 157.933004][ T3593] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 157.949784][ T3593] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 157.984630][ T3593] usb 2-1: Product: syz [ 158.003665][ T3593] usb 2-1: SerialNumber: syz [ 158.013547][ T3593] usb 2-1: config 0 descriptor?? [ 158.056801][ T3593] usbhid 2-1:0.8: couldn't find an input interrupt endpoint [ 158.389599][ T3594] usb 2-1: USB disconnect, device number 9 [ 159.130912][ T5061] loop4: detected capacity change from 0 to 512 [ 159.220763][ T5061] EXT4-fs: Ignoring removed i_version option [ 159.321420][ T5061] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 159.424156][ T5061] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002] [ 159.442736][ T5061] System zones: 1-12 [ 159.444205][ T5069] loop0: detected capacity change from 0 to 1024 [ 159.469948][ T5061] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.435: bg 0: block 131: padding at end of block bitmap is not set [ 159.528545][ T5061] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6173: Corrupt filesystem [ 159.555103][ T5069] hfsplus: bad catalog entry type [ 159.582314][ T5061] EXT4-fs (loop4): 1 truncate cleaned up [ 159.592789][ T5061] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 159.664495][ T3613] hfsplus: b-tree write err: -5, ino 4 [ 159.928077][ T3553] EXT4-fs (loop4): unmounting filesystem. [ 160.155482][ T26] kauditd_printk_skb: 4 callbacks suppressed [ 160.155499][ T26] audit: type=1326 audit(1719856714.228:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5096 comm="syz.2.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8407b75b99 code=0x7ffc0000 [ 160.205192][ T26] audit: type=1326 audit(1719856714.228:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5096 comm="syz.2.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8407b75b99 code=0x7ffc0000 [ 160.237655][ T5094] loop4: detected capacity change from 0 to 4096 [ 160.318266][ T26] audit: type=1326 audit(1719856714.228:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5096 comm="syz.2.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8407b75b99 code=0x7ffc0000 [ 160.351527][ T5094] ntfs3: loop4: try to read out of volume at offset 0x3fffffc0c00 [ 160.402921][ T5094] ntfs3: loop4: try to read out of volume at offset 0x3fffffc0c00 [ 160.424952][ T5094] ntfs3: loop4: try to read out of volume at offset 0x3fffffc0c00 [ 160.448656][ T26] audit: type=1326 audit(1719856714.228:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5096 comm="syz.2.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8407b75b99 code=0x7ffc0000 [ 160.481256][ T5094] ntfs3: loop4: try to read out of volume at offset 0x3fffffc0c00 [ 160.499604][ T5094] ntfs3: loop4: try to read out of volume at offset 0x3fffffc1c00 [ 160.546185][ T5094] ntfs3: loop4: try to read out of volume at offset 0x3fffffc2c00 [ 160.570183][ T26] audit: type=1326 audit(1719856714.228:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5096 comm="syz.2.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8407b75b99 code=0x7ffc0000 [ 160.786333][ T5094] ntfs3: loop4: try to read out of volume at offset 0x3fffffc4c00 [ 161.019626][ T5094] ntfs3: loop4: try to read out of volume at offset 0x3fffffc8c00 [ 161.020886][ T5094] ntfs3: loop4: try to read out of volume at offset 0x3fffffd0c00 [ 161.022353][ T5094] ntfs3: loop4: try to read out of volume at offset 0x3fffffe0c00 [ 161.154221][ T26] audit: type=1326 audit(1719856714.228:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5096 comm="syz.2.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f8407b75b99 code=0x7ffc0000 [ 161.154268][ T26] audit: type=1326 audit(1719856714.228:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5096 comm="syz.2.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f8407b75bd3 code=0x7ffc0000 [ 161.154308][ T26] audit: type=1326 audit(1719856714.388:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5096 comm="syz.2.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f8407b7471f code=0x7ffc0000 [ 161.155879][ T5113] loop0: detected capacity change from 0 to 512 [ 161.176757][ T5113] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.449: invalid indirect mapped block 256 (level 2) [ 161.177793][ T5113] EXT4-fs (loop0): 2 truncates cleaned up [ 161.177827][ T5113] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 161.178562][ T5109] loop3: detected capacity change from 0 to 2048 [ 161.197857][ T5109] EXT4-fs: Ignoring removed mblk_io_submit option [ 161.404735][ T5109] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 161.517960][ T3858] EXT4-fs (loop0): unmounting filesystem. [ 161.549726][ T5109] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.450: bg 0: block 234: padding at end of block bitmap is not set [ 161.587718][ T5109] EXT4-fs (loop3): Remounting filesystem read-only [ 161.779762][ T3912] EXT4-fs (loop3): unmounting filesystem. [ 162.438128][ T5141] loop1: detected capacity change from 0 to 164 [ 162.506181][ T5141] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 162.577737][ T41] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.666753][ T5146] loop3: detected capacity change from 0 to 256 [ 162.750196][ T5146] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 162.794110][ T5146] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 162.799557][ T5150] loop4: detected capacity change from 0 to 256 [ 162.829024][ T41] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.896583][ T5150] FAT-fs (loop4): Directory bread(block 64) failed [ 162.952185][ T5150] FAT-fs (loop4): Directory bread(block 65) failed [ 162.975489][ T41] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.991637][ T5150] FAT-fs (loop4): Directory bread(block 66) failed [ 163.008751][ T5150] FAT-fs (loop4): Directory bread(block 67) failed [ 163.024881][ T5150] FAT-fs (loop4): Directory bread(block 68) failed [ 163.042843][ T5150] FAT-fs (loop4): Directory bread(block 69) failed [ 163.057638][ T5150] FAT-fs (loop4): Directory bread(block 70) failed [ 163.078302][ T5150] FAT-fs (loop4): Directory bread(block 71) failed [ 163.097399][ T5150] FAT-fs (loop4): Directory bread(block 72) failed [ 163.130192][ T5150] FAT-fs (loop4): Directory bread(block 73) failed [ 163.158515][ T41] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.180437][ T5156] loop3: detected capacity change from 0 to 512 [ 163.241931][ T5156] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.463: invalid indirect mapped block 256 (level 2) [ 163.357558][ T5156] EXT4-fs (loop3): 2 truncates cleaned up [ 163.367327][ T5156] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 163.415658][ T3555] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 163.427561][ T3555] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 163.436807][ T3555] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 163.445547][ T3555] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 163.464218][ T3555] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 163.472215][ T3555] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 163.671074][ T3912] EXT4-fs (loop3): unmounting filesystem. [ 163.905312][ T5172] loop1: detected capacity change from 0 to 2048 [ 163.915586][ T5172] EXT4-fs: Ignoring removed mblk_io_submit option [ 163.974926][ T5172] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 164.072270][ T5172] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.467: bg 0: block 234: padding at end of block bitmap is not set [ 164.130343][ T5172] EXT4-fs (loop1): Remounting filesystem read-only [ 164.250697][ T3550] EXT4-fs (loop1): unmounting filesystem. [ 164.455712][ T5161] chnl_net:caif_netlink_parms(): no params data found [ 164.800800][ T5166] loop4: detected capacity change from 0 to 32768 [ 164.853344][ T5166] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 164.861086][ T3555] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 164.889968][ T3555] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 164.903307][ T5166] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 164.919273][ T3555] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 164.928772][ T3555] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 164.937729][ T3555] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 164.945155][ T3555] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 165.006158][ T5166] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 165.020131][ T5201] loop2: detected capacity change from 0 to 256 [ 165.026865][ T2964] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 165.034115][ T2964] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 165.043391][ T5161] bridge0: port 1(bridge_slave_0) entered blocking state [ 165.050498][ T5161] bridge0: port 1(bridge_slave_0) entered disabled state [ 165.078198][ T5161] device bridge_slave_0 entered promiscuous mode [ 165.108639][ T5201] FAT-fs (loop2): Directory bread(block 64) failed [ 165.126501][ T5201] FAT-fs (loop2): Directory bread(block 65) failed [ 165.139844][ T5201] FAT-fs (loop2): Directory bread(block 66) failed [ 165.153293][ T5201] FAT-fs (loop2): Directory bread(block 67) failed [ 165.160273][ T2964] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 126ms [ 165.161552][ T5201] FAT-fs (loop2): Directory bread(block 68) failed [ 165.177223][ T5161] bridge0: port 2(bridge_slave_1) entered blocking state [ 165.187094][ T2964] gfs2: fsid=syz:syz.0: jid=0: Done [ 165.190373][ T5161] bridge0: port 2(bridge_slave_1) entered disabled state [ 165.199703][ T5201] FAT-fs (loop2): Directory bread(block 69) failed [ 165.206357][ T5166] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 165.226887][ T5161] device bridge_slave_1 entered promiscuous mode [ 165.244967][ T5201] FAT-fs (loop2): Directory bread(block 70) failed [ 165.282812][ T5201] FAT-fs (loop2): Directory bread(block 71) failed [ 165.304627][ T5201] FAT-fs (loop2): Directory bread(block 72) failed [ 165.314292][ T5201] FAT-fs (loop2): Directory bread(block 73) failed [ 165.390115][ T5166] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block) [ 165.402703][ T5166] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error [ 165.402703][ T5166] inode = 12 2341 [ 165.402703][ T5166] function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 602 [ 165.426985][ T5161] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 165.439252][ T5166] gfs2: fsid=syz:syz.0: G: s:SH n:2/925 f:qob t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1 [ 165.458839][ T5166] gfs2: fsid=syz:syz.0: H: s:SH f:H e:0 p:5166 [syz.4.464] __gfs2_lookup+0xa0/0x270 [ 165.475524][ T5166] gfs2: fsid=syz:syz.0: I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0 [ 165.521252][ T5166] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 165.543020][ T3563] Bluetooth: hci0: command tx timeout [ 165.559661][ T5166] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 165.569048][ T5166] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 165.578011][ T5166] gfs2: fsid=syz:syz.0: File system withdrawn [ 165.584169][ T5166] CPU: 1 PID: 5166 Comm: syz.4.464 Not tainted 6.1.96-syzkaller #0 [ 165.592092][ T5166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 165.602180][ T5166] Call Trace: [ 165.605485][ T5166] [ 165.608477][ T5166] dump_stack_lvl+0x1e3/0x2cb [ 165.613206][ T5166] ? nf_tcp_handle_invalid+0x642/0x642 [ 165.618700][ T5166] ? panic+0x764/0x764 [ 165.622801][ T5166] ? kobject_uevent_env+0x54a/0x8c0 [ 165.628050][ T5166] gfs2_withdraw+0xf09/0x14b0 [ 165.632775][ T5166] ? gfs2_lm+0x230/0x230 [ 165.637038][ T5166] ? gfs2_dirent_scan+0x276/0x640 [ 165.642107][ T5166] ? panic+0x764/0x764 [ 165.646214][ T5166] ? gfs2_consist_inode_i+0xf1/0x110 [ 165.651532][ T5166] gfs2_dirent_scan+0x512/0x640 [ 165.656416][ T5166] ? gfs2_dirent_search+0x8c0/0x8c0 [ 165.661651][ T5166] gfs2_dirent_search+0x30a/0x8c0 [ 165.666703][ T5166] ? gfs2_dirent_search+0x8c0/0x8c0 [ 165.671911][ T5166] ? inode_dio_wait+0x2a9/0x340 [ 165.676780][ T5166] ? generic_permission+0x21c/0x4f0 [ 165.681983][ T5166] ? gfs2_dir_search+0x2f0/0x2f0 [ 165.686920][ T5166] ? gfs2_permission+0x401/0x4d0 [ 165.691862][ T5166] gfs2_dir_search+0xae/0x2f0 [ 165.696550][ T5166] ? do_filldir_main+0x520/0x520 [ 165.701493][ T5166] ? inode_go_held+0xe6/0x1f0 [ 165.706193][ T5166] ? gfs2_glock_wait+0x216/0x2a0 [ 165.711141][ T5166] gfs2_lookupi+0x45f/0x5e0 [ 165.715661][ T5166] ? gfs2_lookup_simple+0x170/0x170 [ 165.720870][ T5166] ? __gfs2_lookup+0xa0/0x270 [ 165.725561][ T5166] ? __d_lookup+0x8b/0x790 [ 165.729993][ T5166] __gfs2_lookup+0xa0/0x270 [ 165.734506][ T5166] ? gfs2_atomic_open+0x220/0x220 [ 165.739543][ T5166] ? __d_lookup+0x6d6/0x790 [ 165.744073][ T5166] gfs2_atomic_open+0x9a/0x220 [ 165.748871][ T5166] path_openat+0xf4e/0x2e60 [ 165.753418][ T5166] ? gfs2_rename2+0x25a0/0x25a0 [ 165.758300][ T5166] ? do_filp_open+0x480/0x480 [ 165.763002][ T5166] do_filp_open+0x230/0x480 [ 165.767511][ T5166] ? vfs_tmpfile+0x4a0/0x4a0 [ 165.772120][ T5166] ? _raw_spin_unlock+0x24/0x40 [ 165.776972][ T5166] ? alloc_fd+0x59c/0x640 [ 165.781318][ T5166] do_sys_openat2+0x13b/0x500 [ 165.786023][ T5166] ? do_sys_open+0x220/0x220 [ 165.790616][ T5166] ? xfd_validate_state+0x6a/0x140 [ 165.795731][ T5166] ? restore_fpregs_from_fpstate+0xfc/0x230 [ 165.801636][ T5166] __x64_sys_openat+0x243/0x290 [ 165.806496][ T5166] ? __ia32_sys_open+0x270/0x270 [ 165.811473][ T5166] ? syscall_enter_from_user_mode+0x2e/0x230 [ 165.817468][ T5166] ? lockdep_hardirqs_on+0x94/0x130 [ 165.822669][ T5166] ? syscall_enter_from_user_mode+0x2e/0x230 [ 165.828657][ T5166] do_syscall_64+0x3b/0xb0 [ 165.833095][ T5166] ? clear_bhb_loop+0x45/0xa0 [ 165.837781][ T5166] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 165.843763][ T5166] RIP: 0033:0x7f1a83175b99 [ 165.848191][ T5166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.867798][ T5166] RSP: 002b:00007f1a83fae048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 165.876217][ T5166] RAX: ffffffffffffffda RBX: 00007f1a83303fa0 RCX: 00007f1a83175b99 [ 165.884189][ T5166] RDX: 000000000000275a RSI: 00000000200002c0 RDI: ffffffffffffff9c [ 165.892157][ T5166] RBP: 00007f1a831f677e R08: 0000000000000000 R09: 0000000000000000 [ 165.900124][ T5166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 165.908095][ T5166] R13: 000000000000000b R14: 00007f1a83303fa0 R15: 00007fff43096aa8 [ 165.916087][ T5166] [ 166.128401][ T5161] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 166.972858][ T3563] Bluetooth: hci3: command tx timeout [ 166.981262][ T5161] team0: Port device team_slave_0 added [ 167.058750][ T41] device hsr_slave_0 left promiscuous mode [ 167.095466][ T41] device hsr_slave_1 left promiscuous mode [ 167.111526][ T41] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 167.135379][ T41] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 167.362354][ T41] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 167.386181][ T41] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 167.565083][ T5242] loop4: detected capacity change from 0 to 1024 [ 167.613482][ T3563] Bluetooth: hci0: command tx timeout [ 167.627353][ T41] device bridge_slave_1 left promiscuous mode [ 167.633161][ T5242] hfsplus: extend alloc file! (8192,65536,366) [ 167.633820][ T41] bridge0: port 2(bridge_slave_1) entered disabled state [ 167.669761][ T41] device bridge_slave_0 left promiscuous mode [ 167.676808][ T41] bridge0: port 1(bridge_slave_0) entered disabled state [ 167.717495][ T3567] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 167.945395][ T41] device veth1_macvtap left promiscuous mode [ 167.952083][ T41] device veth0_macvtap left promiscuous mode [ 167.972838][ T41] device veth1_vlan left promiscuous mode [ 167.978718][ T41] device veth0_vlan left promiscuous mode [ 168.313624][ T5242] user requested TSC rate below hardware speed [ 169.062939][ T3563] Bluetooth: hci3: command tx timeout [ 169.696652][ T3563] Bluetooth: hci0: command tx timeout [ 169.719832][ T41] team0 (unregistering): Port device team_slave_1 removed [ 169.837347][ T41] team0 (unregistering): Port device team_slave_0 removed [ 169.894693][ T41] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 169.984822][ T5259] loop4: detected capacity change from 0 to 32768 [ 170.015652][ T41] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 170.027959][ T5259] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 170.038490][ T5259] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 170.078978][ T5259] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 170.103620][ T2964] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 170.121070][ T2964] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 170.269948][ T2964] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 148ms [ 170.313668][ T2964] gfs2: fsid=syz:syz.0: jid=0: Done [ 170.328263][ T5259] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 170.376955][ T5259] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block) [ 170.411560][ T5259] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error [ 170.411560][ T5259] inode = 12 2341 [ 170.411560][ T5259] function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 602 [ 170.465137][ T5259] gfs2: fsid=syz:syz.0: G: s:SH n:2/925 f:qob t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1 [ 170.500107][ T5259] gfs2: fsid=syz:syz.0: H: s:SH f:H e:0 p:5259 [syz.4.485] __gfs2_lookup+0xa0/0x270 [ 170.534097][ T5259] gfs2: fsid=syz:syz.0: I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0 [ 170.542827][ T5259] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 170.560117][ T5259] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 170.603431][ T5259] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 170.610762][ T5259] gfs2: fsid=syz:syz.0: File system withdrawn [ 170.640619][ T5259] CPU: 0 PID: 5259 Comm: syz.4.485 Not tainted 6.1.96-syzkaller #0 [ 170.648571][ T5259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 170.658667][ T5259] Call Trace: [ 170.661976][ T5259] [ 170.664933][ T5259] dump_stack_lvl+0x1e3/0x2cb [ 170.669667][ T5259] ? nf_tcp_handle_invalid+0x642/0x642 [ 170.675159][ T5259] ? panic+0x764/0x764 [ 170.679243][ T5259] ? kobject_uevent_env+0x54a/0x8c0 [ 170.684467][ T5259] gfs2_withdraw+0xf09/0x14b0 [ 170.689179][ T5259] ? gfs2_lm+0x230/0x230 [ 170.693435][ T5259] ? gfs2_dirent_scan+0x276/0x640 [ 170.698468][ T5259] ? panic+0x764/0x764 [ 170.702553][ T5259] ? gfs2_consist_inode_i+0xf1/0x110 [ 170.707862][ T5259] gfs2_dirent_scan+0x512/0x640 [ 170.712727][ T5259] ? gfs2_dirent_search+0x8c0/0x8c0 [ 170.717936][ T5259] gfs2_dirent_search+0x30a/0x8c0 [ 170.722969][ T5259] ? gfs2_dirent_search+0x8c0/0x8c0 [ 170.728165][ T5259] ? inode_dio_wait+0x2a9/0x340 [ 170.733153][ T5259] ? generic_permission+0x21c/0x4f0 [ 170.738377][ T5259] ? gfs2_dir_search+0x2f0/0x2f0 [ 170.743335][ T5259] ? gfs2_permission+0x401/0x4d0 [ 170.748296][ T5259] gfs2_dir_search+0xae/0x2f0 [ 170.752981][ T5259] ? do_filldir_main+0x520/0x520 [ 170.757923][ T5259] ? inode_go_held+0xe6/0x1f0 [ 170.762615][ T5259] ? gfs2_glock_wait+0x216/0x2a0 [ 170.767582][ T5259] gfs2_lookupi+0x45f/0x5e0 [ 170.772119][ T5259] ? gfs2_lookup_simple+0x170/0x170 [ 170.777321][ T5259] ? __gfs2_lookup+0xa0/0x270 [ 170.782005][ T5259] ? __d_lookup+0x8b/0x790 [ 170.786430][ T5259] __gfs2_lookup+0xa0/0x270 [ 170.790942][ T5259] ? gfs2_atomic_open+0x220/0x220 [ 170.795992][ T5259] ? __d_lookup+0x6d6/0x790 [ 170.800506][ T5259] gfs2_atomic_open+0x9a/0x220 [ 170.805298][ T5259] path_openat+0xf4e/0x2e60 [ 170.809816][ T5259] ? gfs2_rename2+0x25a0/0x25a0 [ 170.814689][ T5259] ? do_filp_open+0x480/0x480 [ 170.819393][ T5259] do_filp_open+0x230/0x480 [ 170.823905][ T5259] ? vfs_tmpfile+0x4a0/0x4a0 [ 170.828536][ T5259] ? _raw_spin_unlock+0x24/0x40 [ 170.833404][ T5259] ? alloc_fd+0x59c/0x640 [ 170.837746][ T5259] do_sys_openat2+0x13b/0x500 [ 170.842524][ T5259] ? do_sys_open+0x220/0x220 [ 170.847124][ T5259] ? xfd_validate_state+0x6a/0x140 [ 170.852238][ T5259] ? restore_fpregs_from_fpstate+0xfc/0x230 [ 170.858148][ T5259] __x64_sys_openat+0x243/0x290 [ 170.863011][ T5259] ? __ia32_sys_open+0x270/0x270 [ 170.867960][ T5259] ? syscall_enter_from_user_mode+0x2e/0x230 [ 170.873947][ T5259] ? lockdep_hardirqs_on+0x94/0x130 [ 170.879164][ T5259] ? syscall_enter_from_user_mode+0x2e/0x230 [ 170.885154][ T5259] do_syscall_64+0x3b/0xb0 [ 170.889579][ T5259] ? clear_bhb_loop+0x45/0xa0 [ 170.894268][ T5259] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 170.900180][ T5259] RIP: 0033:0x7f1a83175b99 [ 170.904599][ T5259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.924207][ T5259] RSP: 002b:00007f1a83fae048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 170.932727][ T5259] RAX: ffffffffffffffda RBX: 00007f1a83303fa0 RCX: 00007f1a83175b99 [ 170.940711][ T5259] RDX: 000000000000275a RSI: 00000000200002c0 RDI: ffffffffffffff9c [ 170.948694][ T5259] RBP: 00007f1a831f677e R08: 0000000000000000 R09: 0000000000000000 [ 170.956672][ T5259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 170.964647][ T5259] R13: 000000000000000b R14: 00007f1a83303fa0 R15: 00007fff43096aa8 [ 170.972639][ T5259] [ 171.132911][ T3563] Bluetooth: hci3: command tx timeout [ 171.839376][ T3563] Bluetooth: hci0: command tx timeout [ 172.651026][ T41] bond0 (unregistering): Released all slaves [ 172.845374][ T5311] loop2: detected capacity change from 0 to 1024 [ 172.879961][ T5161] team0: Port device team_slave_1 added [ 172.964267][ T5313] nfs: Unknown parameter 'ñ&\^' [ 173.304287][ T3555] Bluetooth: hci3: command tx timeout [ 173.636021][ T5161] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 173.652760][ T5161] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.759046][ T5161] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 173.822903][ T5161] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 173.845899][ T5161] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.881633][ T26] audit: type=1326 audit(1719856727.948:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.2.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8407b75b99 code=0x7ffc0000 [ 173.903790][ T5161] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 174.005613][ T26] audit: type=1326 audit(1719856727.948:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.2.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8407b75b99 code=0x7ffc0000 [ 174.069291][ T26] audit: type=1326 audit(1719856727.948:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.2.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8407b75b99 code=0x7ffc0000 [ 174.069605][ T5324] loop2: detected capacity change from 0 to 8192 [ 174.128973][ T26] audit: type=1326 audit(1719856727.958:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.2.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8407b75b99 code=0x7ffc0000 [ 174.161416][ T26] audit: type=1326 audit(1719856727.958:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.2.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8407b75b99 code=0x7ffc0000 [ 174.165606][ T5161] device hsr_slave_0 entered promiscuous mode [ 174.196874][ T5324] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 174.207398][ T26] audit: type=1326 audit(1719856727.958:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.2.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f8407b75b99 code=0x7ffc0000 [ 174.231716][ T5324] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 174.242226][ T26] audit: type=1326 audit(1719856727.958:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.2.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f8407b75bd3 code=0x7ffc0000 [ 174.265692][ T5324] loop2: p2 p3 p4 [ 174.269807][ T5161] device hsr_slave_1 entered promiscuous mode [ 174.284473][ T5324] loop2: partition table partially beyond EOD, truncated [ 174.293117][ T5324] loop2: p2 start 452985600 is beyond EOD, truncated [ 174.300974][ T5324] loop2: p3 size 33554432 extends beyond EOD, truncated [ 174.433955][ T5324] loop2: p4 start 8388607 is beyond EOD, truncated [ 174.435577][ T26] audit: type=1326 audit(1719856728.018:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.2.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f8407b7471f code=0x7ffc0000 [ 175.161820][ T5195] chnl_net:caif_netlink_parms(): no params data found [ 175.169174][ T26] audit: type=1326 audit(1719856728.138:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.2.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f8407b75c27 code=0x7ffc0000 [ 175.214190][ T3567] udevd[3567]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 175.277708][ T26] audit: type=1326 audit(1719856728.138:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.2.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8407b745d0 code=0x7ffc0000 [ 175.361976][ T5343] loop2: detected capacity change from 0 to 1024 [ 175.424836][ T5343] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 175.821363][ T5195] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.844847][ T5195] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.899730][ T5195] device bridge_slave_0 entered promiscuous mode [ 175.916079][ T5195] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.951152][ T5195] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.044524][ T5195] device bridge_slave_1 entered promiscuous mode [ 176.808985][ T5362] loop1: detected capacity change from 0 to 1024 [ 176.976796][ T5195] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 177.129299][ T5195] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 177.132445][ T5372] "syz.1.518" (5372) uses obsolete ecb(arc4) skcipher [ 177.280352][ T5195] team0: Port device team_slave_0 added [ 177.310892][ T5195] team0: Port device team_slave_1 added [ 177.455189][ T5195] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 177.483117][ T5195] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 177.548573][ T5195] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 177.622138][ T5381] loop4: detected capacity change from 0 to 2048 [ 177.629369][ T5195] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 177.668729][ T5195] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 177.748701][ T5195] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 177.789011][ T5384] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 177.912360][ T5161] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 177.966832][ T5195] device hsr_slave_0 entered promiscuous mode [ 177.974622][ T5387] loop1: detected capacity change from 0 to 1024 [ 178.000528][ T5195] device hsr_slave_1 entered promiscuous mode [ 178.013439][ T5195] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 178.021024][ T5195] Cannot create hsr debugfs directory [ 178.060016][ T5390] loop2: detected capacity change from 0 to 1024 [ 178.069643][ T5161] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 178.100958][ T5387] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 178.171997][ T5161] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 178.236654][ T5161] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 178.501362][ T5400] "syz.4.529" (5400) uses obsolete ecb(arc4) skcipher [ 178.611354][ T5195] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.754921][ T5195] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.840744][ T5161] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.863364][ T3600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 178.885615][ T3600] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 178.910418][ T5161] 8021q: adding VLAN 0 to HW filter on device team0 [ 179.005020][ T5195] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.073930][ T3600] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 179.103383][ T3600] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 179.127866][ T5415] loop1: detected capacity change from 0 to 2048 [ 179.135569][ T3600] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.142734][ T3600] bridge0: port 1(bridge_slave_0) entered forwarding state [ 179.215140][ T5419] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 179.271413][ T5195] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.308487][ T3598] kernel write not supported for file /media0 (pid: 3598 comm: kworker/1:8) [ 179.330248][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 179.359768][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 179.407800][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 179.438499][ T3596] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.445731][ T3596] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.526462][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 179.561013][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 179.570348][ T26] kauditd_printk_skb: 15 callbacks suppressed [ 179.570363][ T26] audit: type=1326 audit(1719856733.638:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5425 comm="syz.4.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a83175b99 code=0x7ffc0000 [ 179.632911][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 179.656029][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 179.700731][ T26] audit: type=1326 audit(1719856733.678:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5425 comm="syz.4.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a83175b99 code=0x7ffc0000 [ 179.724202][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 179.743388][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 179.752103][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 179.792808][ T26] audit: type=1326 audit(1719856733.678:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5425 comm="syz.4.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a83175b99 code=0x7ffc0000 [ 179.801265][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 179.826251][ T5435] "syz.2.540" (5435) uses obsolete ecb(arc4) skcipher [ 179.874079][ T5161] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 179.916775][ T26] audit: type=1326 audit(1719856733.678:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5425 comm="syz.4.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a83175b99 code=0x7ffc0000 [ 179.960225][ T5161] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 180.269562][ T26] audit: type=1326 audit(1719856733.678:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5425 comm="syz.4.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a83175b99 code=0x7ffc0000 [ 180.302693][ T26] audit: type=1326 audit(1719856733.678:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5425 comm="syz.4.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1a83175b99 code=0x7ffc0000 [ 180.329836][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 180.361502][ T5430] loop4: detected capacity change from 0 to 8192 [ 180.388814][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 180.462399][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 180.474374][ T5430] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 180.591288][ T5430] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 180.593806][ T26] audit: type=1326 audit(1719856733.678:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5425 comm="syz.4.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1a83175bd3 code=0x7ffc0000 [ 180.627483][ T5430] loop4: p2 p3 p4 [ 180.631267][ T5430] loop4: partition table partially beyond EOD, truncated [ 180.659815][ T5430] loop4: p2 start 452985600 is beyond EOD, truncated [ 180.666815][ T26] audit: type=1326 audit(1719856733.838:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5425 comm="syz.4.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1a8317471f code=0x7ffc0000 [ 180.666856][ T26] audit: type=1326 audit(1719856734.328:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5425 comm="syz.4.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f1a83175c27 code=0x7ffc0000 [ 180.773475][ T5430] loop4: p3 size 33554432 extends beyond EOD, truncated [ 180.841861][ T5430] loop4: p4 start 8388607 is beyond EOD, truncated [ 180.854468][ T3598] kernel write not supported for file /media0 (pid: 3598 comm: kworker/1:8) [ 180.876672][ T5195] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 180.951423][ T26] audit: type=1326 audit(1719856734.428:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5425 comm="syz.4.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1a831745d0 code=0x7ffc0000 [ 180.976045][ T5448] loop2: detected capacity change from 0 to 4096 [ 180.996278][ T5195] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 181.044886][ T5195] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 181.113385][ T5448] ntfs: volume version 3.1. [ 181.128501][ T5457] netlink: 'syz.1.546': attribute type 1 has an invalid length. [ 181.152682][ T5457] netlink: 20 bytes leftover after parsing attributes in process `syz.1.546'. [ 181.190704][ T5195] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 181.497060][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 181.517463][ T3567] udevd[3567]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 181.523790][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 181.591978][ T5161] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.819061][ T3593] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 181.831886][ T3593] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 181.951286][ T5161] device veth0_vlan entered promiscuous mode [ 181.958606][ T22] kernel write not supported for file /media0 (pid: 22 comm: kworker/1:0) [ 181.993390][ T3593] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 182.002272][ T3593] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 182.039757][ T5487] netlink: 'syz.2.557': attribute type 1 has an invalid length. [ 182.065737][ T5487] netlink: 20 bytes leftover after parsing attributes in process `syz.2.557'. [ 182.162758][ T5195] 8021q: adding VLAN 0 to HW filter on device bond0 [ 182.169745][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 182.178388][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 182.232224][ T5161] device veth1_vlan entered promiscuous mode [ 182.276414][ T5494] loop4: detected capacity change from 0 to 1024 [ 182.292980][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 182.301195][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 182.337168][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 182.359851][ T5195] 8021q: adding VLAN 0 to HW filter on device team0 [ 182.380536][ T5494] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 182.464904][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 182.477728][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 182.500546][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 182.519392][ T2964] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.526593][ T2964] bridge0: port 1(bridge_slave_0) entered forwarding state [ 182.543045][ T3647] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 182.570912][ T5505] loop2: detected capacity change from 0 to 128 [ 182.639391][ T3600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 182.659914][ T3600] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 182.703277][ T3600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 182.730135][ T3600] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 182.753088][ T3600] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.760325][ T3600] bridge0: port 2(bridge_slave_1) entered forwarding state [ 182.775669][ T3600] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 182.801118][ T3600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 182.830513][ T5161] device veth0_macvtap entered promiscuous mode [ 182.914752][ T5161] device veth1_macvtap entered promiscuous mode [ 182.985144][ T3647] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 183.014207][ T3647] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 183.022436][ T3647] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 183.051720][ T5519] loop1: detected capacity change from 0 to 1024 [ 183.084847][ T3647] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 183.103958][ T3647] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 183.128313][ T3647] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 183.221278][ T5525] netlink: 'syz.2.566': attribute type 2 has an invalid length. [ 183.258923][ T3623] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 183.275343][ T3623] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 183.294257][ T3623] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 183.338977][ T3623] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 183.348275][ T3623] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 183.391846][ T5195] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 183.406198][ T5528] netlink: 'syz.1.567': attribute type 1 has an invalid length. [ 183.415560][ T5528] netlink: 20 bytes leftover after parsing attributes in process `syz.1.567'. [ 183.430514][ T5161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.441749][ T5161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.451956][ T5161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.493663][ T5161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.504700][ T5161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.522732][ T3623] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 183.531775][ T5161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.544629][ T5161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.555434][ T5161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.566667][ T5161] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 183.589271][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 183.599942][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 183.611759][ T5161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.642803][ T3600] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 183.650462][ T5161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.670990][ T5161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.691960][ T5161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.714108][ T5161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.742786][ T5161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.762675][ T5161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.774338][ T3623] usb 5-1: Using ep0 maxpacket: 8 [ 183.781603][ T5161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.804522][ T5161] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 183.811906][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 183.830937][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 183.893034][ T3623] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 183.910486][ T3623] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 183.928925][ T3623] usb 5-1: New USB device found, idVendor=05ac, idProduct=0267, bcdDevice= 0.00 [ 183.949055][ T3623] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 183.960557][ T5161] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.969672][ T5161] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.977521][ T3623] usb 5-1: config 0 descriptor?? [ 183.980392][ T5161] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.992415][ T5161] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.023250][ T3600] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 184.041045][ T3600] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 184.050902][ T3600] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 184.060057][ T3600] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.075599][ T3600] usb 3-1: config 0 descriptor?? [ 184.117976][ T5195] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 184.188521][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 184.200750][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 184.264179][ T41] device hsr_slave_0 left promiscuous mode [ 184.270801][ T41] device hsr_slave_1 left promiscuous mode [ 184.279201][ T41] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 184.287559][ T41] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 184.296197][ T41] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 184.312692][ T41] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 184.320683][ T41] device bridge_slave_1 left promiscuous mode [ 184.327370][ T41] bridge0: port 2(bridge_slave_1) entered disabled state [ 184.336935][ T41] device bridge_slave_0 left promiscuous mode [ 184.343586][ T41] bridge0: port 1(bridge_slave_0) entered disabled state [ 184.380903][ T41] device veth1_macvtap left promiscuous mode [ 184.387296][ T41] device veth0_macvtap left promiscuous mode [ 184.394203][ T41] device veth1_vlan left promiscuous mode [ 184.400182][ T41] device veth0_vlan left promiscuous mode [ 184.480379][ T3623] apple 0003:05AC:0267.0002: hidraw0: USB HID v0.00 Device [HID 05ac:0267] on usb-dummy_hcd.4-1/input0 [ 184.554566][ T3600] hid (null): bogus close delimiter [ 184.682431][ T3593] usb 5-1: USB disconnect, device number 2 [ 184.765064][ T3600] usb 3-1: language id specifier not provided by device, defaulting to English [ 184.880939][ T41] team0 (unregistering): Port device team_slave_1 removed [ 184.914255][ T41] team0 (unregistering): Port device team_slave_0 removed [ 184.958351][ T41] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 184.997760][ T41] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 185.232494][ T3600] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0003/input/input7 [ 185.375068][ T3600] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0003/input/input8 [ 185.440730][ T3600] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0003/input/input9 [ 185.468531][ T5552] loop1: detected capacity change from 0 to 4096 [ 185.480003][ T3600] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0003/input/input10 [ 185.500688][ T5552] __ntfs_error: 18 callbacks suppressed [ 185.500703][ T5552] ntfs: (device loop1): parse_ntfs_boot_sector(): Mft record size (131072) exceeds the PAGE_SIZE on your system (4096). This is not supported. Sorry. [ 185.570727][ T3600] uclogic 0003:256C:006D.0003: input,hiddev0,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.2-1/input0 [ 185.585609][ T3567] I/O error, dev loop1, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 185.588160][ T3600] usb 3-1: USB disconnect, device number 6 [ 185.813313][ T41] bond0 (unregistering): Released all slaves [ 185.893745][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 185.917837][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 185.926880][ T5554] netlink: 'syz.4.577': attribute type 1 has an invalid length. [ 185.932944][ T3559] Bluetooth: hci2: command 0x0406 tx timeout [ 185.934918][ T3563] Bluetooth: hci1: command 0x0406 tx timeout [ 185.952848][ T5554] netlink: 20 bytes leftover after parsing attributes in process `syz.4.577'. [ 185.978892][ T5558] ip6gretap0 speed is unknown, defaulting to 1000 [ 186.039747][ T5558] ip6gretap0 speed is unknown, defaulting to 1000 [ 186.063222][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 186.071812][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 186.106076][ T5195] device veth0_vlan entered promiscuous mode [ 186.123236][ T5558] ip6gretap0 speed is unknown, defaulting to 1000 [ 186.129763][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 186.138325][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 186.155991][ T5558] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 186.164285][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 186.175300][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 186.190094][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 186.226910][ T5195] device veth1_vlan entered promiscuous mode [ 186.237285][ T5558] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 186.308894][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 186.328647][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 186.338690][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 186.361584][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 186.375616][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 186.391026][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 186.400746][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 186.418998][ T5558] ip6gretap0 speed is unknown, defaulting to 1000 [ 186.428191][ T5195] device veth0_macvtap entered promiscuous mode [ 186.436824][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 186.451477][ T5195] device veth1_macvtap entered promiscuous mode [ 186.459060][ T5558] ip6gretap0 speed is unknown, defaulting to 1000 [ 186.478821][ T5558] ip6gretap0 speed is unknown, defaulting to 1000 [ 186.508343][ T5195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 186.532209][ T5195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.543092][ T5195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 186.552708][ T3600] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 186.553970][ T5195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.594521][ T5195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 186.610992][ T5195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.634801][ T5195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 186.647307][ T5195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.660208][ T5195] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 186.668646][ T5558] ip6gretap0 speed is unknown, defaulting to 1000 [ 186.678031][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 186.689617][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 186.715508][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 186.730905][ T5568] loop4: detected capacity change from 0 to 4096 [ 186.775237][ T5558] ip6gretap0 speed is unknown, defaulting to 1000 [ 186.776697][ T5195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.822576][ T5568] ntfs: volume version 3.1. [ 186.836228][ T5195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.853179][ T5568] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 186.875105][ T5195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.895443][ T5568] ntfs: (device loop4): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 186.911743][ T5195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.912807][ T3600] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 186.943395][ T5568] ntfs: (device loop4): load_system_files(): Failed to determine if Windows is hibernated. Mounting read-only. Run chkdsk. [ 186.962834][ T3600] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 186.972626][ T5195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.972647][ T5195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.972665][ T5195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.972679][ T5195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.992207][ T5195] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 187.041523][ T5195] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.050369][ T5195] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.101434][ T3600] usb 3-1: New USB device found, idVendor=056a, idProduct=0309, bcdDevice= 0.00 [ 187.112141][ T5195] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.131988][ T5195] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.142725][ T3600] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 187.167967][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 187.170790][ T3600] usb 3-1: config 0 descriptor?? [ 187.178697][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 187.410932][ T5582] netlink: 'syz.4.587': attribute type 1 has an invalid length. [ 187.425615][ T5582] netlink: 20 bytes leftover after parsing attributes in process `syz.4.587'. [ 187.496440][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.518407][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.685190][ T5584] fuse: Bad value for 'fd' [ 188.011849][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.176118][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.261002][ T3623] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 188.268696][ T3600] wacom 0003:056A:0309.0004: hidraw0: USB HID v0.00 Device [HID 056a:0309] on usb-dummy_hcd.2-1/input0 [ 188.280688][ T3623] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 188.298696][ T3600] usb 3-1: USB disconnect, device number 7 [ 188.864837][ T5608] loop0: detected capacity change from 0 to 128 [ 189.285248][ T5576] loop1: detected capacity change from 0 to 40427 [ 189.388742][ T5576] F2FS-fs (loop1): invalid crc value [ 189.457080][ T5576] F2FS-fs (loop1): Found nat_bits in checkpoint [ 189.739902][ T5576] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 189.921935][ T3550] syz-executor: attempt to access beyond end of device [ 189.921935][ T3550] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 190.588799][ T5665] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 190.635661][ T26] audit: type=1800 audit(1719856744.708:145): pid=5667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.619" name="bus" dev="sda1" ino=2003 res=0 errno=0 [ 191.611076][ T5676] fuse: Bad value for 'fd' [ 191.684325][ T3594] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 191.860479][ T5686] input: syz0 as /devices/virtual/input/input14 [ 191.943052][ T3594] usb 2-1: Using ep0 maxpacket: 8 [ 192.063059][ T3594] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 192.087652][ T3594] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 192.139119][ T3594] usb 2-1: New USB device found, idVendor=05ac, idProduct=0267, bcdDevice= 0.00 [ 192.172993][ T3594] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 192.223874][ T3594] usb 2-1: config 0 descriptor?? [ 192.254484][ T26] audit: type=1800 audit(1719856746.328:146): pid=5705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.632" name="bus" dev="sda1" ino=1979 res=0 errno=0 [ 192.324171][ T5707] loop3: detected capacity change from 0 to 512 [ 192.340858][ T5709] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 192.380149][ T5707] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 192.456206][ T5707] EXT4-fs (loop3): 1 truncate cleaned up [ 192.467443][ T5707] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 192.553560][ T26] audit: type=1800 audit(1719856746.618:147): pid=5707 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.634" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 192.852500][ T3594] apple 0003:05AC:0267.0005: hidraw0: USB HID v0.00 Device [HID 05ac:0267] on usb-dummy_hcd.1-1/input0 [ 192.859410][ T5195] EXT4-fs (loop3): unmounting filesystem. [ 192.982659][ T5724] fuse: Bad value for 'fd' [ 193.520725][ T3594] usb 2-1: USB disconnect, device number 10 [ 194.098503][ T1254] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.104903][ T1254] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.436613][ T5754] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 195.150534][ T5769] input: syz0 as /devices/virtual/input/input15 [ 195.896700][ T5803] input: syz0 as /devices/virtual/input/input16 [ 196.958561][ T5814] loop0: detected capacity change from 0 to 2048 [ 196.995176][ T5816] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 197.124950][ T5814] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 197.163294][ T26] audit: type=1800 audit(1719856751.238:148): pid=5823 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.674" name="bus" dev="sda1" ino=1979 res=0 errno=0 [ 197.236255][ T102] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 197.282965][ T102] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 197.305359][ T5799] loop1: detected capacity change from 0 to 32768 [ 197.312663][ T102] EXT4-fs (loop0): This should not happen!! Data will be lost [ 197.312663][ T102] [ 197.322334][ T102] EXT4-fs (loop0): Total free blocks count 0 [ 197.333685][ T102] EXT4-fs (loop0): Free/Dirty block details [ 197.340363][ T102] EXT4-fs (loop0): free_blocks=2415919104 [ 197.346201][ T102] EXT4-fs (loop0): dirty_blocks=16 [ 197.351341][ T102] EXT4-fs (loop0): Block reservation details [ 197.377071][ T5799] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.666 (5799) [ 197.421251][ T102] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 197.518657][ T5161] EXT4-fs (loop0): unmounting filesystem. [ 198.022746][ T22] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 198.266492][ T5799] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 198.329518][ T5799] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 198.345041][ T5799] BTRFS info (device loop1): max_inline at 0 [ 198.351128][ T5799] BTRFS info (device loop1): using free space tree [ 198.562916][ T22] usb 3-1: New USB device found, idVendor=057c, idProduct=2200, bcdDevice=3d.6c [ 198.588866][ T22] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.610111][ T5857] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 198.663224][ T22] usb 3-1: config 0 descriptor?? [ 198.715219][ T22] bfusb: probe of 3-1:0.0 failed with error -5 [ 198.731694][ T5799] BTRFS info (device loop1): enabling ssd optimizations [ 198.861838][ T5832] loop3: detected capacity change from 0 to 32768 [ 198.876615][ T3550] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 198.912281][ T5832] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.679 (5832) [ 198.975097][ T3600] usb 3-1: USB disconnect, device number 8 [ 199.019624][ T5832] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 199.060619][ T5832] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 199.132999][ T5832] BTRFS info (device loop3): setting nodatacow, compression disabled [ 199.239663][ T5832] BTRFS info (device loop3): enabling auto defrag [ 199.293295][ T5832] BTRFS info (device loop3): max_inline at 0 [ 199.299377][ T5832] BTRFS info (device loop3): using free space tree [ 199.580819][ T5887] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 199.702375][ T5887] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 199.813005][ T26] audit: type=1804 audit(1719856753.878:149): pid=5878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.687" name="/root/syzkaller.nx0P8i/32/cgroup.controllers" dev="sda1" ino=1997 res=1 errno=0 [ 199.881592][ T5899] loop2: detected capacity change from 0 to 1024 [ 199.930139][ T5899] EXT4-fs: Ignoring removed nobh option [ 199.947971][ T5899] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 199.989091][ T5195] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 200.039641][ T5899] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 200.114331][ T5892] netlink: 16 bytes leftover after parsing attributes in process `syz.2.688'. [ 200.167805][ T5883] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 200.273228][ T4675] EXT4-fs (loop2): unmounting filesystem. [ 200.582828][ T5883] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 200.599175][ T5883] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 200.651767][ T5916] loop0: detected capacity change from 0 to 2048 [ 200.672692][ T5905] usb 3-1: new full-speed USB device number 9 using dummy_hcd [ 200.722881][ T5883] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 200.731971][ T5883] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 200.761455][ T5883] usb 5-1: SerialNumber: syz [ 200.797008][ T5588] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 200.902694][ T5879] loop4: detected capacity change from 0 to 32768 [ 200.961674][ T5879] loop4: p1 p3 < p5 p6 > [ 201.083381][ T5905] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 201.085593][ T5883] usb 5-1: 0:2 : does not exist [ 201.119902][ T5905] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 48758, setting to 64 [ 201.120962][ T5883] usb 5-1: unit 5 not found! [ 201.138832][ T5926] loop3: detected capacity change from 0 to 4096 [ 201.170103][ T5905] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 201.237609][ T5883] usb 5-1: USB disconnect, device number 3 [ 201.423338][ T26] audit: type=1800 audit(1719856755.498:150): pid=5926 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.698" name="bus" dev="loop3" ino=33 res=0 errno=0 [ 201.444995][ T5905] usb 3-1: New USB device found, idVendor=19d2, idProduct=1121, bcdDevice=cf.68 [ 201.498059][ T26] audit: type=1800 audit(1719856755.498:151): pid=5930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.698" name="bus" dev="loop3" ino=33 res=0 errno=0 [ 201.500627][ T5905] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.528173][ T5588] udevd[5588]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 201.612828][ T5905] usb 3-1: Product: syz [ 201.620880][ T5905] usb 3-1: Manufacturer: syz [ 201.634900][ T5905] usb 3-1: SerialNumber: syz [ 201.672124][ T5905] usb 3-1: config 0 descriptor?? [ 201.713172][ T5912] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 201.756092][ T5905] option 3-1:0.0: GSM modem (1-port) converter detected [ 201.993248][ T5929] loop0: detected capacity change from 0 to 32768 [ 202.007530][ T5883] usb 3-1: USB disconnect, device number 9 [ 202.047306][ T5883] option 3-1:0.0: device disconnected [ 202.079304][ T5588] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by udevd (5588) [ 202.380565][ T5946] loop4: detected capacity change from 0 to 1024 [ 202.436567][ T5946] EXT4-fs: Ignoring removed nobh option [ 202.463789][ T5946] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 202.496954][ T5946] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 202.546813][ T5942] netlink: 16 bytes leftover after parsing attributes in process `syz.4.702'. [ 202.599129][ T3553] EXT4-fs (loop4): unmounting filesystem. [ 202.652786][ T3623] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 202.912886][ T3623] usb 2-1: Using ep0 maxpacket: 16 [ 202.961981][ T5936] loop3: detected capacity change from 0 to 32768 [ 202.977518][ T5936] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 203.002010][ T5936] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 203.021173][ T5936] BTRFS info (device loop3): use no compression [ 203.051579][ T5936] BTRFS info (device loop3): force zlib compression, level 3 [ 203.081932][ T5936] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8) [ 203.127794][ T5936] BTRFS info (device loop3): use lzo compression, level 0 [ 203.157951][ T5936] BTRFS info (device loop3): turning on flush-on-commit [ 203.184085][ T5936] BTRFS info (device loop3): enabling auto defrag [ 203.192955][ T3623] usb 2-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 203.192986][ T5905] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 203.212307][ T3623] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.219794][ T5936] BTRFS info (device loop3): using free space tree [ 203.241848][ T3623] usb 2-1: Product: syz [ 203.256812][ T3623] usb 2-1: Manufacturer: syz [ 203.261458][ T3623] usb 2-1: SerialNumber: syz [ 203.339244][ T3623] usb 2-1: config 0 descriptor?? [ 203.407419][ T3623] ssu100 2-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 203.457611][ T5936] BTRFS info (device loop3): enabling ssd optimizations [ 203.607837][ T5905] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 203.631682][ T5905] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 203.698722][ T5905] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 203.727120][ T5905] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.753582][ T5964] loop0: detected capacity change from 0 to 32768 [ 203.765369][ T5905] usb 5-1: config 0 descriptor?? [ 203.806651][ T5964] loop0: p1 p3 < p5 p6 > [ 203.851224][ T5195] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 203.926294][ T5904] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 204.072966][ T3623] ssu100: probe of 2-1:0.0 failed with error -71 [ 204.136125][ T3623] usb 2-1: USB disconnect, device number 11 [ 204.254932][ T5905] plantronics 0003:047F:FFFF.0006: ignoring exceeding usage max [ 204.266166][ T5905] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving [ 204.279425][ T5905] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 204.354482][ T5904] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 204.373761][ T5904] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 204.472993][ T5904] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 204.492550][ T5904] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 204.529624][ T5904] usb 1-1: SerialNumber: syz [ 204.671966][ T6009] syz.2.721 uses obsolete (PF_INET,SOCK_PACKET) [ 204.683797][ T5905] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 204.825539][ T5904] usb 1-1: 0:2 : does not exist [ 204.879077][ T5904] usb 1-1: USB disconnect, device number 3 [ 205.089279][ T5905] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 205.125963][ T5588] udevd[5588]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 205.135402][ T3623] usb 5-1: USB disconnect, device number 4 [ 205.292969][ T5905] usb 4-1: New USB device found, idVendor=04b4, idProduct=1002, bcdDevice=81.d9 [ 205.499330][ T5905] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.508352][ T5905] usb 4-1: Product: syz [ 205.513369][ T5905] usb 4-1: Manufacturer: syz [ 205.519702][ T5905] usb 4-1: SerialNumber: syz [ 205.529488][ T5905] usb 4-1: config 0 descriptor?? [ 205.551571][ T6033] loop1: detected capacity change from 0 to 1024 [ 206.009273][ T6033] EXT4-fs error (device loop1): __ext4_get_inode_loc:4495: comm syz.1.732: Invalid inode table block 0 in block_group 0 [ 206.243199][ T6033] EXT4-fs (loop1): Remounting filesystem read-only [ 206.303612][ T6000] usb 4-1: USB disconnect, device number 4 [ 206.323030][ T6033] EXT4-fs (loop1): get root inode failed [ 206.328768][ T6033] EXT4-fs (loop1): mount failed [ 206.481418][ T6033] loop1: detected capacity change from 0 to 1024 [ 206.783416][ T6049] loop2: detected capacity change from 0 to 1024 [ 206.910225][ T6053] loop4: detected capacity change from 0 to 8 [ 206.931217][ T6053] Major/Minor mismatch, trying to mount newer 4.1792 filesystem [ 206.942468][ T6053] Please update your kernel [ 207.258882][ T6064] loop4: detected capacity change from 0 to 1024 [ 207.420373][ T6064] EXT4-fs error (device loop4): __ext4_get_inode_loc:4495: comm syz.4.746: Invalid inode table block 0 in block_group 0 [ 207.563189][ T6064] EXT4-fs (loop4): Remounting filesystem read-only [ 207.612119][ T6064] EXT4-fs (loop4): get root inode failed [ 207.689066][ T6064] EXT4-fs (loop4): mount failed [ 207.695320][ T6001] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 208.255546][ T6064] loop4: detected capacity change from 0 to 1024 [ 208.353088][ T6001] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 208.391309][ T6001] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 208.419644][ T6001] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 208.437587][ T6001] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.473306][ T6001] usb 3-1: config 0 descriptor?? [ 208.506407][ T6083] netlink: 'syz.0.753': attribute type 21 has an invalid length. [ 208.568160][ T6081] loop3: detected capacity change from 0 to 4096 [ 209.009337][ T6093] loop1: detected capacity change from 0 to 16 [ 209.120990][ T6001] plantronics 0003:047F:FFFF.0007: ignoring exceeding usage max [ 209.618720][ T6001] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving [ 209.655204][ T6001] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 209.972803][ T6000] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 209.988274][ T6001] usb 3-1: USB disconnect, device number 10 [ 210.553270][ T6000] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 210.823777][ T6000] usb 4-1: New USB device found, idVendor=04b4, idProduct=1002, bcdDevice=81.d9 [ 211.072187][ T6000] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 211.133828][ T6000] usb 4-1: Product: syz [ 211.138052][ T6000] usb 4-1: Manufacturer: syz [ 211.140280][ T6117] loop2: detected capacity change from 0 to 1024 [ 211.163924][ T6000] usb 4-1: SerialNumber: syz [ 211.177034][ T6000] usb 4-1: config 0 descriptor?? [ 211.295073][ T5588] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 211.338997][ T6117] loop2: detected capacity change from 0 to 1024 [ 211.426314][ T6124] loop0: detected capacity change from 0 to 4096 [ 211.440503][ T6001] usb 4-1: USB disconnect, device number 5 [ 211.744507][ T6133] loop1: detected capacity change from 0 to 256 [ 213.287449][ T6136] sched: RT throttling activated [ 213.325989][ T6141] loop4: detected capacity change from 0 to 1024 [ 213.767589][ T6142] loop0: detected capacity change from 0 to 16 [ 213.806157][ T6142] erofs: (device loop0): mounted with root inode @ nid 36. [ 214.666376][ T6152] ip6gretap0 speed is unknown, defaulting to 1000 [ 214.798682][ T6159] loop3: detected capacity change from 0 to 4096 [ 215.011685][ T26] audit: type=1800 audit(1719856769.078:152): pid=6159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.777" name="bus" dev="loop3" ino=33 res=0 errno=0 [ 215.092994][ T26] audit: type=1800 audit(1719856769.078:153): pid=6159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.777" name="bus" dev="loop3" ino=33 res=0 errno=0 [ 215.159259][ T6168] loop0: detected capacity change from 0 to 4096 [ 215.226751][ T6173] loop4: detected capacity change from 0 to 1024 [ 215.277766][ T6173] EXT4-fs error (device loop4): __ext4_get_inode_loc:4495: comm syz.4.783: Invalid inode table block 0 in block_group 0 [ 215.299244][ T6173] EXT4-fs (loop4): Remounting filesystem read-only [ 215.342905][ T6173] EXT4-fs (loop4): get root inode failed [ 215.382074][ T6173] EXT4-fs (loop4): mount failed [ 215.482932][ T152] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 215.561991][ T6173] loop4: detected capacity change from 0 to 1024 [ 215.575550][ T6180] loop3: detected capacity change from 0 to 256 [ 216.669087][ T152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 216.932811][ T152] usb 3-1: New USB device found, idVendor=04b4, idProduct=1002, bcdDevice=81.d9 [ 216.942212][ T152] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.985114][ T152] usb 3-1: Product: syz [ 216.989470][ T152] usb 3-1: Manufacturer: syz [ 217.018036][ T152] usb 3-1: SerialNumber: syz [ 217.043911][ T152] usb 3-1: config 0 descriptor?? [ 217.363094][ T3623] usb 3-1: USB disconnect, device number 11 [ 217.458116][ T6214] loop1: detected capacity change from 0 to 1024 [ 217.526360][ T6219] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 217.556244][ T6214] EXT4-fs error (device loop1): __ext4_get_inode_loc:4495: comm syz.1.799: Invalid inode table block 0 in block_group 0 [ 217.831523][ T6227] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 218.703220][ T6225] loop3: detected capacity change from 0 to 131072 [ 218.805588][ T6214] EXT4-fs (loop1): Remounting filesystem read-only [ 218.812211][ T6214] EXT4-fs (loop1): get root inode failed [ 219.246969][ T6214] EXT4-fs (loop1): mount failed [ 219.261991][ T6225] F2FS-fs (loop3): invalid crc value [ 219.286807][ T26] audit: type=1804 audit(1719856773.358:154): pid=6219 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.801" name="/root/syzkaller.nx0P8i/56/cgroup.controllers" dev="sda1" ino=1998 res=1 errno=0 [ 219.323650][ T6225] F2FS-fs (loop3): Found nat_bits in checkpoint [ 219.396050][ T6225] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 219.529616][ T6214] loop1: detected capacity change from 0 to 1024 [ 221.198023][ T6266] loop2: detected capacity change from 0 to 256 [ 221.622997][ T26] audit: type=1326 audit(1719856775.678:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6264 comm="syz.2.816" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8407b75b99 code=0x0 [ 222.749191][ T6303] loop2: detected capacity change from 0 to 16 [ 222.811770][ T6303] erofs: (device loop2): mounted with root inode @ nid 36. [ 223.562337][ T6306] loop0: detected capacity change from 0 to 1764 [ 223.943107][ T6315] loop1: detected capacity change from 0 to 256 [ 224.034732][ T6321] x_tables: ip_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT [ 224.070721][ T6321] iso9660: Corrupted directory entry in block 0 of inode 1792 [ 224.662954][ T26] audit: type=1326 audit(1719856778.728:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6314 comm="syz.1.832" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd178175b99 code=0x0 [ 224.981799][ T6332] ip6gretap0 speed is unknown, defaulting to 1000 [ 225.442877][ T6348] loop4: detected capacity change from 0 to 16 [ 225.542100][ T6348] erofs: (device loop4): mounted with root inode @ nid 36. [ 226.266201][ T6358] capability: warning: `syz.3.846' uses 32-bit capabilities (legacy support in use) [ 226.681787][ T6373] loop2: detected capacity change from 0 to 2048 [ 226.958986][ T6373] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 227.852207][ T4675] EXT4-fs (loop2): unmounting filesystem. [ 228.025689][ T6394] netlink: 'syz.0.858': attribute type 4 has an invalid length. [ 228.067234][ T6401] loop2: detected capacity change from 0 to 256 [ 228.157275][ T6401] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 228.264388][ T6401] exFAT-fs (loop2): hint_cluster is invalid (65537) [ 228.304613][ T6401] exFAT-fs (loop2): error, failed to bmap (inode : ffff8880592514e0 iblock : 8, err : -5) [ 228.364334][ T6401] exFAT-fs (loop2): Filesystem has been set read-only [ 228.392446][ T6401] exFAT-fs (loop2): error, invalid access to FAT (entry 0x00010000) [ 228.421431][ T6401] exFAT-fs (loop2): error, invalid access to FAT (entry 0x00010000) [ 228.506642][ T6416] loop4: detected capacity change from 0 to 64 [ 228.700003][ T6420] loop3: detected capacity change from 0 to 256 [ 228.955214][ T5587] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 229.242864][ T6000] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 229.840438][ T26] audit: type=1326 audit(1719856783.898:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6419 comm="syz.3.870" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2b79175b99 code=0x0 [ 229.865248][ T6000] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 229.905453][ T6000] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.968957][ T6000] usb 1-1: config 0 descriptor?? [ 230.504342][ T6449] loop1: detected capacity change from 0 to 256 [ 230.560816][ T6449] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 230.663626][ T6447] netlink: 'syz.4.880': attribute type 4 has an invalid length. [ 230.718411][ T6000] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 230.742739][ T6000] [drm] Initialized udl on minor 2 [ 231.147501][ T6449] exFAT-fs (loop1): hint_cluster is invalid (65537) [ 231.163023][ T6000] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 231.179390][ T6000] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 231.185273][ T6449] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805dfb0160 iblock : 8, err : -5) [ 231.215589][ T6000] usb 1-1: USB disconnect, device number 4 [ 231.249612][ T6449] exFAT-fs (loop1): Filesystem has been set read-only [ 231.303233][ T6449] exFAT-fs (loop1): error, invalid access to FAT (entry 0x00010000) [ 231.311292][ T6449] exFAT-fs (loop1): error, invalid access to FAT (entry 0x00010000) [ 231.633763][ T6461] loop2: detected capacity change from 0 to 1024 [ 231.775854][ T6461] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 232.553869][ T6461] EXT4-fs: Ignoring removed mblk_io_submit option [ 232.580217][ T6461] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 232.650066][ T6461] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 232.711128][ T6461] EXT4-fs (loop2): changing journal_checksum during remount not supported; ignoring [ 232.742162][ T6461] EXT4-fs (loop2): can't enable nombcache during remount [ 232.757372][ T6474] loop0: detected capacity change from 0 to 256 [ 232.829193][ T5588] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 232.879208][ T26] audit: type=1326 audit(1719856786.948:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.0.888" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2141175b99 code=0x0 [ 232.890870][ T4675] EXT4-fs (loop2): unmounting filesystem. [ 233.062679][ T5883] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 233.312788][ T3600] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 233.432966][ T5883] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 233.445631][ T5883] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 233.458589][ T5883] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 233.544286][ T5883] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 233.563676][ T3600] usb 5-1: Using ep0 maxpacket: 8 [ 233.723072][ T3600] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 233.738774][ T5883] usb 4-1: config 0 descriptor?? [ 233.800253][ T3600] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0 [ 234.061988][ T3600] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 234.125415][ T5905] [ 234.127814][ T5905] ====================================================== [ 234.134840][ T5905] WARNING: possible circular locking dependency detected [ 234.141949][ T5905] 6.1.96-syzkaller #0 Not tainted [ 234.146977][ T5905] ------------------------------------------------------ [ 234.154083][ T5905] kworker/1:10/5905 is trying to acquire lock: [ 234.160271][ T5905] ffff888026793130 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: rfcomm_sk_state_change+0x57/0x300 [ 234.171768][ T5905] [ 234.171768][ T5905] but task is already holding lock: [ 234.179131][ T5905] ffff88802476c128 (&d->lock){+.+.}-{3:3}, at: __rfcomm_dlc_close+0x259/0x6d0 [ 234.188025][ T5905] [ 234.188025][ T5905] which lock already depends on the new lock. [ 234.188025][ T5905] [ 234.198419][ T5905] [ 234.198419][ T5905] the existing dependency chain (in reverse order) is: [ 234.207429][ T5905] [ 234.207429][ T5905] -> #3 (&d->lock){+.+.}-{3:3}: [ 234.214467][ T5905] lock_acquire+0x1f8/0x5a0 [ 234.219498][ T5905] __mutex_lock+0x132/0xd80 [ 234.224521][ T5905] __rfcomm_dlc_close+0x259/0x6d0 [ 234.230067][ T5905] rfcomm_dlc_close+0xed/0x180 [ 234.235356][ T5905] __rfcomm_sock_close+0x104/0x220 [ 234.240994][ T5905] rfcomm_sock_shutdown+0xb4/0x230 [ 234.246631][ T5905] rfcomm_sock_release+0x55/0x110 [ 234.252184][ T5905] sock_close+0xcd/0x230 [ 234.256952][ T5905] __fput+0x3b7/0x890 [ 234.261455][ T5905] delayed_fput+0x55/0x80 [ 234.266308][ T5905] process_one_work+0x8a9/0x11d0 [ 234.271769][ T5905] worker_thread+0xa47/0x1200 [ 234.276988][ T5905] kthread+0x28d/0x320 [ 234.281584][ T5905] ret_from_fork+0x1f/0x30 [ 234.286532][ T5905] [ 234.286532][ T5905] -> #2 (rfcomm_mutex){+.+.}-{3:3}: [ 234.294012][ T5905] lock_acquire+0x1f8/0x5a0 [ 234.299050][ T5905] __mutex_lock+0x132/0xd80 [ 234.304076][ T5905] rfcomm_dlc_exists+0xa2/0x370 [ 234.309452][ T5905] rfcomm_dev_ioctl+0xb2d/0x2180 [ 234.314921][ T5905] rfcomm_sock_ioctl+0x82/0xc0 [ 234.320211][ T5905] sock_do_ioctl+0x152/0x450 [ 234.325336][ T5905] sock_ioctl+0x47f/0x770 [ 234.330197][ T5905] __se_sys_ioctl+0xf1/0x160 [ 234.335403][ T5905] do_syscall_64+0x3b/0xb0 [ 234.340349][ T5905] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 234.346792][ T5905] [ 234.346792][ T5905] -> #1 (rfcomm_ioctl_mutex){+.+.}-{3:3}: [ 234.354722][ T5905] lock_acquire+0x1f8/0x5a0 [ 234.359763][ T5905] __mutex_lock+0x132/0xd80 [ 234.365154][ T5905] rfcomm_dev_ioctl+0x233/0x2180 [ 234.370713][ T5905] rfcomm_sock_ioctl+0x82/0xc0 [ 234.376020][ T5905] sock_do_ioctl+0x152/0x450 [ 234.381130][ T5905] sock_ioctl+0x47f/0x770 [ 234.386069][ T5905] __se_sys_ioctl+0xf1/0x160 [ 234.391189][ T5905] do_syscall_64+0x3b/0xb0 [ 234.396333][ T5905] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 234.402775][ T5905] [ 234.402775][ T5905] -> #0 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}: [ 234.412160][ T5905] validate_chain+0x1661/0x5950 [ 234.417542][ T5905] __lock_acquire+0x125b/0x1f80 [ 234.422921][ T5905] lock_acquire+0x1f8/0x5a0 [ 234.427946][ T5905] lock_sock_nested+0x44/0x100 [ 234.433235][ T5905] rfcomm_sk_state_change+0x57/0x300 [ 234.439070][ T5905] __rfcomm_dlc_close+0x2b2/0x6d0 [ 234.444619][ T5905] rfcomm_dlc_close+0xed/0x180 [ 234.449994][ T5905] __rfcomm_sock_close+0x104/0x220 [ 234.455628][ T5905] rfcomm_sock_shutdown+0xb4/0x230 [ 234.461272][ T5905] rfcomm_sock_release+0x55/0x110 [ 234.466817][ T5905] sock_close+0xcd/0x230 [ 234.471576][ T5905] __fput+0x3b7/0x890 [ 234.476100][ T5905] delayed_fput+0x55/0x80 [ 234.480958][ T5905] process_one_work+0x8a9/0x11d0 [ 234.486417][ T5905] worker_thread+0xa47/0x1200 [ 234.491614][ T5905] kthread+0x28d/0x320 [ 234.496197][ T5905] ret_from_fork+0x1f/0x30 [ 234.501134][ T5905] [ 234.501134][ T5905] other info that might help us debug this: [ 234.501134][ T5905] [ 234.511355][ T5905] Chain exists of: [ 234.511355][ T5905] sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM --> rfcomm_mutex --> &d->lock [ 234.511355][ T5905] [ 234.525262][ T5905] Possible unsafe locking scenario: [ 234.525262][ T5905] [ 234.532706][ T5905] CPU0 CPU1 [ 234.538061][ T5905] ---- ---- [ 234.543416][ T5905] lock(&d->lock); [ 234.547228][ T5905] lock(rfcomm_mutex); [ 234.553919][ T5905] lock(&d->lock); [ 234.560243][ T5905] lock(sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM); [ 234.566397][ T5905] [ 234.566397][ T5905] *** DEADLOCK *** [ 234.566397][ T5905] [ 234.574533][ T5905] 5 locks held by kworker/1:10/5905: [ 234.579809][ T5905] #0: ffff888012470938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 234.590170][ T5905] #1: ffffc9000fb8fd20 ((delayed_fput_work).work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 234.600793][ T5905] #2: ffff8880730bb810 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x98/0x230 [ 234.610983][ T5905] #3: ffffffff8e4154a8 (rfcomm_mutex){+.+.}-{3:3}, at: rfcomm_dlc_close+0x37/0x180 [ 234.620390][ T5905] #4: ffff88802476c128 (&d->lock){+.+.}-{3:3}, at: __rfcomm_dlc_close+0x259/0x6d0 [ 234.629705][ T5905] [ 234.629705][ T5905] stack backtrace: [ 234.635586][ T5905] CPU: 1 PID: 5905 Comm: kworker/1:10 Not tainted 6.1.96-syzkaller #0 [ 234.643730][ T5905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 234.653785][ T5905] Workqueue: events delayed_fput [ 234.658732][ T5905] Call Trace: [ 234.662009][ T5905] [ 234.664942][ T5905] dump_stack_lvl+0x1e3/0x2cb [ 234.669628][ T5905] ? nf_tcp_handle_invalid+0x642/0x642 [ 234.675109][ T5905] ? print_circular_bug+0x12b/0x1a0 [ 234.680314][ T5905] check_noncircular+0x2fa/0x3b0 [ 234.685252][ T5905] ? add_chain_block+0x850/0x850 [ 234.690220][ T5905] ? lockdep_lock+0x11f/0x2a0 [ 234.694907][ T5905] ? _find_first_zero_bit+0xd0/0x100 [ 234.700203][ T5905] validate_chain+0x1661/0x5950 [ 234.705063][ T5905] ? reacquire_held_locks+0x660/0x660 [ 234.710450][ T5905] ? register_lock_class+0x100/0x990 [ 234.715742][ T5905] ? reacquire_held_locks+0x660/0x660 [ 234.721119][ T5905] ? is_dynamic_key+0x260/0x260 [ 234.725985][ T5905] ? mark_lock+0x9a/0x340 [ 234.730333][ T5905] ? __lock_acquire+0x125b/0x1f80 [ 234.735375][ T5905] ? mark_lock+0x9a/0x340 [ 234.739710][ T5905] __lock_acquire+0x125b/0x1f80 [ 234.744573][ T5905] lock_acquire+0x1f8/0x5a0 [ 234.749082][ T5905] ? rfcomm_sk_state_change+0x57/0x300 [ 234.754560][ T5905] ? rcu_is_watching+0x11/0xb0 [ 234.759325][ T5905] ? read_lock_is_recursive+0x10/0x10 [ 234.764725][ T5905] ? __mutex_lock+0x2f7/0xd80 [ 234.769410][ T5905] ? rcu_is_watching+0x11/0xb0 [ 234.774169][ T5905] ? detach_timer+0x17d/0x380 [ 234.778846][ T5905] ? __rfcomm_dlc_close+0x259/0x6d0 [ 234.784049][ T5905] ? mutex_lock_nested+0x10/0x10 [ 234.788984][ T5905] lock_sock_nested+0x44/0x100 [ 234.793782][ T5905] ? rfcomm_sk_state_change+0x57/0x300 [ 234.799248][ T5905] rfcomm_sk_state_change+0x57/0x300 [ 234.804543][ T5905] __rfcomm_dlc_close+0x2b2/0x6d0 [ 234.809574][ T5905] rfcomm_dlc_close+0xed/0x180 [ 234.814341][ T5905] __rfcomm_sock_close+0x104/0x220 [ 234.819459][ T5905] rfcomm_sock_shutdown+0xb4/0x230 [ 234.824576][ T5905] rfcomm_sock_release+0x55/0x110 [ 234.829604][ T5905] sock_close+0xcd/0x230 [ 234.833848][ T5905] ? sock_mmap+0x90/0x90 [ 234.838093][ T5905] __fput+0x3b7/0x890 [ 234.842086][ T5905] delayed_fput+0x55/0x80 [ 234.846424][ T5905] ? process_one_work+0x7a9/0x11d0 [ 234.851539][ T5905] process_one_work+0x8a9/0x11d0 [ 234.856510][ T5905] ? worker_detach_from_pool+0x260/0x260 [ 234.862157][ T5905] ? _raw_spin_lock_irqsave+0x120/0x120 [ 234.867706][ T5905] ? kthread_data+0x4e/0xc0 [ 234.872221][ T5905] ? wq_worker_running+0x97/0x190 [ 234.877342][ T5905] worker_thread+0xa47/0x1200 [ 234.882031][ T5905] kthread+0x28d/0x320 [ 234.886095][ T5905] ? worker_clr_flags+0x190/0x190 [ 234.891129][ T5905] ? kthread_blkcg+0xd0/0xd0 [ 234.895717][ T5905] ret_from_fork+0x1f/0x30 [ 234.900145][ T5905] [ 234.907580][ T5883] keytouch 0003:0926:3333.0008: fixing up Keytouch IEC report descriptor [ 234.920536][ T5883] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0008/input/input17 [ 235.009163][ T5883] keytouch 0003:0926:3333.0008: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0 [ 235.036650][ T3600] usb 5-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d [ 235.065396][ T3600] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.073801][ T3600] usb 5-1: Product: syz [ 235.077980][ T3600] usb 5-1: Manufacturer: syz [ 235.082625][ T3600] usb 5-1: SerialNumber: syz [ 235.125827][ T3600] ti_usb_3410_5052 5-1:1.0: TI USB 3410 1 port adapter converter detected [ 235.177349][ T5905] usb 4-1: USB disconnect, device number 6 [ 235.292673][ T3563] Bluetooth: hci3: command tx timeout [ 235.327705][ T3598] usb 5-1: USB disconnect, device number 5 [ 235.422772][ T6000] usb 3-1: new low-speed USB device number 12 using dummy_hcd [ 235.804016][ T6000] usb 3-1: config index 0 descriptor too short (expected 1307, got 27) [ 235.812326][ T6000] usb 3-1: config 0 has an invalid interface number: 0 but max is -1 [ 235.820893][ T6000] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 235.830002][ T6000] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 235.840474][ T6000] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 236.262753][ T6000] usb 3-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de [ 236.271932][ T6000] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 236.279970][ T6000] usb 3-1: Product: Д [ 236.284163][ T6000] usb 3-1: Manufacturer: ц [ 236.290292][ T6000] usb 3-1: config 0 descriptor?? [ 236.343637][ T6000] hub 3-1:0.0: bad descriptor, ignoring hub [ 236.349690][ T6000] hub: probe of 3-1:0.0 failed with error -5 [ 236.358252][ T6000] input: ц Д as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input18 [ 237.089175][ T152] usb 3-1: USB disconnect, device number 12