last executing test programs: 31m15.40226375s ago: executing program 0 (id=244): syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000140)='./file1\x00', 0x1000c01, &(0x7f0000000040)=ANY=[], 0x5, 0x811, &(0x7f0000002380)="$eJzs3U1sHHcVAPA3rp04jkirgkoUpekkKVIiUndtty5WD2W7HjvT2rvW7holqlAbNU6J4vRTVWmEaHNpASEhThxLOVa99AZCAokDcEKiBy4ckCr1hAoCCYEAyWhnd+O1Y6/z5Vi0v5/Vndn/vJl5/9npvJ3NzmwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJFUpkulsSTm8uriqXRzlel6bb7P9O7yfrlm0Ge9EUnrvxgejv3tpv1fWJ18T+vhSBxsPzsYw63BcFzae89dj35+cKA7f5+EbtThzScN9T5JIt5sJXXhzPLy0svbkMht9L2fd0aGexp3RfTZvv9aaT3OZtW8Ucvny7NZmjdq6dTkZOnBkzONdCafyxqnG81sPq3Us3KzVk+PVY6nY1NTE2k2erq2WJ2dLs9l3cZHHhgvlSbTJ0YXsnK9Uas++MRoo3Iyn5vLq7NFzHjptWjFPNLaEZ/Mm2kzK8+n6bnzy0sTW/WuFTS2pmX3mo4dvP+uj1/96O/nl1o75GYLSTo75vjY2Pj42OTDUw8/UioNjpfG1zaU1okrETEQ0YrYlp2WnbV3g7bBzh5z1YSIlTtvzcEbbtJAp/7HXORRjcU4FWmkMVA8rv4NRSWmox61mG89/8PQuulpdA6Q3fr/pQf/8rt+6+2t/90qv3918oEo6v+h9rNDm9X/q7K4/r+xO681svp+O5vetlfi9bgUF+JMLMdyLMXLN5LDrvVL3ca/gVu7vNnIohp5NKIWecxHuWhJOy1pTMVkTEYpno6TMRN7Io2ZyGMusmjE6WhEM7Jij6pEPbIoRzNqUY80jkUljrdenZiKqZiINLIYjdNRi8WoxmxMR7lYyrk4X2z3iXV53fPtZ3723O8/fqc1fiVorE9HktabuVbQ3/oEXVXur6P+dyPU/0+b4c4x61rjb+nxG27GSlH/B699hv/8ZDvTAQAAALZBUnz6nkTEUNxbjM3kc9lTO50WAAAAcAsVX9s72BoMtcbujaR1/l/aIPLD254bAAAAcGskxTV2SUSMxH3tse7lUht9CAAAAAD8Hyr+/f9QazAS8UbR4PwfAAAAPmW+s9k99j/a1bnHbmNhd/KLv0a9PpRcXrkyX/niHe2RzuBrV6Y0Zw4k+zoLKQaTg5f2JhExWMkOJt27X/53d3v4SfF4YPUGhJvd6z8pElg4dX9ysbxRAtE/geJZfD8Ot2MOn20Pz3antNcyMpPPZaOV2tyjY0nnw5Hmq8+f/2YU3f9udX5fEufOLy+NPvvC8tkil8utpVy+2Ln7cdKdK6J9QUWfXFY6WyDu3bjHQ8WFGJ31jrTXW+rt/0B79oH+/U961/lWHGnHHBlpD0fW9n+4tc6x0UfHolzeN9DMTjVfXenpfSeLsXbP31zT8+t4Fd6Ko+2Yo8eOtgcbZDG+Jovnr85ivHf7X9u2uOYs3jn8xql//LqWZBNbZTFxk1kA7JRzxV1/VqvQnqIK/XulrVXQ1tXdPd05r+cod271XUZ3/p5aNxhXVff0Rqr7W3GsHXOs/X5i8MAGdaW0wRH9xfMv/qZzRH/ovR/9+OuHfvvBurp+HVm8F8fbMZ1B3P2rTWpsfeXO5BtPra2q77bmeHfT9TbmxpO4o7URix8fiksPnL945rml55aeHx+fmCw9VCo9PB5DxVuFzmCTTFUegM+2Pr+x0yq9yQffuhK62a/wJA9tcVZ995WvFIzGs/FCLMfZOFFcbRAR92281JGeryGc2OKsdaTnF15ObHFuuRo7vj5299Ek9kbEBrETPVvsiz8sBv/cphcEAG6DI1vU4aT7DuG1z3XmWBdxR5Kc2OK8e20tP94+d+2eHcfmtXwjX9nm7QEAnwVZ/ZNkpPl2Uq/nC0+PTU2NlZsns7ReqzyZ1vPp2SzNq82sXjlZrs5m6UK91qxVuh8dT2eNtLG4sFCrN9OZWj1dqDXyU8Uvv6edn35vZPPlajOvNBbmsnIjSyu1arNcaabTeaOSLiw+Ppc3Tmb1YubGQlbJZ/JKuZnXqmmjtlivZKNp2siynsB8Oqs285k8G0rzarpQz+fL9csRMbc4n6XTWaNSzxeatfYCu+vKqzO1+nyx2NEi7Zd6u//nndjmALDTXnn90oUzy8tLL9/YyB+vJXin+wgArLVBld6zowkBAAAAAAAAAAAAAABXufpyvVbrmpbh6H+R31Dc8OWDr+yOm7n68NM38uX32y/LzS/wvpduZjl7YnnXasuuzs6y89vnukeeeeyxC6styWDv5n38jf0n/5RFt3d9lrPx/ykbXer69r6IXT/9Qbvlq5sEJ4O3uKcfRsQNzL6S9Im5/cciAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjK/wIAAP//BPFR5w==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000016001000071b48013d030100000000000f02000000000000bc26100000000000bf67200000000000160200000fff07006702000007000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00'}, 0x48) socket$nl_route(0x10, 0x3, 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[]) mount(0x0, &(0x7f0000000380)='./file1\x00', 0x0, 0x0, 0x0) chdir(0x0) 31m13.753177226s ago: executing program 0 (id=245): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) r3 = memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0) write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000180)=ANY=[], 0xe) sendfile(r3, r3, &(0x7f0000001000), 0xffff) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19) 31m11.617955011s ago: executing program 0 (id=249): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0x84, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r1, {0x0, 0x3}, {0xffff, 0xffff}, {0x4}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0x5, 0x5, 0x800, 0x0, 0x1aa2, 0xc}}, {0x4}}]}, @qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x1d, 0x5, 0x2, 0x0, 0x3, 0x4, 0x1}}, {0x6, 0x2, [0x6b]}}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1d4}, 0x8840) socket$packet(0x11, 0x3, 0x300) syz_usb_connect(0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r2 = socket(0x2000000000000021, 0x2, 0x10000000000002) sendmmsg(r2, &(0x7f0000000000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000"], 0x18, 0xe000}, 0x5}], 0x1, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0xfff, 0x0) 31m8.73173855s ago: executing program 0 (id=257): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x14, 0x0, 0x400, 0x70bd29, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x200400d9}, 0x4000185) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = add_key$user(&(0x7f0000000200), &(0x7f0000000440), &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd) r4 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f00000002c0)='4', 0xba, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000080)={r4, r3, r4}, 0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={'blake2b-384-generic\x00'}}) 31m6.829508452s ago: executing program 0 (id=258): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) mq_open(0x0, 0x0, 0x0, &(0x7f0000000180)={0x8001}) r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000040)={r4, r4, r4}, &(0x7f0000001cc0)=""/194, 0xc2, 0x0) 31m5.412983805s ago: executing program 0 (id=261): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000070601080000001e000000000a0000040500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80) 30m49.871880095s ago: executing program 32 (id=261): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000070601080000001e000000000a0000040500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80) 15.985929601s ago: executing program 4 (id=2805): setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x17, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) mkdir(&(0x7f0000000540)='./file0\x00', 0x108) bpf$PROG_LOAD(0x5, 0x0, 0x0) mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) socket$nl_route(0x10, 0x3, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xe) syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) 14.365900777s ago: executing program 2 (id=2806): socket$unix(0x1, 0x1, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) bind$xdp(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'macvlan1\x00'}) socket$inet6_sctp(0xa, 0x5, 0x84) r3 = openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x0, 0x2, 0xffffffff, 0x3, 0x22}, 0x7}) r4 = fsopen(&(0x7f0000000040)='sysfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) fsopen(&(0x7f0000000340)='ufs\x00', 0x0) close(r4) bind$unix(0xffffffffffffffff, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) writev(r0, &(0x7f0000000280)=[{&(0x7f0000000080)="580000001400add4050000000000000001117fffffff81004e230e227f000001925aa80020007b00090080007f000001e809000000ffff0100f5c71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1) 12.680620887s ago: executing program 1 (id=2808): mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000002, 0x12, 0xffffffffffffffff, 0x3000) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_procfs(0x0, 0x0) fsopen(0x0, 0x1) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) r1 = fcntl$dupfd(r0, 0x406, r0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmsg$TIPC_NL_NODE_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000b80)=ANY=[], 0x134}, 0x1, 0x0, 0x0, 0x24040841}, 0x40008) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x4, 0x70bd26, 0x25dfdbfe, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x4004}, 0xc045) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='bbr', 0x37) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) write$binfmt_elf64(r1, &(0x7f0000000f80)=ANY=[], 0x540) syz_genetlink_get_family_id$tipc2(0x0, r1) sendmsg$TIPC_NL_KEY_FLUSH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000780)=ANY=[], 0x280}, 0x1, 0x0, 0x0, 0x10}, 0x60000800) 12.511906077s ago: executing program 2 (id=2809): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0}) socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32=r5, @ANYBLOB="0000000a010000001800120008000100736974000c0002000800030036"], 0x38}}, 0x0) r6 = socket(0x10, 0x803, 0x0) r7 = socket(0x1, 0x803, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000500)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295b5, 0x0, 0x20000, {0xa, 0x40, 0x0, 0x0, r8}, [@IFA_LOCAL={0x14, 0x2, @ipv4}]}, 0x2c}}, 0x0) r9 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r8}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x41}, 0x0) 12.510997637s ago: executing program 1 (id=2810): r0 = ioctl$USERFAULTFD_IOC_NEW(0xffffffffffffffff, 0xaa00) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x120}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socket$key(0xf, 0x3, 0x2) iopl(0x3) utimensat(0xffffffffffffffff, 0x0, 0x0, 0x100) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) ioperm(0x3, 0x3, 0x100000a) prctl$PR_SET_IO_FLUSHER(0x39, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) io_setup(0x81, &(0x7f0000001440)) syz_io_uring_setup(0x372a, &(0x7f0000000200)={0x0, 0x3936, 0x4000, 0x0, 0x113}, &(0x7f0000000100), &(0x7f00000000c0)) 12.30091636s ago: executing program 2 (id=2811): symlink(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6) r3 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r4 = add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, r3) r5 = socket(0xa, 0x1, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) bind$inet6(r5, &(0x7f0000000140)={0xa, 0xe64, 0xb, @ipv4={'\x00', '\xff\xff', @empty}, 0x1}, 0x1c) sendmmsg$inet6(r5, 0x0, 0x0, 0x20008000) keyctl$KEYCTL_MOVE(0x1e, r3, r3, r4, 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0) ioctl$USBDEVFS_CLAIM_PORT(0xffffffffffffffff, 0x80045518, 0x0) 12.249539033s ago: executing program 4 (id=2812): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$KVM_CAP_HYPERV_SEND_IPI(0xffffffffffffffff, 0x4068aea3, &(0x7f00000003c0)) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28) sendmsg$inet(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000240)="6e37cff5b582e082d58cb23de3c19dc4971d9b59ddb52ae25a3ca48e8d5284721b4b722d1fd011fc3144", 0x2a}], 0x1}, 0x0) setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28) read(r3, &(0x7f0000000380)=""/41, 0x29) 11.129784249s ago: executing program 3 (id=2813): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x1010, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0xfffffd10, &(0x7f0000000200)=0x2000000000006) ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, 0x0, &(0x7f0000000300)) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000dc0)={0x0, &(0x7f0000000200)}) ioctl$DRM_IOCTL_MODE_ATOMIC(0xffffffffffffffff, 0xc03864bc, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000004c00)=""/102392, 0x18ff8) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000001640)=@mangle={'mangle\x00', 0x44, 0x6, 0x408, 0x2a8, 0x98, 0x2a8, 0x130, 0x1f0, 0x370, 0x370, 0x370, 0x370, 0x370, 0x6, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x11, 0x0, 0x69}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@ttl={{0x28}, {0x2, 0xa}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@loopback, @empty, 0x0, 0x0, 'syzkaller0\x00', 'dvmrp1\x00', {}, {}, 0x6}, 0x0, 0x70, 0xb8}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x1, 0x3, {0x5}}}}, {{@ip={@broadcast, @dev={0xac, 0x14, 0x14, 0x18}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x98, 0xc8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xc}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x468) r3 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f00000001c0)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, 0x0, 0x310) r4 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0x5c, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0x3}, {0xffff, 0xffff}, {0x4, 0xffe0}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xd, 0x5, 0x8, 0x800, 0x0, 0x1aa2, 0xc}}, {0x4}}]}, @qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1d4}, 0x8840) 11.024055285s ago: executing program 1 (id=2814): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}) writev(r0, &(0x7f0000000500)=[{&(0x7f0000000080)="2e9b5b0007e03dd65193dfb6c575963f86dd6067", 0x14}, {&(0x7f0000000200)="b700000000000000000000d1dd0fccd5de059daf", 0x14}, {&(0x7f0000000540)="37c28dc41ed443abea1e522800b6e02a2724fd355159d140ba8cc80e74f2d600eb117a5a6c08dd62e40e29b00eb7c7ac0c07940d04d4ca38b285433eb6fda99ec50f0decf9955266f63f794d1fd44ee189073167c81a6824ade4f92efc58fcd4e89f7361ac139d64187008a66e906d0be0df92b0112febc2265ff7231f5f08acc71d2081f42987c5b3430fac43cc63de57900a385e7cbd47b94dfc7f31e3498de52465765b7d674eb657b141dbc38697809229ae26d127a2fdd9e9ee888aa776ff60977646134f00e66b644d369bae8518e8e2de4e39d24deedd704ed6d4fb3039b1136c13f2f4a33657103aa8d5b29674102e200efc4fc5dc005bfd6f285e7be7ab8fccff7ef7fabcc4f9b97069b938b1782e67d834ec63d9ccd1b988fa39d90941e3ccf0bb4dfcffe9b5ea2225111ea4fe8260235acf0e593a1dff0c769d79a1e2789e0fff4e6c5f7c76a51767fa68a0f1ea19b49c0b8fd13225c352a2f87080dcfc14c73a6b23a9892b640ff37af91110cd395aa52f9371fc8dd7f888733c029e52feb538e9189d6434180ba8", 0x18e}, {&(0x7f00000029c0)="3de496b26cb156fc17de651bc2059979575c10b710b18f6a6eb3e0edacecac6e537e292fa84729d0f9307c991d2dcd08f489b6f0", 0x34}], 0x4) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = getpgrp(0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000140)=0xd) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) mount(&(0x7f0000000340)=@nullb, &(0x7f0000000380)='.\x00', 0x0, 0x401, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) clock_gettime(0x2, &(0x7f0000000040)) 10.129893668s ago: executing program 2 (id=2815): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r1 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)) r2 = getpid() prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x2, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1b5cb000) r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) socket(0x40000000015, 0x5, 0x0) syz_open_dev$vcsa(&(0x7f0000000300), 0x1, 0x102) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) r7 = dup(r6) alarm(0x80000001) write$UHID_INPUT(r7, &(0x7f0000002080)={0x200f, {"20e30a30ed0d09f91b5e070987f70e06d038e7ff7fc6e5539b0d3e0e8b089b3f363063030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c526db51b1b5b31070d0773090acd3b78130daa61d8e8040001180000b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19300305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f6709000000a141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a027d5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf050000008000000000f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b3f3f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7af1d0e54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c01008e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2f5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d21488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e1a63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e09d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a603336c00000077cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046ca5b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe6531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e6586df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59555e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0d8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb601203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f900000930dedf800", 0x1000}}, 0x1006) 10.087971511s ago: executing program 4 (id=2816): mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000002, 0x12, 0xffffffffffffffff, 0x3000) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_procfs(0x0, 0x0) fsopen(&(0x7f00000002c0)='gfs2\x00', 0x1) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) r1 = fcntl$dupfd(r0, 0x406, r0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmsg$TIPC_NL_NODE_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x134}, 0x1, 0x0, 0x0, 0x24040841}, 0x40008) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x4, 0x70bd26, 0x25dfdbfe, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x4004}, 0xc045) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='bbr', 0x37) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) write$binfmt_elf64(r1, &(0x7f0000000f80)=ANY=[], 0x540) syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), r1) sendmsg$TIPC_NL_KEY_FLUSH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000780)=ANY=[], 0x280}, 0x1, 0x0, 0x0, 0x10}, 0x60000800) shutdown(r0, 0x1) 8.717928622s ago: executing program 3 (id=2817): syz_emit_ethernet(0x36, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x0) setresuid(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet_smc(0x2b, 0x1, 0x0) listen(r3, 0x4000) close(r3) r4 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0) ioctl$UI_DEV_SETUP(r4, 0x5501, 0x0) readv(r4, &(0x7f0000001900)=[{&(0x7f0000000040)=""/65, 0x41}], 0x1) ioctl$UI_DEV_DESTROY(r4, 0x5502) 8.716502463s ago: executing program 2 (id=2825): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = socket$kcm(0x29, 0x2, 0x0) close(r0) r1 = socket$kcm(0x2b, 0x1, 0x0) r2 = getpgrp(0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1b5cb000) r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) close(r1) r6 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r6, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004040) setsockopt$sock_attach_bpf(r0, 0x1, 0xd, &(0x7f0000000080), 0x2cb) close(r1) kexec_load(0x8, 0x0, 0x0, 0x140000) 7.680012054s ago: executing program 3 (id=2818): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r3 = syz_open_dev$sndctrl(0x0, 0x0, 0x88200) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r3, 0xc4c85512, &(0x7f0000000c80)={{0x8, 0x2, 0x1, 0xffffff63, 'syz1\x00', 0x6}, 0x0, [0x8, 0x3, 0x7ff, 0x8001, 0x1, 0x5, 0x9, 0x3, 0x7, 0x3, 0xffff, 0x5, 0x4, 0x6, 0x4, 0x8000000000000001, 0x2, 0x260000000000000, 0x2, 0x1984, 0x4, 0x0, 0x5, 0x4, 0x4, 0x6, 0x100, 0x40, 0x8, 0x3, 0x7fffffffffffffff, 0x6, 0x3, 0x77f, 0x4, 0x401, 0x8, 0x6, 0x100, 0x4d2e, 0x34b7062480000, 0x101, 0x6, 0x8, 0xf51, 0xffffffffffffffff, 0x8001, 0x1, 0x8000000000000001, 0x5, 0x5, 0x5, 0x1, 0x1, 0x400, 0x9, 0x86e, 0x3, 0x0, 0x6, 0x4, 0x8000000000000000, 0x80c7, 0x27, 0x0, 0x5, 0xffffffff, 0x8000, 0xc2d0, 0x100000001, 0x9, 0x8001, 0x5, 0x1, 0x0, 0x9, 0x6, 0x3, 0xfe, 0x1, 0x2, 0x2e, 0x2, 0x2, 0x400000000, 0x6, 0x7, 0x9, 0x1ff, 0x5, 0x0, 0x4, 0x4000000000003, 0xfffffffffffffffa, 0x5, 0x1, 0x8000000000000eb0, 0x2, 0x2, 0x7, 0x9, 0x4, 0x481, 0x9, 0xfffffffffffffffe, 0x5, 0xf1, 0xff, 0x1, 0x4, 0xa, 0xffffffff, 0x4ff, 0x8, 0x6f, 0x4, 0xa, 0x0, 0xb, 0x1, 0x1945, 0x4601c2c5, 0x92, 0x6, 0xfffffffffffffffa, 0x7, 0x9, 0x8000]}) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}}, 0xb8}}, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r5 = socket$kcm(0x10, 0x400000002, 0x0) sendmsg$inet(r5, 0x0, 0x0) r6 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x13, 0x0, 0x0, 0x2}, 0x10}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) 7.618725518s ago: executing program 4 (id=2819): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500)={0x200002, 0x200003, 0x801, 0x0, 0x7, 0x204}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x3000046, &(0x7f00000134c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = socket(0x15, 0x5, 0x0) getsockopt(r0, 0x200000000114, 0x2712, 0x0, &(0x7f0000000000)) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@nojournal_checksum}, {@dioread_lock}, {@resgid}, {}, {@resgid}, {@inlinecrypt}, {@debug}, {@usrquota}]}, 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC") open(&(0x7f0000000680)='./bus\x00', 0x4001410c2, 0x2e) mount(&(0x7f00000004c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) renameat2(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x2) r1 = open(&(0x7f0000000300)='./file1\x00', 0x14927e, 0x0) fallocate(r1, 0x0, 0x0, 0x1001f0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x40, 0x8005, 0x0, 0x0, 0xa, 0x4, "ef359f413bb93852f7d6a4ae6dddfbd1000000000000ff91031905b9aaaaf755a3f6a004000000000001000200", "036c47c6780820d1cbf733970000cf33768bbd9bffbcc2542ded71038259ca171ce1a310ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204, 0xffffffffffffffff]}) write$binfmt_misc(r1, &(0x7f0000000340), 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000400), 0x1, 0x55f, &(0x7f0000000580)="$eJzs3d9rU+cbAPDnpK2/v18riGxjjIIXczhT2+6Hg124y7HJhO3ehfZYpKmRJhXbCdOLebObIYMxJozdb/e7lP0D+yuETZAhZbvYTcZJT2q0SRNrtNF8PnDkfXNO+p4n73le35M3IQEMrYnsn0LEyxHxTRJxMCKSfN9o5Dsn1o9bu391NtuSqNc//StpHJfVm3+r+bz9eeWliPjtq4jjhc3tVldWF0rlcrqU1ydri5cmqyurJy4slubT+fTi9MzMqbdnpt97952+xfrG2X++/+T2h6e+Prr23S93D91M4nQcyPe1xvEErrVWJmIif03G4vQjB071obFBkuz0CbAtI3mej0U2BhyMkTzrgRfflxFRB4ZUIv9hSDXnAc17+z7dBz837n2wfgO0Of7R9fdGYk/j3mjfWvLQnVF2vzveh/azNn7989bNbIv+vQ8B0NW16xFxcnR08/iX5OPf9p3s4ZhH2zD+wbNzO5v/vNlu/lPYmP9Em/nP/ja5ux3d879wtw/NdJTN/95vO//dWLQaH8lr/2vM+caS8xfKaTa2/T8ijsXY7qy+1XrOqbU79U77Wud/2Za135wL5udxd3T3w8+ZK9VKTxJzq3vXI15pO/9NNvo/adP/2etxtsc2jqS3Xuu0r3v8T1f9p4jX2/b/gxWtZOv1ycnG9TDZvCo2+/vGkd87tb/T8Wf9v2/r+MeT1vXa6uO38eOef9NO+x6KP3q//nclnzXKu/LHrpRqtaWpiF3Jx5sfn37w3Ga9eXwW/7GjW49/7a7/vRHxeY/x3zj886s9xd+t/5/CImsW/9xj9f/jF+589MUP248/6/+3GqVj+SO9jH+9nuCTvHYAAAAAAAAwaAoRcSCSQnGjXCgUi+uf7zgc+wrlSrV2/Hxl+eJcNL4rOx5jheZK98GWz0NM5Z+HbdanH6nPRMShiPh2ZG+jXpytlOd2OngAAAAAAAAAAAAAAAAAAAAYEPs7fP8/88fITp8d8NT5yW8YXl3zvx+/9AQMJP//w/CS/zC85D8ML/kPw0v+w/CS/zC85D8ML/kPAAAAAAAAAAAAAAAAAAAAAAAAAAAAfXX2zJlsq6/dvzqb1ecurywvVC6fmEurC8XF5dnibGXpUnG+Upkvp8XZymK3v1euVC5NTcfylclaWq1NVldWzy1Wli/Wzl1YLM2n59KxZxIVAAAAAAAAAAAAAAAAAAAAPF+qK6sLpXI5XVJQ2FZhdDBOY3UhYiBO40Up7PTIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/BcAAP//8NI25Q==") lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f00000001c0)=ANY=[], 0x361, 0x0) 6.624729687s ago: executing program 3 (id=2820): r0 = mq_open(0x0, 0x40, 0x1a2, 0x0) mq_notify(r0, 0x0) r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x201, 0x0) ioctl$SOUND_MIXER_READ_STEREODEVS(r1, 0x80044dfb, &(0x7f0000000040)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setresgid(0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') symlinkat(&(0x7f0000000400)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000001200)='./file1\x00') readlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080)=""/29, 0x1d) 4.725315859s ago: executing program 3 (id=2821): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = epoll_create1(0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0x3, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0xe}, 0x0, 0x0, 0x0, 0x0) epoll_wait(r5, &(0x7f0000000000)=[{}], 0x1, 0x7ff) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder1\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f00000000c0)={0x10000011}) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="180100002800010004000000fcdbdf250601f2800c00180008ac0f00000000001400010000000000000000000000ffffac14142d50bb2d6f67d29d6fabadb107d0def4dc88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36e882348c26c2126237dd5b37f5a0455b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c69be82fd3f0400e900"/280], 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0) 4.705324721s ago: executing program 1 (id=2822): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x0, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x1d}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]}) r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) symlinkat(&(0x7f0000000280)='./file1/file0\x00', r3, &(0x7f0000000380)='./file1\x00') syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x100000, &(0x7f0000000200)=ANY=[], 0x1, 0x0, 0x0) unlink(&(0x7f0000000440)='./file1\x00') linkat(r3, &(0x7f0000001180)='./file1\x00', r3, &(0x7f00000002c0)='./file0\x00', 0x0) link(&(0x7f0000000140)='./file0\x00', 0x0) 3.817678393s ago: executing program 2 (id=2823): syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000a80)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00a717cf64394a00dc299b573660f498c4d99aac48af10923f703f53e58070c2bf4575228d0e471df7101ac03b8d48a1b0fc276e395f25b63e9a27cd2ab98888989eec154d97b4dbcf"], 0x1, 0xa09, &(0x7f0000001540)="$eJzs3UuMHEfdAPDq2Z31M5/H+WyyOCaxCSThkd14vZiHBXEUX7DiiFukiIvlOMHCMQhHgkQ52D5xI1FkrjzEKZcIEBK5ICsnLpGIJS45BQ4csIwUiQME7EW7WzU7+/eMemZt73h2fj+ptqa6aqaqZ3t6erq7qhIwthpLf+fnp6uULr3z5tG/P/y3LYtLnmiXaC39nexINVNKVU5Phtf7cGI5vv7Raye7xVWaW/pb0umZa+3nbkspnU/70uXUSnsuXXnjvbmnj184dnH/+28dvnpn1h4AAMbLty4fnt/9lz/dv/Pjtx84kja1l5fj81ZOb8/H/UfygX85/m+k1emqI3SaCuUmc2iEchNdynXW0wzlJnvUPxVet9mj3Kaa+ic6lnVbbxhlZTtupaoxsyrdaMzMLP8mT0u/66eqmbOnz7xwbkgNBW67fz6YUtonCMI4hoUdw94DASyL1wtvcj6eWbg17Veb7K/+a082uj8fboP13v7VP1r1/+qCPQ63z0bdmsp6lc/R9pyO1xHi/UuDfv7L68XrEc0+29nrOsKoXF/o1c6JdW7HWvVqf9wuNqqv57i8D98I+Z2fn/g/HZX/MdDdv5z/F4SxDQvD3gEBd61439xCVvLjfX0xf1NN/uaa/C01+Vtr8rfV5MM4++3LP0mvVyu/8+Nv+kHPh5XzbPfk+P8GbE88Hzlo/fG+30Hdav3xfmK4m/3+xLOnvvL8c1eW7/+v2tv/jby978vpVv5sXc4FyvnCeF69fe9/a3U9jR7l7g3tuadL+aXHu1aXq3atvE7q2M/c1I7p1c/b0avc3tXlWqHclhw2h/bG45Ot4Xnl+KPsV8v7NRnWtxnWYyq0o+xXduY4tgPWomyPve7/L9vndGpWL5w+c+rxnC7b6R8nmpsWlx9Y53YDt67f/j/TaXX/n+3t5c1G535hx8ryqnO/0ArL53osP5jT5XvuOxNblpbPnPzemedv98rDmDv3yqvfPXHmzKkfeOCBBx60Hwx7zwTcabMvv/T92XOvvPrY6ZdOvHjqxVNnDx46dHBu7tBXD87PLh3Xz3Ye3QMbycqX/rBbAgAAAAAAAAAAAPTrh8eOXvnzu1/+YLn//0r/v9L/v9z5W/r//zj0/4/95Es/+NIPcGeX/KUyYYDVqVCumcP/h/buCvXsDs/7RI7b8/jl/v+lujiua2nPfWF5HL+3lAvDCdw0XspUGIMkzhf46RxfzPEvEwxRtaX74hzXjW9dtvUyPoVxKUZT+b+VraGMY1L6f/ca16ns/3euQxu5/dajO+Gw1xHo7h/G/xaEsQ0LC2bxAO4Ow57/s5z3LPHZP3xz82Ioxa49uXp/GccvhVtxt88/qf6NNf9ne/67vvd/Yca81trq/ffPrn7QUW3a02/9cf3LONC7Bqv/41x/WZtHUn/1L/wi1B8vCPXpP6H+rX3Wf9P6711b/f/N9Ze37dGH+q1/ucVVY3U74nnjcv0vnjcurof1L2N7Drz+a5yo8UauH8bZqMwzO6hRmf+3l3gfxpdyuuwIy30Ocb6TQdtf7q8o3wO7w+tXNd9v5v8dbV/Lcd3nocz/W7bHVpd0oyPd7PLebtR9DYyqD13/E4SxDQsLC3f2hFaNoVbO0N//Yf9OGHb9w37/68T5f+MxfJz/N+bH+X9jfpz/N+bH+fVifpz/N76fcf7fmH9feN04P/B0Tf4na/L31OTfX5O/tyb/UzX5+2vyH6jJf7Am/96a/Idq8j9Tk//ZmvyHa/Ifrcn/XE3+Rlf6o4zr+sM4i/3zfP5hfJTrP70+/7tq8oHR9dO3Dzz13G++3Vru/z/VPh9SruMdyelm/u38o5yO171TR3ox792c/mvIv9vPd8A4ieNnxO/3R2rygdFV7vPy+YYxVHUfsaffcat6HeczWj6f4y/k+Is5fizHMzmezfGBHM+tU/u4M5769e8Ov16t/N7fEfL7vZ889geK40Qd7LM98fzAoPezx3H8BnWr9a+xOxgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDQNJb+zs9PVyldeufNo88ePz27uOSJdonW0t/JjlSz/byUHs/xRI5/nh9c/+i1k53xjcV4KqUqzaUqVe3l6Zlr7Zq2pZTOp33pcmqlPZeuvPHe3NPHLxy7uP/9tw5fvYNvAQAAAGx4/wsAAP//2XsNow==") syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000040)='./bus\x00', 0x2029c1b, 0x0, 0x1, 0x0, &(0x7f00000000c0)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) move_pages(0x0, 0x6, &(0x7f0000000340)=[&(0x7f00004fc000/0x2000)=nil, &(0x7f00005cd000/0x1000)=nil, &(0x7f000012b000/0x1000)=nil, &(0x7f00008c4000/0x3000)=nil, &(0x7f0000491000/0x2000)=nil, &(0x7f0000941000/0x3000)=nil], &(0x7f0000000400)=[0x7f, 0x0, 0x3, 0xffff], &(0x7f0000000440)=[0x0], 0x4) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 2.159513501s ago: executing program 3 (id=2824): socket$netlink(0x10, 0x3, 0x0) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0xd, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_dev$vim2m(0x0, 0x7fff, 0x2) syz_io_uring_setup(0x234, 0x0, 0x0, 0x0) capset(0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r4 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f0000000180)={0xffffffffffffffff}) ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x89e2, 0x0) 2.153932882s ago: executing program 4 (id=2826): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) waitid$P_PIDFD(0x3, 0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) epoll_create(0x5) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, 0x0, 0x0) r4 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0x2d}, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x6e}, 0x2c) setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x7, 0x5, 0x77}, {@private=0xa010101, 0x4e23, 0x1, 0xcd, 0x12d5f, 0x3}}, 0x44) r5 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000001080)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f00000000c0)={r6, 0x80000000}, 0x0) 1.331526331s ago: executing program 1 (id=2827): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xbf5ce000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) prctl$PR_SET_IO_FLUSHER(0x43, 0x1) prctl$PR_SET_IO_FLUSHER(0x43, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount(0x0, 0x0, 0x0, 0x1214040, 0x0) r3 = syz_open_dev$loop(&(0x7f0000000640), 0x1, 0x8000) ioctl$BLKREPORTZONE(r3, 0xc0101282, 0x0) chroot(&(0x7f0000000a40)='./file0\x00') syz_open_dev$tty20(0xc, 0x4, 0x1) 848.794599ms ago: executing program 4 (id=2828): mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000002, 0x12, 0xffffffffffffffff, 0x3000) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_procfs(0x0, 0x0) fsopen(&(0x7f00000002c0)='gfs2\x00', 0x1) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) r1 = fcntl$dupfd(r0, 0x406, r0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmsg$TIPC_NL_NODE_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x134}, 0x1, 0x0, 0x0, 0x24040841}, 0x40008) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x4, 0x70bd26, 0x25dfdbfe, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x4004}, 0xc045) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='bbr', 0x37) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) write$binfmt_elf64(r1, &(0x7f0000000f80)=ANY=[], 0x540) syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), r1) sendmsg$TIPC_NL_KEY_FLUSH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000780)=ANY=[], 0x280}, 0x1, 0x0, 0x0, 0x10}, 0x60000800) shutdown(r0, 0x1) 19.922379ms ago: executing program 33 (id=2828): mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000002, 0x12, 0xffffffffffffffff, 0x3000) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_procfs(0x0, 0x0) fsopen(&(0x7f00000002c0)='gfs2\x00', 0x1) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) r1 = fcntl$dupfd(r0, 0x406, r0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmsg$TIPC_NL_NODE_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x134}, 0x1, 0x0, 0x0, 0x24040841}, 0x40008) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x4, 0x70bd26, 0x25dfdbfe, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x4004}, 0xc045) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='bbr', 0x37) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) write$binfmt_elf64(r1, &(0x7f0000000f80)=ANY=[], 0x540) syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), r1) sendmsg$TIPC_NL_KEY_FLUSH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000780)=ANY=[], 0x280}, 0x1, 0x0, 0x0, 0x10}, 0x60000800) shutdown(r0, 0x1) 0s ago: executing program 1 (id=2830): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_mount_image$bfs(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x808010, &(0x7f00000002c0)=ANY=[], 0x0, 0x9b, &(0x7f0000000000)="$eJzs0s3NAQEQBuD324/gYBtw0IEatCKO3JyIREVaUYJECW7isrJhIyjAT54nmZlM3sscZnfeDlIm1SapniyWq9lkfu3p58E4/IIiSSdJN8mwvO/J4fYFyf64njZVJ3+nJgEAAL5JkVE9/l+TVpJekvYbrgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4HJcAAAD//yc5MPk=") mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0}) ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000280)={&(0x7f0000000dc0)={{@host, 0x3}, {@my=0x0, 0x800000}, 0x400, "884fbe2726aa0a32f3e65f909acda971a093228292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c51a69bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b83172d07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8babfc02975ad0d60ed8de9cb8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f329fd45ffa640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da1423305c502076177e4af50cb3343c10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c61b033f430fb6a7408e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411d5f0e8ab2102a97e539c34e9c769a7dafb87c5918deb59ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e61d9c69e6466bc0cbef15365109e4f67a6268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162e6abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c9"}, 0x418, 0x1000404}) pipe(0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) sendmmsg$inet(r1, &(0x7f0000004980), 0x0, 0x20008000) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) socket(0xa, 0x3, 0xff) prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8000}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000140)=@gcm_128={{0x304}, "60000100", "9de66ebc3914c06f0f109088d190e700", "000e3102", "f8dde5bf3eba23db"}, 0x28) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x6, 0x0) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000440)=""/173) kernel console output (not intermixed with test programs): non:0 [ 754.437401][T10162] active_file:18526 inactive_file:40205 isolated_file:0 [ 754.437401][T10162] unevictable:768 dirty:98 writeback:0 [ 754.437401][T10162] slab_reclaimable:11312 slab_unreclaimable:94868 [ 754.437401][T10162] mapped:27618 shmem:36083 pagetables:763 [ 754.437401][T10162] sec_pagetables:0 bounce:0 [ 754.437401][T10162] kernel_misc_reclaimable:0 [ 754.437401][T10162] free:1307727 free_pcp:9750 free_cma:0 [ 754.483189][T10162] Node 0 active_anon:164048kB inactive_anon:0kB active_file:73968kB inactive_file:160620kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:110468kB dirty:392kB writeback:0kB shmem:142796kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11836kB pagetables:3052kB sec_pagetables:0kB all_unreclaimable? no [ 754.516326][T10162] Node 1 active_anon:0kB inactive_anon:0kB active_file:136kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 754.546775][T10162] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 754.573886][T10162] lowmem_reserve[]: 0 2521 2522 2522 2522 [ 754.579690][T10162] Node 0 DMA32 free:1322672kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:164008kB inactive_anon:0kB active_file:73968kB inactive_file:159796kB unevictable:1536kB writepending:392kB present:3129332kB managed:2586972kB mlocked:0kB bounce:0kB free_pcp:19072kB local_pcp:5940kB free_cma:0kB [ 754.610731][T10162] lowmem_reserve[]: 0 0 0 0 0 [ 754.615606][T10162] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:824kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 754.642387][T10162] lowmem_reserve[]: 0 0 0 0 0 [ 754.647162][T10162] Node 1 Normal free:3892652kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:136kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:19808kB local_pcp:9536kB free_cma:0kB [ 754.676815][T10162] lowmem_reserve[]: 0 0 0 0 0 [ 754.681548][T10162] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 754.694224][T10162] Node 0 DMA32: 2*4kB (ME) 395*8kB (UME) 909*16kB (UME) 810*32kB (UME) 441*64kB (UME) 304*128kB (UME) 148*256kB (UME) 57*512kB (UM) 36*1024kB (UME) 9*2048kB (UM) 266*4096kB (UM) = 1322672kB [ 754.713557][T10162] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 754.725410][T10162] Node 1 Normal: 263*4kB (UME) 82*8kB (UME) 44*16kB (UE) 90*32kB (UME) 20*64kB (UE) 6*128kB (UE) 1*256kB (E) 2*512kB (ME) 1*1024kB (E) 2*2048kB (UE) 947*4096kB (M) = 3892652kB [ 754.743090][T10162] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 754.752699][T10162] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 754.762051][T10162] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 754.771658][T10162] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 754.781173][T10162] 94785 total pagecache pages [ 754.785968][T10162] 0 pages in swap cache [ 754.790121][T10162] Free swap = 124428kB [ 754.794291][T10162] Total swap = 124996kB [ 754.798458][T10162] 2097051 pages RAM [ 754.802238][T10162] 0 pages HighMem/MovableOnly [ 754.806957][T10162] 416922 pages reserved [ 754.811104][T10162] 0 pages cma reserved [ 754.897248][T10199] tipc: Resetting bearer [ 755.572921][T10205] tipc: Enabling of bearer rejected, already enabled [ 755.839666][T10205] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1005'. [ 757.664343][T10223] loop4: detected capacity change from 0 to 128 [ 759.573642][T10223] qnx6: wrong signature (magic) in superblock #1. [ 760.094661][T10226] syz.2.1010 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 760.985825][T10228] veth0_to_team: entered promiscuous mode [ 762.823267][T10242] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1017'. [ 762.880951][T10242] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1017'. [ 763.552041][T10246] loop2: detected capacity change from 0 to 32768 [ 763.597304][T10246] (syz.2.1012,10246,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 763.615992][T10246] (syz.2.1012,10246,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 763.693204][T10246] JBD2: Ignoring recovery information on journal [ 763.951930][T10246] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 764.762911][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 764.762926][ T27] audit: type=1800 audit(1769190323.232:49): pid=10255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1012" name="file2" dev="loop2" ino=16978 res=0 errno=0 [ 765.277810][ T5765] ocfs2: Unmounting device (7,2) on (node local) [ 767.394954][T10271] tipc: Enabling of bearer rejected, already enabled [ 767.412246][T10272] fuse: Unknown parameter 'group_id00000000000000000000' [ 767.435955][T10272] tipc: Enabling of bearer rejected, already enabled [ 774.105339][T10311] loop3: detected capacity change from 0 to 256 [ 775.505300][T10311] FAT-fs (loop3): Directory bread(block 64) failed [ 775.512332][T10311] FAT-fs (loop3): Directory bread(block 65) failed [ 775.519027][T10311] FAT-fs (loop3): Directory bread(block 66) failed [ 775.525623][T10311] FAT-fs (loop3): Directory bread(block 67) failed [ 775.532218][T10311] FAT-fs (loop3): Directory bread(block 68) failed [ 775.538829][T10311] FAT-fs (loop3): Directory bread(block 69) failed [ 775.548327][T10311] FAT-fs (loop3): Directory bread(block 70) failed [ 775.557672][T10311] FAT-fs (loop3): Directory bread(block 71) failed [ 775.564630][T10311] FAT-fs (loop3): Directory bread(block 72) failed [ 775.571159][T10311] FAT-fs (loop3): Directory bread(block 73) failed [ 779.117495][T10325] fuse: Unknown parameter 'group_id00000000000000000000' [ 779.194201][T10325] tipc: Enabling of bearer rejected, already enabled [ 787.680662][T10382] loop2: detected capacity change from 0 to 128 [ 787.794041][T10382] VFS: Found a Xenix FS (block size = 512) on device loop2 [ 788.188798][T10384] sysv_count_free_blocks: cannot read free-list block [ 788.462166][T10384] sysv_count_free_inodes: unable to read inode table [ 788.726824][ T5765] sysv_free_block: trying to free block not in datazone [ 789.968842][ T5765] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 792.990260][T10411] fuse: Unknown parameter 'group_i00000000000000000000' [ 793.027922][T10411] tipc: Enabling of bearer rejected, already enabled [ 793.401960][T10415] loop1: detected capacity change from 0 to 2048 [ 793.517372][T10415] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 793.608851][T10416] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 794.472652][T10422] syzkaller0: entered promiscuous mode [ 794.478707][T10422] syzkaller0: entered allmulticast mode [ 798.438970][T10456] fuse: Unknown parameter 'group_i00000000000000000000' [ 798.451589][T10456] tipc: Enabling of bearer rejected, already enabled [ 798.590668][T10457] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 802.641634][T10488] loop1: detected capacity change from 0 to 512 [ 802.777305][T10492] fuse: Unknown parameter 'group_i00000000000000000000' [ 802.789235][T10492] tipc: Enabling of bearer rejected, already enabled [ 802.853134][T10488] EXT4-fs error (device loop1): ext4_orphan_get:1398: inode #15: comm syz.1.1080: inode has both inline data and extents flags [ 802.943139][T10488] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.1080: couldn't read orphan inode 15 (err -117) [ 802.999453][T10488] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 804.064742][T10506] loop2: detected capacity change from 0 to 64 [ 804.441209][T10509] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1084'. [ 804.452817][T10509] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1084'. [ 804.462940][T10509] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1084'. [ 804.473753][T10509] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1084'. [ 804.483780][T10509] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1084'. [ 805.246007][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 806.339689][T10521] loop2: detected capacity change from 0 to 1024 [ 806.843148][T10526] hfsplus: inconsistency in B*Tree (9,1,255,1,0) [ 806.850093][T10526] hfsplus: xattr search failed [ 807.269646][T10528] fuse: Unknown parameter 'group_id00000000000000000000' [ 807.302557][ T2964] hfsplus: b-tree write err: -5, ino 4 [ 807.323912][T10528] tipc: Enabling of bearer rejected, already enabled [ 808.757595][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 814.639475][T10568] fuse: Unknown parameter 'group_id00000000000000000000' [ 814.652205][T10568] tipc: Enabling of bearer rejected, already enabled [ 823.464478][T10629] fuse: Unknown parameter 'group_id00000000000000000000' [ 823.505845][T10629] tipc: Enabling of bearer rejected, already enabled [ 826.923604][T10649] 9pnet_virtio: no channels available for device 127.0.0.1 [ 829.715786][T10667] loop4: detected capacity change from 0 to 512 [ 830.009540][T10672] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1127'. [ 830.025236][T10667] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 830.051105][T10667] ext4 filesystem being mounted at /207/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 830.276348][T10670] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 832.022150][T10665] loop2: detected capacity change from 0 to 64 [ 832.035482][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 834.356220][T10698] tipc: Enabling of bearer rejected, already enabled [ 839.496628][T10715] syzkaller0: entered promiscuous mode [ 839.513666][T10715] syzkaller0: entered allmulticast mode [ 840.448769][T10726] loop2: detected capacity change from 0 to 512 [ 840.561093][T10726] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 840.744003][ T5754] libceph: connect (1)[c::]:6789 error -101 [ 840.752252][ T5754] libceph: mon0 (1)[c::]:6789 connect error [ 840.765705][T10726] ext4 filesystem being mounted at /284/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 841.028768][ T5754] libceph: connect (1)[c::]:6789 error -101 [ 841.157782][ T5754] libceph: mon0 (1)[c::]:6789 connect error [ 841.216954][T10731] ceph: No mds server is up or the cluster is laggy [ 843.445716][ T5765] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 849.996354][T10786] loop3: detected capacity change from 0 to 256 [ 850.691167][T10786] FAT-fs (loop3): Directory bread(block 64) failed [ 850.697818][T10786] FAT-fs (loop3): Directory bread(block 65) failed [ 850.704575][T10786] FAT-fs (loop3): Directory bread(block 66) failed [ 850.711109][T10786] FAT-fs (loop3): Directory bread(block 67) failed [ 850.717938][T10786] FAT-fs (loop3): Directory bread(block 68) failed [ 850.724560][T10786] FAT-fs (loop3): Directory bread(block 69) failed [ 850.731908][T10786] FAT-fs (loop3): Directory bread(block 70) failed [ 850.738499][T10786] FAT-fs (loop3): Directory bread(block 71) failed [ 850.745148][T10786] FAT-fs (loop3): Directory bread(block 72) failed [ 850.751661][T10786] FAT-fs (loop3): Directory bread(block 73) failed [ 851.161732][T10792] loop3: detected capacity change from 0 to 512 [ 851.418284][T10792] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 851.527795][T10792] ext4 filesystem being mounted at /294/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 852.724657][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 856.164376][T10815] fuse: Bad value for 'fd' [ 856.188412][T10815] tipc: Enabling of bearer rejected, already enabled [ 856.483912][T10823] ntfs3: loop2: try to read out of volume at offset 0x0 [ 859.712099][T10839] PKCS8: Unsupported PKCS#8 version [ 860.149298][T10841] loop1: detected capacity change from 0 to 512 [ 860.214607][T10841] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 860.268928][T10841] ext4 filesystem being mounted at /296/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 861.331712][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 866.989568][T10874] loop1: detected capacity change from 0 to 512 [ 867.024447][T10874] EXT4-fs: Ignoring removed orlov option [ 867.030133][T10874] EXT4-fs: Ignoring removed mblk_io_submit option [ 868.376014][T10874] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.1182: corrupted in-inode xattr: e_value size too large [ 868.459062][T10874] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.1182: couldn't read orphan inode 15 (err -117) [ 868.506098][T10874] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 869.610871][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 869.854615][T10890] tipc: Enabled bearer , priority 0 [ 869.864846][T10890] syzkaller0: entered promiscuous mode [ 869.870946][T10890] syzkaller0: entered allmulticast mode [ 869.974148][T10890] tipc: Resetting bearer [ 870.007532][T10889] tipc: Resetting bearer [ 870.188975][T10889] tipc: Disabling bearer [ 870.212473][T10896] fuse: Invalid rootmode [ 870.247737][T10896] tipc: Enabling of bearer rejected, already enabled [ 870.284934][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.418985][T10899] loop4: detected capacity change from 0 to 64 [ 870.508113][T10901] fuse: Invalid rootmode [ 870.523128][T10901] tipc: Enabling of bearer rejected, already enabled [ 870.953491][T10905] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1186'. [ 870.993648][T10905] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1186'. [ 871.021122][T10905] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1186'. [ 871.041115][T10905] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1186'. [ 872.307652][T10915] fuse: Bad value for 'fd' [ 872.318429][T10915] tipc: Enabling of bearer rejected, already enabled [ 873.315169][T10924] fuse: Bad value for 'fd' [ 873.337993][T10924] tipc: Enabling of bearer rejected, already enabled [ 879.024671][T10954] loop3: detected capacity change from 0 to 64 [ 879.402125][T10956] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1202'. [ 879.414565][T10956] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1202'. [ 879.424714][T10956] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1202'. [ 879.436112][T10956] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1202'. [ 879.445594][T10956] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1202'. [ 885.203915][T10975] tipc: Enabled bearer , priority 0 [ 885.232182][T10975] syzkaller0: entered promiscuous mode [ 885.323655][T10975] syzkaller0: entered allmulticast mode [ 885.487184][T10975] tipc: Resetting bearer [ 885.516238][T10974] tipc: Resetting bearer [ 887.541160][T10974] tipc: Disabling bearer [ 888.106844][T10992] 9pnet_virtio: no channels available for device 127.0.0.1 [ 894.124087][ T9105] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 897.368798][T11029] loop1: detected capacity change from 0 to 64 [ 897.822527][T11035] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1213'. [ 897.835882][T11035] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1213'. [ 897.845950][T11035] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1213'. [ 897.856616][T11035] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1213'. [ 898.106428][T11035] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1213'. [ 909.779831][T11086] fuse: Bad value for 'rootmode' [ 909.820409][T11086] tipc: Enabling of bearer rejected, already enabled [ 910.363139][T11092] loop3: detected capacity change from 0 to 2048 [ 910.879440][T11092] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 910.919766][T11093] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 916.825125][T11116] tipc: Enabled bearer , priority 0 [ 916.836938][T11116] syzkaller0: entered promiscuous mode [ 916.842427][T11116] syzkaller0: entered allmulticast mode [ 917.015851][T11116] tipc: Resetting bearer [ 917.114528][T11112] tipc: Resetting bearer [ 919.127741][T11112] tipc: Disabling bearer [ 919.403659][T11012] Bluetooth: hci2: command 0x1003 tx timeout [ 919.411892][ T9105] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 921.053046][T11129] loop2: detected capacity change from 0 to 2048 [ 921.075149][T11129] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 921.683760][T11130] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 931.283846][T11164] loop2: detected capacity change from 0 to 512 [ 931.438259][T11164] EXT4-fs error (device loop2): ext4_orphan_get:1398: inode #15: comm syz.2.1259: inode has both inline data and extents flags [ 931.474557][T11164] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.1259: couldn't read orphan inode 15 (err -117) [ 931.495596][T11164] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 931.642703][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 932.135271][ T5765] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 941.249570][T11208] loop2: detected capacity change from 0 to 64 [ 941.687879][T11212] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1255'. [ 941.700730][T11212] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1255'. [ 941.711148][T11212] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1255'. [ 941.721343][T11212] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1255'. [ 941.730973][T11212] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1255'. [ 945.364254][T11012] Bluetooth: hci2: command 0x1003 tx timeout [ 945.372700][ T9105] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 945.786357][T11229] loop4: detected capacity change from 0 to 2048 [ 945.927454][T11229] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 946.430083][T10573] udevd[10573]: incorrect nilfs2 checksum on /dev/loop4 [ 946.437831][T11230] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 948.639882][T11239] loop4: detected capacity change from 0 to 512 [ 949.051345][T11239] EXT4-fs error (device loop4): ext4_orphan_get:1398: inode #15: comm syz.4.1276: inode has both inline data and extents flags [ 949.100217][T11239] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.1276: couldn't read orphan inode 15 (err -117) [ 949.159222][T11239] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 950.260397][T11251] 9pnet_virtio: no channels available for device 127.0.0.1 [ 952.383745][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 957.881600][T11275] loop4: detected capacity change from 0 to 512 [ 957.986223][T11275] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback. [ 958.013641][T11275] ext4 filesystem being mounted at /244/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 958.656446][T11279] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 958.667100][T11279] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 958.678028][T11279] EXT4-fs error (device loop4): ext4_acquire_dquot:6949: comm syz.4.1273: Failed to acquire dquot type 0 [ 958.969865][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0007-000000000000. [ 963.927032][T11301] loop4: detected capacity change from 0 to 256 [ 966.944369][T11311] 9pnet_virtio: no channels available for device 127.0.0.1 [ 967.694354][T11301] FAT-fs (loop4): Directory bread(block 64) failed [ 967.700937][T11301] FAT-fs (loop4): Directory bread(block 65) failed [ 967.709771][T11301] FAT-fs (loop4): Directory bread(block 66) failed [ 967.716856][T11301] FAT-fs (loop4): Directory bread(block 67) failed [ 967.723512][T11301] FAT-fs (loop4): Directory bread(block 68) failed [ 967.730056][T11301] FAT-fs (loop4): Directory bread(block 69) failed [ 967.736933][T11301] FAT-fs (loop4): Directory bread(block 70) failed [ 967.743520][T11301] FAT-fs (loop4): Directory bread(block 71) failed [ 967.750144][T11301] FAT-fs (loop4): Directory bread(block 72) failed [ 967.756872][T11301] FAT-fs (loop4): Directory bread(block 73) failed [ 981.728756][T11359] loop1: detected capacity change from 0 to 32768 [ 981.745703][T11359] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.1294 (11359) [ 981.807334][T11359] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 981.818397][T11359] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 981.827286][T11359] BTRFS info (device loop1): using free space tree [ 983.281936][T11359] BTRFS info (device loop1): enabling ssd optimizations [ 983.289005][T11359] BTRFS info (device loop1): auto enabling async discard [ 985.557392][ T5764] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 988.959917][T11397] loop2: detected capacity change from 0 to 512 [ 989.052195][T11397] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback. [ 989.114492][T11397] ext4 filesystem being mounted at /320/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 989.303470][T11401] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 989.325950][T11401] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 989.354909][T11401] EXT4-fs error (device loop2): ext4_acquire_dquot:6949: comm syz.2.1295: Failed to acquire dquot type 0 [ 989.961819][ T5765] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0007-000000000000. [ 993.076359][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1001.279487][T11454] tipc: Enabled bearer , priority 0 [ 1001.296679][T11454] syzkaller0: entered promiscuous mode [ 1001.302191][T11454] syzkaller0: entered allmulticast mode [ 1002.107406][T11467] tipc: Resetting bearer [ 1002.136348][T11453] tipc: Resetting bearer [ 1002.244963][T11453] tipc: Disabling bearer [ 1002.300449][T11469] fuse: Unknown parameter 'user_id00000000000000000000' [ 1002.321432][T11469] tipc: Enabling of bearer rejected, already enabled [ 1009.503418][T11511] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 1010.197498][T11516] fuse: Bad value for 'fd' [ 1010.285656][T11516] tipc: Enabling of bearer rejected, already enabled [ 1010.773993][ T27] audit: type=1107 audit(1769190846.230:50): pid=11517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 1010.802793][T11520] bridge_slave_0: left allmulticast mode [ 1011.130079][T11520] bridge_slave_0: left promiscuous mode [ 1011.303762][T11520] bridge0: port 1(bridge_slave_0) entered disabled state [ 1011.339046][T11520] bridge_slave_1: left allmulticast mode [ 1011.413486][T11520] bridge_slave_1: left promiscuous mode [ 1011.419299][T11520] bridge0: port 2(bridge_slave_1) entered disabled state [ 1012.883623][T11520] team0: Port device team_slave_0 removed [ 1013.062661][T11520] team0: Port device team_slave_1 removed [ 1013.177451][T11520] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1013.683574][T11520] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1013.718715][T11520] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1013.754939][T11520] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1014.046160][ T3508] tipc: Resetting bearer [ 1021.379395][T11561] loop4: detected capacity change from 0 to 2048 [ 1021.407200][T11561] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1021.459693][T11562] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1025.312508][T11575] loop1: detected capacity change from 0 to 512 [ 1025.438744][T11575] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback. [ 1025.468044][T11575] ext4 filesystem being mounted at /336/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1026.099277][T11579] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 1026.112148][T11579] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 1026.128436][T11579] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.1333: Failed to acquire dquot type 0 [ 1027.596366][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0007-000000000000. [ 1028.572892][T11593] loop1: detected capacity change from 0 to 2048 [ 1028.645432][T11594] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1034.117002][T11594] NILFS (loop1): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 1034.137487][T11594] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=4) [ 1034.200920][T11594] Remounting filesystem read-only [ 1034.224560][ T12] NILFS (loop1): discard dirty page: offset=4096, ino=6 [ 1034.231533][ T12] NILFS (loop1): discard dirty block: blocknr=39, size=1024 [ 1034.283557][ T12] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1034.292453][ T12] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1034.323649][ T12] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1034.332641][ T12] NILFS (loop1): discard dirty page: offset=0, ino=3 [ 1034.354334][ T12] NILFS (loop1): discard dirty block: blocknr=42, size=1024 [ 1034.361652][ T12] NILFS (loop1): discard dirty block: blocknr=43, size=1024 [ 1034.383736][ T12] NILFS (loop1): discard dirty block: blocknr=44, size=1024 [ 1034.391091][ T12] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1034.413432][ T12] NILFS (loop1): discard dirty page: offset=65536, ino=3 [ 1034.423635][ T12] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1034.432507][ T12] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1034.468222][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1034.486664][ T12] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1034.507028][ T12] NILFS (loop1): discard dirty page: offset=98304, ino=3 [ 1034.530175][ T12] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1034.557558][ T12] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1034.573714][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1034.580945][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1034.621837][ T12] NILFS (loop1): discard dirty page: offset=102400, ino=3 [ 1034.646722][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1034.663301][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1034.694128][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1034.701985][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1034.709774][ T12] NILFS (loop1): discard dirty page: offset=106496, ino=3 [ 1034.717553][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1034.727698][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1034.736548][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1034.744091][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1034.752262][ T12] NILFS (loop1): discard dirty page: offset=110592, ino=3 [ 1034.894415][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1034.901656][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1034.928636][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1034.941794][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1035.220014][ T12] NILFS (loop1): discard dirty page: offset=114688, ino=3 [ 1035.298199][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1035.343534][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1035.359074][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1035.403475][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1035.416671][ T12] NILFS (loop1): discard dirty page: offset=118784, ino=3 [ 1035.427127][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1035.434702][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1035.442033][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1035.449678][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1035.542978][ T12] NILFS (loop1): discard dirty page: offset=122880, ino=3 [ 1035.550416][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1035.559248][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1035.572716][ T12] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 1036.160583][T11622] loop2: detected capacity change from 0 to 2048 [ 1036.192218][ T12] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1036.202330][ T12] NILFS (loop1): discard dirty page: offset=196608, ino=3 [ 1036.211752][T11622] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1036.221448][ T12] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1036.452900][ T12] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1036.461943][ T12] NILFS (loop1): discard dirty block: blocknr=49, size=1024 [ 1036.472057][ T12] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1036.491394][ T5764] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer [ 1037.266760][ T5764] NILFS (loop1): discard dirty page: offset=0, ino=6 [ 1037.273986][ T5764] NILFS (loop1): discard dirty block: blocknr=35, size=1024 [ 1037.281307][ T5764] NILFS (loop1): discard dirty block: blocknr=36, size=1024 [ 1037.297408][ T27] audit: type=1804 audit(1769190872.770:51): pid=11629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1351" name="/newroot/346/file1" dev="fuse" ino=1 res=1 errno=0 [ 1037.320573][ T5764] NILFS (loop1): discard dirty block: blocknr=37, size=1024 [ 1037.347660][ T5764] NILFS (loop1): discard dirty block: blocknr=38, size=1024 [ 1038.547565][ T5764] NILFS (loop1): discard dirty page: offset=0, ino=5 [ 1038.554371][ T5764] NILFS (loop1): discard dirty block: blocknr=41, size=1024 [ 1038.561671][ T5764] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1038.594225][ T5764] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1038.603122][ T5764] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1038.647314][ T5764] NILFS (loop1): discard dirty page: offset=0, ino=4 [ 1038.663575][ T5764] NILFS (loop1): discard dirty block: blocknr=40, size=1024 [ 1038.688411][ T5764] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1038.708601][ T5764] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1038.743587][ T5764] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1041.567649][T11651] loop1: detected capacity change from 0 to 2048 [ 1041.583646][T11651] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1041.607181][T11657] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1043.362324][T11668] fuse: Unknown parameter '0x0000000000000005' [ 1043.573873][T11668] tipc: Enabling of bearer rejected, already enabled [ 1046.158336][T11683] 9pnet_fd: Insufficient options for proto=fd [ 1051.492372][T11711] nvme_fabrics: missing parameter 'transport=%s' [ 1051.515108][T11711] nvme_fabrics: missing parameter 'nqn=%s' [ 1051.674329][T11719] loop4: detected capacity change from 0 to 512 [ 1051.691180][T11718] fuse: Unknown parameter '0x0000000000000005' [ 1053.025828][T11718] tipc: Enabling of bearer rejected, already enabled [ 1053.045760][T11719] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback. [ 1054.347844][T11719] ext4 filesystem being mounted at /274/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1054.516283][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1055.050394][T11731] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 1055.061170][T11731] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 1055.073944][T11731] EXT4-fs error (device loop4): ext4_acquire_dquot:6949: comm syz.4.1373: Failed to acquire dquot type 0 [ 1055.223033][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0007-000000000000. [ 1059.130933][T11751] syzkaller0: entered promiscuous mode [ 1059.136729][T11751] syzkaller0: entered allmulticast mode [ 1060.415572][T11757] fuse: Unknown parameter '0x0000000000000005' [ 1060.428910][T11757] tipc: Enabling of bearer rejected, already enabled [ 1064.129860][T11776] loop1: detected capacity change from 0 to 16 [ 1064.156332][T11776] erofs: (device loop1): mounted with root inode @ nid 36. [ 1064.319725][T11778] fuse: Bad value for 'fd' [ 1064.389196][T11778] tipc: Enabling of bearer rejected, already enabled [ 1064.474534][T11779] erofs: (device loop1): z_erofs_readahead: readahead error at folio 87 @ nid 36 [ 1064.495702][T11779] erofs: (device loop1): z_erofs_readahead: readahead error at folio 86 @ nid 36 [ 1064.541852][T11779] syz.1.1389: attempt to access beyond end of device [ 1064.541852][T11779] loop1: rw=524288, sector=8, nr_sectors = 24 limit=16 [ 1064.567320][T11779] syz.1.1389: attempt to access beyond end of device [ 1064.567320][T11779] loop1: rw=524288, sector=14425508768, nr_sectors = 8 limit=16 [ 1064.987545][T11782] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1392'. [ 1064.998711][T11782] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1065.388607][T11782] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1067.976023][T11798] syzkaller0: entered promiscuous mode [ 1067.990783][T11798] syzkaller0: entered allmulticast mode [ 1068.064617][T11798] tipc: Enabled bearer , priority 0 [ 1068.097451][T11797] tipc: Resetting bearer [ 1068.188117][T11797] tipc: Disabling bearer [ 1075.327602][T11833] fuse: Unknown parameter 'fd0x0000000000000005' [ 1075.495438][T11833] tipc: Enabling of bearer rejected, already enabled [ 1084.015403][T11877] fuse: Unknown parameter 'fd0xffffffffffffffff' [ 1084.052060][T11877] tipc: Enabling of bearer rejected, already enabled [ 1088.416659][T11897] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1422'. [ 1089.118408][T11926] loop4: detected capacity change from 0 to 2048 [ 1089.151837][T11927] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1092.509089][T11927] NILFS (loop4): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 1092.553356][T11927] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=4) [ 1092.636482][T11927] Remounting filesystem read-only [ 1092.659097][T11243] NILFS (loop4): discard dirty page: offset=4096, ino=6 [ 1092.699030][T11243] NILFS (loop4): discard dirty block: blocknr=39, size=1024 [ 1092.759957][T11243] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1092.829861][T11243] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1092.917670][T11243] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1092.996279][T11243] NILFS (loop4): discard dirty page: offset=0, ino=3 [ 1093.060271][T11243] NILFS (loop4): discard dirty block: blocknr=42, size=1024 [ 1093.108703][T11243] NILFS (loop4): discard dirty block: blocknr=43, size=1024 [ 1093.176838][T11243] NILFS (loop4): discard dirty block: blocknr=44, size=1024 [ 1093.259853][T11243] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1093.321662][T11243] NILFS (loop4): discard dirty page: offset=65536, ino=3 [ 1093.372837][T11243] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1093.430520][T11243] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1093.504352][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.555871][T11243] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1093.564921][T11243] NILFS (loop4): discard dirty page: offset=98304, ino=3 [ 1093.571957][T11243] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1093.580891][T11243] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1093.589806][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.597188][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.604487][T11243] NILFS (loop4): discard dirty page: offset=102400, ino=3 [ 1093.611610][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.620231][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.627520][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.634920][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.642141][T11243] NILFS (loop4): discard dirty page: offset=106496, ino=3 [ 1093.649845][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.657682][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.664952][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.672162][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.679541][T11243] NILFS (loop4): discard dirty page: offset=110592, ino=3 [ 1093.686729][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.694065][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.701282][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.708558][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.715952][T11243] NILFS (loop4): discard dirty page: offset=114688, ino=3 [ 1093.723073][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.730364][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.737621][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.745033][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.752260][T11243] NILFS (loop4): discard dirty page: offset=118784, ino=3 [ 1093.760295][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.767612][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.777996][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.786296][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.796916][T11243] NILFS (loop4): discard dirty page: offset=122880, ino=3 [ 1093.805289][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.812871][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.833494][T11243] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 1093.840715][T11243] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1093.860752][T11243] NILFS (loop4): discard dirty page: offset=196608, ino=3 [ 1093.872785][T11243] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1093.884616][T11243] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1093.899590][T11243] NILFS (loop4): discard dirty block: blocknr=49, size=1024 [ 1093.917336][T11243] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1093.947658][T11243] NILFS (loop4): discard dirty page: offset=0, ino=5 [ 1093.972576][T11243] NILFS (loop4): discard dirty block: blocknr=41, size=1024 [ 1093.990847][T11243] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1094.009432][T11243] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1094.023377][T11243] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1094.054820][ T7031] NILFS (loop4): disposed unprocessed dirty file(s) when stopping log writer [ 1094.280191][ T7031] NILFS (loop4): discard dirty page: offset=0, ino=6 [ 1094.436985][ T7031] NILFS (loop4): discard dirty block: blocknr=35, size=1024 [ 1094.458023][ T7031] NILFS (loop4): discard dirty block: blocknr=36, size=1024 [ 1094.478066][ T7031] NILFS (loop4): discard dirty block: blocknr=37, size=1024 [ 1094.491410][ T7031] NILFS (loop4): discard dirty block: blocknr=38, size=1024 [ 1094.607784][ T7031] NILFS (loop4): discard dirty page: offset=0, ino=4 [ 1094.681980][ T7031] NILFS (loop4): discard dirty block: blocknr=40, size=1024 [ 1094.731782][ T7031] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1094.773084][ T7031] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1094.838687][ T7031] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1104.446206][T12007] kvm: kvm [12006]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x300000000 [ 1104.483433][T12007] kvm: kvm [12006]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111 [ 1104.514393][T12007] kvm: kvm [12006]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x300000000 [ 1104.554634][T12007] kvm: kvm [12006]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x700000000 [ 1108.826833][T12037] loop4: detected capacity change from 0 to 32768 [ 1108.844917][T12037] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.1467 (12037) [ 1108.864141][T12037] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1108.874295][T12037] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 1108.882909][T12037] BTRFS info (device loop4): using free space tree [ 1109.126468][T12038] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1459'. [ 1109.256888][T12037] BTRFS info (device loop4): enabling ssd optimizations [ 1109.263932][T12037] BTRFS info (device loop4): auto enabling async discard [ 1115.964097][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.429171][ T7031] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1120.575084][T12098] loop3: detected capacity change from 0 to 2048 [ 1120.796428][T12099] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1125.986010][T12126] loop3: detected capacity change from 0 to 128 [ 1130.013141][T12148] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1484'. [ 1131.533082][T12157] overlayfs: failed to clone lowerpath [ 1133.567825][T12169] loop3: detected capacity change from 0 to 2048 [ 1135.427213][T12176] kAFS: Can only specify source 'none' with -o dyn [ 1137.325946][T12190] tipc: Enabling of bearer rejected, already enabled [ 1140.126514][T12201] loop1: detected capacity change from 0 to 64 [ 1140.195014][T12170] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1143.868382][T12216] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1501'. [ 1145.645734][ T170] batman_adv: batadv1: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1 [ 1151.339141][T12249] 9pnet_fd: Insufficient options for proto=fd [ 1157.716599][T12311] loop3: detected capacity change from 0 to 128 [ 1158.802647][T12311] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1158.899991][T12311] ext4 filesystem being mounted at /388/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1159.387796][T12322] netlink: zone id is out of range [ 1159.392991][T12322] netlink: zone id is out of range [ 1159.398656][T12322] netlink: zone id is out of range [ 1159.404015][T12322] netlink: zone id is out of range [ 1159.409162][T12322] netlink: zone id is out of range [ 1159.414311][T12322] netlink: zone id is out of range [ 1159.419427][T12322] netlink: zone id is out of range [ 1159.424604][T12322] netlink: zone id is out of range [ 1159.429725][T12322] netlink: zone id is out of range [ 1159.434888][T12322] netlink: zone id is out of range [ 1161.216401][ T5767] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1162.645332][ T27] audit: type=1326 audit(1769190998.130:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12331 comm="syz.3.1524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14dad9acb9 code=0x7ffc0000 [ 1162.742980][ T27] audit: type=1326 audit(1769190998.150:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12331 comm="syz.3.1524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f14dad9acb9 code=0x7ffc0000 [ 1162.828228][ T27] audit: type=1326 audit(1769190998.160:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12331 comm="syz.3.1524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f14dad9aa22 code=0x7ffc0000 [ 1162.908764][ T27] audit: type=1326 audit(1769190998.160:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12331 comm="syz.3.1524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f14dad9aa22 code=0x7ffc0000 [ 1162.909412][T12332] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 1162.987809][ T27] audit: type=1326 audit(1769190998.160:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12331 comm="syz.3.1524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14dad9acb9 code=0x7ffc0000 [ 1163.102441][ T27] audit: type=1326 audit(1769190998.160:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12331 comm="syz.3.1524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14dad9acb9 code=0x7ffc0000 [ 1163.109092][T12335] loop3: detected capacity change from 0 to 512 [ 1163.238476][ T27] audit: type=1326 audit(1769190998.200:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12331 comm="syz.3.1524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f14dad9acb9 code=0x7ffc0000 [ 1163.688153][T12335] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1163.745141][ T27] audit: type=1326 audit(1769190998.200:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12331 comm="syz.3.1524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14dad9acb9 code=0x7ffc0000 [ 1164.338104][ T27] audit: type=1326 audit(1769190998.200:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12331 comm="syz.3.1524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14dad9acb9 code=0x7ffc0000 [ 1164.562404][ T27] audit: type=1326 audit(1769190998.200:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12331 comm="syz.3.1524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f14dad9acb9 code=0x7ffc0000 [ 1164.621593][T12335] EXT4-fs (loop3): 1 truncate cleaned up [ 1164.628830][T12335] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1164.708035][T12339] overlayfs: missing 'lowerdir' [ 1165.442659][T12339] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 1167.433952][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1171.643709][T12392] syz.4.1533 (12392) used greatest stack depth: 17264 bytes left [ 1177.990547][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1178.001901][T12430] tipc: Enabling of bearer rejected, already enabled [ 1179.440583][T12439] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1545'. [ 1181.977928][T12453] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1550'. [ 1182.045083][T12453] IPVS: Error joining to the multicast group [ 1184.789098][T12464] netlink: 'syz.2.1549': attribute type 1 has an invalid length. [ 1184.869946][T12466] loop3: detected capacity change from 0 to 1024 [ 1184.895225][T12466] EXT4-fs: Ignoring removed orlov option [ 1184.991946][T12467] bond3: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 1185.044993][T12464] veth3: entered promiscuous mode [ 1185.060386][T12466] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1185.060993][T12464] bond3: (slave veth3): Enslaving as a backup interface with a down link [ 1185.131471][T12464] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1549'. [ 1185.144089][ T42] net_ratelimit: 77 callbacks suppressed [ 1185.144101][ T42] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 1185.164551][T12464] 8021q: adding VLAN 0 to HW filter on device bond3 [ 1186.524663][ T12] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 1189.028701][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1197.784056][T12539] tipc: Enabling of bearer rejected, already enabled [ 1199.839798][T12554] tipc: Enabling of bearer rejected, already enabled [ 1204.661768][T12599] fuse: Bad value for 'fd' [ 1204.717275][T12599] tipc: Enabling of bearer rejected, already enabled [ 1215.249991][T12670] loop1: detected capacity change from 0 to 1764 [ 1223.594485][T12714] loop4: detected capacity change from 0 to 1024 [ 1223.614415][T12714] EXT4-fs: Ignoring removed orlov option [ 1223.695072][T12714] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1224.572102][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1225.467108][T12736] Falling back ldisc for ttyS3. [ 1230.812315][T12771] mac80211_hwsim hwsim11 syzkaller0: left promiscuous mode [ 1230.823436][T12771] mac80211_hwsim hwsim11 syzkaller0: left allmulticast mode [ 1232.047063][T12783] loop4: detected capacity change from 0 to 128 [ 1232.057062][T12783] EXT4-fs: Ignoring removed nobh option [ 1232.769243][T12783] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1232.782793][T12783] ext4 filesystem being mounted at /327/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1233.021740][ T7031] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1235.092767][T12797] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1623'. [ 1235.101861][T12797] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1623'. [ 1238.914717][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1243.386055][T12836] loop3: detected capacity change from 0 to 1764 [ 1244.408638][T12849] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1627'. [ 1248.771654][T12883] Falling back ldisc for ttyS3. [ 1251.136129][T12889] loop1: detected capacity change from 0 to 2048 [ 1251.175017][T12893] fuse: Bad value for 'fd' [ 1251.184596][T12893] tipc: Enabling of bearer rejected, already enabled [ 1251.220295][T12889] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1263.206207][T12991] Bluetooth: MGMT ver 1.22 [ 1266.865689][T13019] loop1: detected capacity change from 0 to 512 [ 1266.894358][T13019] EXT4-fs: Ignoring removed orlov option [ 1266.901142][T13019] EXT4-fs (loop1): DAX unsupported by block device. [ 1267.697163][T12490] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1268.508756][T13031] mac80211_hwsim hwsim11 syzkaller0: entered promiscuous mode [ 1268.516389][T13031] mac80211_hwsim hwsim11 syzkaller0: entered allmulticast mode [ 1268.882073][T13041] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1677'. [ 1269.724164][T13044] syz.1.1676: attempt to access beyond end of device [ 1269.724164][T13044] nbd1: rw=4096, sector=128, nr_sectors = 8 limit=0 [ 1269.742089][T13044] gfs2: error 10 reading superblock [ 1272.739486][ T9105] Bluetooth: hci4: unexpected event for opcode 0x200c [ 1273.642321][ T27] kauditd_printk_skb: 29 callbacks suppressed [ 1273.642335][ T27] audit: type=1804 audit(1769191109.120:91): pid=13081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1689" name="/newroot/426/file1" dev="fuse" ino=1 res=1 errno=0 [ 1281.481762][T13136] loop1: detected capacity change from 0 to 256 [ 1281.560424][T13136] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 1281.916368][T13141] xt_hashlimit: overflow, try lower: 18446744073709551615/255 [ 1284.338939][T13148] loop4: detected capacity change from 0 to 1764 [ 1285.311387][T13163] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1705'. [ 1285.891383][T13162] tipc: Enabled bearer , priority 0 [ 1285.903810][T13162] syzkaller0: entered promiscuous mode [ 1285.909298][T13162] syzkaller0: entered allmulticast mode [ 1285.991420][T13162] tipc: Resetting bearer [ 1286.256629][T13158] tipc: Resetting bearer [ 1287.777301][T13158] tipc: Disabling bearer [ 1290.066545][T13183] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1712'. [ 1294.547271][T13208] loop4: detected capacity change from 0 to 1764 [ 1296.472474][T13214] loop1: detected capacity change from 0 to 2048 [ 1296.485578][T13214] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 1296.496556][T13214] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 1296.504297][T13214] UDF-fs: Scanning with blocksize 512 failed [ 1296.602106][T13214] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1296.635229][ T27] audit: type=1800 audit(1769191132.110:92): pid=13214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1721" name="file1" dev="loop1" ino=838 res=0 errno=0 [ 1300.306758][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1302.547865][T13257] loop1: detected capacity change from 0 to 256 [ 1302.626036][T13257] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1303.473448][T13265] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1731'. [ 1305.651536][T13271] loop3: detected capacity change from 0 to 8192 [ 1306.199786][T13271] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1306.233126][T13271] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 1306.253847][T13271] REISERFS (device loop3): using ordered data mode [ 1306.260388][T13271] reiserfs: using flush barriers [ 1306.333387][T13271] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1306.407675][T13271] REISERFS (device loop3): checking transaction log (loop3) [ 1306.470949][T13271] REISERFS (device loop3): Using r5 hash to sort names [ 1306.511959][T13271] REISERFS (device loop3): using 3.5.x disk format [ 1306.551610][T13271] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 1311.223662][T13315] fuse: Bad value for 'fd' [ 1313.325286][T13313] tipc: Resetting bearer [ 1315.336818][ T9105] Bluetooth: hci1: unexpected event for opcode 0x200f [ 1315.817587][T13350] loop3: detected capacity change from 0 to 1764 [ 1315.865285][T13351] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1755'. [ 1318.261662][T13360] Invalid ELF header magic: != ELF [ 1319.613969][T13384] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1761'. [ 1320.300140][T13393] netlink: 'syz.4.1764': attribute type 3 has an invalid length. [ 1320.315781][T13393] netlink: 'syz.4.1764': attribute type 10 has an invalid length. [ 1320.325940][T13393] tipc: Resetting bearer [ 1320.344699][T13393] tipc: Resetting bearer [ 1320.389390][T13393] tipc: Resetting bearer [ 1320.409139][T13393] 8021q: adding VLAN 0 to HW filter on device team0 [ 1320.513281][T13393] bond0: (slave team0): Enslaving as an active interface with an up link [ 1320.561378][T13397] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1765'. [ 1323.367185][T13430] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1771'. [ 1328.388469][ T27] audit: type=1804 audit(1769191163.870:93): pid=13463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1782" name="/newroot/445/file1" dev="fuse" ino=1 res=1 errno=0 [ 1328.974379][T13469] loop3: detected capacity change from 0 to 2048 [ 1329.160869][T13469] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1340.165368][T13526] loop1: detected capacity change from 0 to 256 [ 1340.215492][T13526] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39591766, utbl_chksum : 0xe619d30d) [ 1340.675923][T13529] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1800'. [ 1346.384891][T13561] netlink: 'syz.3.1808': attribute type 10 has an invalid length. [ 1349.361836][T13586] x_tables: ip_tables: RATEEST.0 target: invalid size 32 (kernel) != (user) 0 [ 1349.630763][T13586] loop1: detected capacity change from 0 to 32768 [ 1350.235355][T13586] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.1809 (13586) [ 1350.275362][T13586] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1350.285622][T13586] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 1350.294383][T13586] BTRFS info (device loop1): setting nodatacow, compression disabled [ 1350.302509][T13586] BTRFS info (device loop1): force clearing of disk cache [ 1350.309761][T13586] BTRFS info (device loop1): enabling ssd optimizations [ 1350.316773][T13586] BTRFS info (device loop1): using spread ssd allocation scheme [ 1350.324680][T13586] BTRFS info (device loop1): turning off barriers [ 1350.331141][T13586] BTRFS info (device loop1): disabling free space tree [ 1350.338189][T13586] BTRFS info (device loop1): not using ssd optimizations [ 1350.345308][T13586] BTRFS info (device loop1): not using spread ssd allocation scheme [ 1350.536639][T13586] BTRFS info (device loop1): rebuilding free space tree [ 1350.589951][T13586] BTRFS info (device loop1): disabling free space tree [ 1350.598410][T13586] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 1350.608468][T13586] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 1352.787298][ T5764] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1352.896381][T12490] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 12 /dev/loop1 scanned by udevd (12490) [ 1353.645464][T13635] binder_alloc: 13630: binder_alloc_buf, no vma [ 1355.426211][T13640] loop4: detected capacity change from 0 to 128 [ 1355.586890][ T27] audit: type=1800 audit(1769191191.070:94): pid=13640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1825" name="bus" dev="loop4" ino=1048725 res=0 errno=0 [ 1355.755236][T13643] syz.4.1825: attempt to access beyond end of device [ 1355.755236][T13643] loop4: rw=2049, sector=138, nr_sectors = 76 limit=128 [ 1357.152440][T13655] fuse: Bad value for 'fd' [ 1357.224687][T13655] tipc: Enabling of bearer rejected, already enabled [ 1361.800337][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1362.522476][T13684] loop1: detected capacity change from 0 to 128 [ 1362.802658][ T27] audit: type=1800 audit(1769191198.280:95): pid=13684 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1839" name="bus" dev="loop1" ino=1048726 res=0 errno=0 [ 1363.079968][T13689] loop4: detected capacity change from 0 to 32768 [ 1363.087149][T13689] (syz.4.1840,13689,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 1363.096943][T13689] (syz.4.1840,13689,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 1363.377866][T13690] syz.1.1839: attempt to access beyond end of device [ 1363.377866][T13690] loop1: rw=2049, sector=138, nr_sectors = 76 limit=128 [ 1363.663425][T12490] I/O error, dev loop4, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1364.623711][T13694] mac80211_hwsim hwsim11 syzkaller0: left promiscuous mode [ 1364.635805][T13694] mac80211_hwsim hwsim11 syzkaller0: left allmulticast mode [ 1365.709040][T13699] overlayfs: failed to clone upperpath [ 1368.736215][T13718] hub 1-0:1.0: USB hub found [ 1368.743711][T13718] hub 1-0:1.0: 1 port detected [ 1370.279619][T13722] loop3: detected capacity change from 0 to 1024 [ 1370.312828][T13722] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1370.473921][T13721] overlayfs: failed to clone upperpath [ 1377.929079][T13765] loop1: detected capacity change from 0 to 1024 [ 1378.561348][T13765] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1379.618309][T13772] overlayfs: failed to clone upperpath [ 1380.363867][T13768] Bluetooth: hci1: command 0x0406 tx timeout [ 1392.512352][T13853] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 1393.623435][T13856] netlink: 'syz.2.1883': attribute type 10 has an invalid length. [ 1393.729761][T13856] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 1401.238721][T13910] loop3: detected capacity change from 0 to 32768 [ 1401.246096][T13910] (syz.3.1895,13910,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 1401.255775][T13910] (syz.3.1895,13910,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 1401.321021][T13912] loop4: detected capacity change from 0 to 128 [ 1401.376124][T13912] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1401.503767][T12490] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1401.514318][T13912] ext4 filesystem being mounted at /387/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1402.124536][T13912] CUSE: unknown device info "" [ 1402.273034][T13912] CUSE: unknown device info "" [ 1402.309196][T13912] CUSE: unknown device info "" [ 1402.325901][T13912] CUSE: unknown device info "" [ 1402.370454][T13912] CUSE: zero length info key specified [ 1404.382966][ T7031] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1404.906541][T13958] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1908'. [ 1406.546250][T13970] netlink: 'syz.4.1911': attribute type 10 has an invalid length. [ 1420.810112][T14071] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1935'. [ 1420.847539][T14074] netlink: 'syz.3.1937': attribute type 10 has an invalid length. [ 1423.554631][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1426.557207][T14098] loop3: detected capacity change from 0 to 2048 [ 1426.583964][T14098] NILFS (loop3): unrecognized mount option "memory.events.local" [ 1426.630767][T12490] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1426.731127][T14098] netlink: 'syz.3.1943': attribute type 10 has an invalid length. [ 1427.527853][T14103] syz_tun: entered promiscuous mode [ 1427.981403][T14099] syz_tun: left promiscuous mode [ 1430.534085][T14124] netlink: 'syz.4.1949': attribute type 1 has an invalid length. [ 1430.542639][T14124] netlink: 'syz.4.1949': attribute type 2 has an invalid length. [ 1433.156983][T14132] netlink: 'syz.2.1950': attribute type 10 has an invalid length. [ 1434.428101][T14144] random: crng reseeded on system resumption [ 1434.518290][T14145] autofs4:pid:14145:autofs_fill_super: called with bogus options [ 1445.023348][ T27] audit: type=1326 audit(1769191280.500:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14183 comm="syz.2.1960" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2da6f9acb9 code=0x0 [ 1446.878100][T14194] netlink: 'syz.1.1963': attribute type 10 has an invalid length. [ 1447.768438][T14194] hsr0: entered promiscuous mode [ 1447.810071][T14194] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 1447.832022][T14194] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 1447.844597][T14194] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 1447.862334][T14194] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 1455.323725][T14224] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1969'. [ 1459.810320][T14250] mac80211_hwsim hwsim11 syzkaller0: entered promiscuous mode [ 1459.818210][T14250] mac80211_hwsim hwsim11 syzkaller0: entered allmulticast mode [ 1460.016399][T14253] netlink: 140 bytes leftover after parsing attributes in process `syz.1.1975'. [ 1460.027656][T14253] netlink: 'syz.1.1975': attribute type 5 has an invalid length. [ 1460.045652][T14253] netlink: 'syz.1.1975': attribute type 10 has an invalid length. [ 1460.076158][T14253] tipc: Resetting bearer [ 1460.251235][T14253] tipc: Resetting bearer [ 1460.460693][T14253] 8021q: adding VLAN 0 to HW filter on device team0 [ 1460.675410][T14253] bond0: (slave team0): Enslaving as an active interface with an up link [ 1462.964727][T14267] sctp: [Deprecated]: syz.1.1983 (pid 14267) Use of int in maxseg socket option. [ 1462.964727][T14267] Use struct sctp_assoc_value instead [ 1463.266627][T14267] loop1: detected capacity change from 0 to 256 [ 1469.142347][T14294] lo: entered allmulticast mode [ 1469.181715][T14294] dvmrp8: entered allmulticast mode [ 1469.302756][T14291] lo: left allmulticast mode [ 1469.895917][T14307] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1474.314582][T14326] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 1474.340788][T14326] CIFS mount error: No usable UNC path provided in device string! [ 1474.340788][T14326] [ 1474.351222][T14326] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1484.599495][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1485.321804][T14380] dvmrp8: entered allmulticast mode [ 1486.406518][T14391] CIFS mount error: No usable UNC path provided in device string! [ 1486.406518][T14391] [ 1486.416830][T14391] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1494.197250][T14422] Bluetooth: hci0: invalid length 0, exp 2 for type 17 [ 1494.199728][T14418] loop3: detected capacity change from 0 to 40427 [ 1495.441041][T14418] F2FS-fs (loop3): invalid crc value [ 1495.463581][T14418] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1495.524308][T14418] F2FS-fs (loop3): Start checkpoint disabled! [ 1495.566661][T14418] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 1495.730659][ T27] audit: type=1800 audit(1769191331.200:97): pid=14418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2015" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 1495.996280][T14429] syz.3.2015: attempt to access beyond end of device [ 1495.996280][T14429] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 1496.019719][T14429] syz.3.2015: attempt to access beyond end of device [ 1496.019719][T14429] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1496.036827][T14429] syz.3.2015: attempt to access beyond end of device [ 1496.036827][T14429] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1496.052368][T14429] syz.3.2015: attempt to access beyond end of device [ 1496.052368][T14429] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1496.068987][T14429] syz.3.2015: attempt to access beyond end of device [ 1496.068987][T14429] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1496.088267][ T27] audit: type=1800 audit(1769191331.310:98): pid=14429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2015" name="bus" dev="loop3" ino=10 res=0 errno=0 [ 1496.117163][T14429] syz.3.2015: attempt to access beyond end of device [ 1496.117163][T14429] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 1496.133768][T14429] syz.3.2015: attempt to access beyond end of device [ 1496.133768][T14429] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1496.152463][T14429] syz.3.2015: attempt to access beyond end of device [ 1496.152463][T14429] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 1496.169783][T14429] syz.3.2015: attempt to access beyond end of device [ 1496.169783][T14429] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 1496.185344][T14429] syz.3.2015: attempt to access beyond end of device [ 1496.185344][T14429] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 1497.374976][T14434] netlink: 140 bytes leftover after parsing attributes in process `syz.2.2023'. [ 1497.405092][T14434] netlink: 'syz.2.2023': attribute type 5 has an invalid length. [ 1497.448715][ T42] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 1497.480289][ T42] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 1497.514290][T14434] netlink: 'syz.2.2023': attribute type 10 has an invalid length. [ 1497.522648][T14434] tipc: Resetting bearer [ 1497.634458][T14434] tipc: Resetting bearer [ 1498.345509][T14434] 8021q: adding VLAN 0 to HW filter on device team0 [ 1498.380069][T14434] bond0: (slave team0): Enslaving as an active interface with an up link [ 1503.122201][T14456] loop3: detected capacity change from 0 to 4096 [ 1503.185195][T14456] ntfs3: loop3: Failed to load $MFTMirr (-2). [ 1507.638717][T14478] loop4: detected capacity change from 0 to 2048 [ 1508.353859][T14478] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1510.516004][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1513.101324][T14506] loop3: detected capacity change from 0 to 1024 [ 1513.135331][T14506] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1513.275289][T14506] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1514.730224][T14516] loop4: detected capacity change from 0 to 40427 [ 1514.791495][T14516] F2FS-fs (loop4): invalid crc value [ 1514.831905][T14516] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1514.867085][T14516] F2FS-fs (loop4): Start checkpoint disabled! [ 1514.893483][T14516] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 1514.985460][ T27] audit: type=1800 audit(1769191350.470:99): pid=14516 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2042" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 1515.124870][T14522] bio_check_eod: 182 callbacks suppressed [ 1515.124939][T14522] syz.4.2042: attempt to access beyond end of device [ 1515.124939][T14522] loop4: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 1515.151712][T14522] syz.4.2042: attempt to access beyond end of device [ 1515.151712][T14522] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1515.167287][T14522] syz.4.2042: attempt to access beyond end of device [ 1515.167287][T14522] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1515.185708][T14522] syz.4.2042: attempt to access beyond end of device [ 1515.185708][T14522] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1515.201616][T14522] syz.4.2042: attempt to access beyond end of device [ 1515.201616][T14522] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1515.217662][T14522] syz.4.2042: attempt to access beyond end of device [ 1515.217662][T14522] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 1515.231931][T14522] syz.4.2042: attempt to access beyond end of device [ 1515.231931][T14522] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1515.247922][T14522] syz.4.2042: attempt to access beyond end of device [ 1515.247922][T14522] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 1515.263490][T14522] syz.4.2042: attempt to access beyond end of device [ 1515.263490][T14522] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 1515.279086][T14522] syz.4.2042: attempt to access beyond end of device [ 1515.279086][T14522] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 1515.547185][ T27] audit: type=1800 audit(1769191350.550:100): pid=14522 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2042" name="bus" dev="loop4" ino=10 res=0 errno=0 [ 1516.497884][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1516.706981][ T2959] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 1516.805376][ T2959] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 1521.659224][T14563] vivid-001: disconnect [ 1521.864674][T14558] vivid-001: reconnect [ 1523.401506][ T27] audit: type=1800 audit(1769191358.880:101): pid=14577 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2054" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 1527.401049][T14599] vivid-003: disconnect [ 1528.240335][T14596] vivid-003: reconnect [ 1528.797267][T14605] loop4: detected capacity change from 0 to 16 [ 1528.831496][T14605] erofs: (device loop4): mounted with root inode @ nid 36. [ 1528.874766][T14605] bio_check_eod: 9 callbacks suppressed [ 1528.874822][T14605] syz.4.2064: attempt to access beyond end of device [ 1528.874822][T14605] loop4: rw=524288, sector=8, nr_sectors = 24 limit=16 [ 1528.943779][T14605] syz.4.2064: attempt to access beyond end of device [ 1528.943779][T14605] loop4: rw=524288, sector=16, nr_sectors = 40 limit=16 [ 1528.963570][T14605] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 1529.054462][ T27] audit: type=1800 audit(1769191364.460:102): pid=14605 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2064" name="file3" dev="loop4" ino=89 res=0 errno=0 [ 1530.607485][T14614] vivid-007: disconnect [ 1530.763475][T14607] vivid-007: reconnect [ 1533.545189][T14628] mac80211_hwsim hwsim11 syzkaller0: left promiscuous mode [ 1533.571957][T14628] mac80211_hwsim hwsim11 syzkaller0: left allmulticast mode [ 1538.291611][T14656] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2075'. [ 1538.301169][T14656] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2075'. [ 1539.474350][T14662] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1540.130335][T14664] syzkaller0: entered promiscuous mode [ 1540.170483][T14664] syzkaller0: entered allmulticast mode [ 1543.727763][T14672] UBIFS error (pid: 14672): cannot open "./file0", error -22 [ 1546.039621][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1549.153386][ T7539] IPVS: starting estimator thread 0... [ 1549.243228][T14715] IPVS: using max 22 ests per chain, 52800 per kthread [ 1554.370403][T14749] loop3: detected capacity change from 0 to 2048 [ 1554.440264][T14749] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1554.668615][ T27] audit: type=1800 audit(1769191390.150:103): pid=14749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2100" name="bus" dev="loop3" ino=1436 res=0 errno=0 [ 1559.366900][T14773] UBIFS error (pid: 14773): cannot open "./file0", error -22 [ 1560.166600][T13768] Bluetooth: hci1: unexpected event for opcode 0x0c03 [ 1560.242504][T14793] loop3: detected capacity change from 0 to 128 [ 1560.317921][T14793] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 1561.549868][T14804] loop1: detected capacity change from 0 to 8 [ 1561.584069][T14804] squashfs: Unknown parameter '00000000000000000000kO2ȹRiWl\Vwyw' [ 1564.637193][T14827] fuse: Bad value for 'fd' [ 1566.882265][T14842] ALSA: mixer_oss: invalid OSS volume '' [ 1568.745002][T14849] netlink: 856 bytes leftover after parsing attributes in process `syz.1.2127'. [ 1574.223329][T14872] mac80211_hwsim hwsim11 syzkaller0: entered promiscuous mode [ 1574.232232][T14872] mac80211_hwsim hwsim11 syzkaller0: entered allmulticast mode [ 1574.344528][T14875] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2135'. [ 1576.732174][T14896] loop4: detected capacity change from 0 to 32768 [ 1576.763399][T14891] tipc: Enabled bearer , priority 10 [ 1576.784150][T14896] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.2141 (14896) [ 1576.803365][T14896] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1576.813142][T14891] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2140'. [ 1576.813652][T14896] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 1576.831326][T14896] BTRFS info (device loop4): using free space tree [ 1576.929781][T14891] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 1576.947401][T14896] BTRFS info (device loop4): enabling ssd optimizations [ 1576.954581][T14896] BTRFS info (device loop4): auto enabling async discard [ 1576.956346][T14891] tipc: Enabled bearer , priority 10 [ 1577.635842][ T27] audit: type=1800 audit(1769191412.850:104): pid=14917 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2141" name="file2" dev="loop4" ino=261 res=0 errno=0 [ 1579.590267][ T7031] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1581.480387][T14938] loop4: detected capacity change from 0 to 32768 [ 1582.273418][T14938] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz.4.2146 (14938) [ 1582.299229][T14938] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1582.310234][T14938] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 1582.319853][T14938] BTRFS info (device loop4): force zlib compression, level 3 [ 1582.327325][T14938] BTRFS info (device loop4): force clearing of disk cache [ 1582.334562][T14938] BTRFS info (device loop4): setting nodatasum [ 1582.340732][T14938] BTRFS info (device loop4): use zlib compression, level 3 [ 1582.348040][T14938] BTRFS info (device loop4): enabling disk space caching [ 1582.355309][T14938] BTRFS info (device loop4): disk space caching is enabled [ 1582.433368][T14938] BTRFS info (device loop4): enabling ssd optimizations [ 1582.440384][T14938] BTRFS info (device loop4): auto enabling async discard [ 1582.462919][T14938] BTRFS info (device loop4): rebuilding free space tree [ 1582.527538][T14938] BTRFS info (device loop4): disabling free space tree [ 1582.534885][T14938] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 1582.544637][T14938] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 1583.837304][ T7031] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1584.822110][T14971] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2147'. [ 1587.357212][T14993] syzkaller0: entered promiscuous mode [ 1587.362746][T14993] syzkaller0: entered allmulticast mode [ 1588.989137][T14996] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2155'. [ 1589.083711][T14996] batadv0: entered promiscuous mode [ 1589.133864][T14996] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1589.991693][T14996] batadv0: left promiscuous mode [ 1592.499717][T15012] loop1: detected capacity change from 0 to 512 [ 1592.638220][T15012] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 1592.714620][T15012] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 1592.736528][T15012] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 1592.799339][T15012] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 1592.807954][T15012] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000] [ 1592.816344][T15012] EXT4-fs (loop1): failed to initialize system zone (-117) [ 1592.824080][T15012] EXT4-fs (loop1): mount failed [ 1593.547678][T15022] io-wq is not configured for unbound workers [ 1593.568037][T15023] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2162'. [ 1595.079645][T15044] loop3: detected capacity change from 0 to 32768 [ 1595.159288][T15044] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1595.249059][T15044] XFS (loop3): Ending clean mount [ 1596.082610][T15044] XFS (loop3): Quotacheck needed: Please wait. [ 1596.168508][T15059] loop1: detected capacity change from 0 to 2048 [ 1596.236708][T15059] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1596.367083][T15044] XFS (loop3): Quotacheck: Done. [ 1596.688305][T15066] overlayfs: failed to resolve './bus': -2 [ 1597.103381][ T27] audit: type=1800 audit(1769191432.570:105): pid=15059 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2170" name="bus" dev="loop1" ino=1436 res=0 errno=0 [ 1598.184422][ T5767] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1598.649598][T15071] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2173'. [ 1602.871097][T15090] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2179'. [ 1605.838565][T15114] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2183'. [ 1607.523337][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1609.089460][T15127] loop1: detected capacity change from 0 to 1024 [ 1611.950878][T15156] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2194'. [ 1619.203496][T15192] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2205'. [ 1626.961918][T15227] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2215'. [ 1633.605782][T15269] loop1: detected capacity change from 0 to 1024 [ 1633.617935][T15269] journal_path: Non-blockdev passed as '' [ 1633.624006][T15269] EXT4-fs: error: could not find journal device path [ 1634.084607][T15271] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2224'. [ 1634.183236][T14975] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1636.880757][T15281] loop3: detected capacity change from 0 to 1024 [ 1647.900983][T15332] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2237'. [ 1656.108052][T15374] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 1659.138277][T15398] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2248'. [ 1663.283982][T15413] loop4: detected capacity change from 0 to 64 [ 1663.546589][T15413] syz.4.2255: attempt to access beyond end of device [ 1663.546589][T15413] loop4: rw=2049, sector=161, nr_sectors = 1 limit=64 [ 1663.561469][T15413] Buffer I/O error on dev loop4, logical block 161, lost async page write [ 1663.572541][T15413] syz.4.2255: attempt to access beyond end of device [ 1663.572541][T15413] loop4: rw=2049, sector=162, nr_sectors = 1 limit=64 [ 1663.586203][T15413] Buffer I/O error on dev loop4, logical block 162, lost async page write [ 1663.595143][T15413] syz.4.2255: attempt to access beyond end of device [ 1663.595143][T15413] loop4: rw=2049, sector=163, nr_sectors = 1 limit=64 [ 1663.608815][T15413] Buffer I/O error on dev loop4, logical block 163, lost async page write [ 1663.618327][T15413] syz.4.2255: attempt to access beyond end of device [ 1663.618327][T15413] loop4: rw=2049, sector=167, nr_sectors = 1 limit=64 [ 1663.632048][T15413] Buffer I/O error on dev loop4, logical block 167, lost async page write [ 1663.641384][T15413] syz.4.2255: attempt to access beyond end of device [ 1663.641384][T15413] loop4: rw=2049, sector=169, nr_sectors = 1 limit=64 [ 1663.655099][T15413] Buffer I/O error on dev loop4, logical block 169, lost async page write [ 1663.943402][T15413] syz.4.2255: attempt to access beyond end of device [ 1663.943402][T15413] loop4: rw=2049, sector=171, nr_sectors = 1 limit=64 [ 1663.957574][T15413] Buffer I/O error on dev loop4, logical block 171, lost async page write [ 1663.966992][T15413] syz.4.2255: attempt to access beyond end of device [ 1663.966992][T15413] loop4: rw=2049, sector=172, nr_sectors = 1 limit=64 [ 1664.044648][T15413] Buffer I/O error on dev loop4, logical block 172, lost async page write [ 1666.209779][T15428] loop3: detected capacity change from 0 to 64 [ 1668.915788][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1674.165569][T15470] overlayfs: failed to clone lowerpath [ 1682.228781][T15513] batadv0: entered promiscuous mode [ 1682.243679][T15513] vlan5: entered promiscuous mode [ 1683.314494][T15523] syzkaller0: entered promiscuous mode [ 1683.320132][T15523] syzkaller0: entered allmulticast mode [ 1683.630298][T15525] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1686.214924][T15543] erofs: (device nbd4): erofs_read_superblock: cannot find valid erofs superblock [ 1688.512139][T15550] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2291'. [ 1688.551133][T15550] netlink: 'syz.3.2291': attribute type 10 has an invalid length. [ 1688.584307][T15549] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1689.011378][T15554] loop4: detected capacity change from 0 to 64 [ 1691.994497][T15569] tipc: Enabled bearer , priority 0 [ 1692.018064][T15569] syzkaller0: entered promiscuous mode [ 1692.857023][T15569] syzkaller0: entered allmulticast mode [ 1694.220596][T15569] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1694.368561][T15569] tipc: Resetting bearer [ 1694.407412][T15568] tipc: Resetting bearer [ 1694.495638][T15568] tipc: Disabling bearer [ 1695.064781][T15586] erofs: (device nbd3): erofs_read_superblock: cannot find valid erofs superblock [ 1695.117525][T15587] Cannot find add_set index 0 as target [ 1698.441115][T15596] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 1698.450956][T15596] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1706.717748][T15631] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2308'. [ 1709.590969][T15650] fuse: Bad value for 'fd' [ 1714.089387][T15691] input: syz1 as /devices/virtual/input/input7 [ 1716.732379][T15705] overlayfs: failed to clone lowerpath [ 1717.581241][T15707] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 1718.541361][T15710] loop4: detected capacity change from 0 to 2048 [ 1718.614737][T15710] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1719.657545][ T27] audit: type=1800 audit(1769191555.140:106): pid=15718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2326" name="bus" dev="loop4" ino=1436 res=0 errno=0 [ 1725.466759][T15737] Process accounting resumed [ 1728.722703][T15754] loop1: detected capacity change from 0 to 32768 [ 1728.784190][T15754] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1728.893586][T15754] XFS (loop1): Ending clean mount [ 1728.910205][T15754] XFS (loop1): Quotacheck needed: Please wait. [ 1729.079333][T15754] XFS (loop1): Quotacheck: Done. [ 1729.428781][T15764] overlayfs: missing 'lowerdir' [ 1731.010931][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1731.044228][ T5764] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1733.296790][T15786] loop3: detected capacity change from 0 to 256 [ 1736.560429][T15808] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2348'. [ 1736.570016][T15808] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1736.578597][T15808] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 1737.381360][T15810] loop4: detected capacity change from 0 to 512 [ 1737.514731][T15810] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1737.567633][T15810] ext4 filesystem being mounted at /499/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1738.345041][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1739.202569][T15819] netlink: 64985 bytes leftover after parsing attributes in process `syz.1.2349'. [ 1739.938707][T15816] loop4: detected capacity change from 0 to 256 [ 1740.049340][T15816] FAT-fs (loop4): Directory bread(block 64) failed [ 1740.903137][T15816] FAT-fs (loop4): Directory bread(block 65) failed [ 1740.909830][T15816] FAT-fs (loop4): Directory bread(block 66) failed [ 1741.012904][T15816] FAT-fs (loop4): Directory bread(block 67) failed [ 1741.053310][T15816] FAT-fs (loop4): Directory bread(block 68) failed [ 1741.059894][T15816] FAT-fs (loop4): Directory bread(block 69) failed [ 1741.093356][T15816] FAT-fs (loop4): Directory bread(block 70) failed [ 1741.103120][T15816] FAT-fs (loop4): Directory bread(block 71) failed [ 1741.109762][T15816] FAT-fs (loop4): Directory bread(block 72) failed [ 1741.123188][T15816] FAT-fs (loop4): Directory bread(block 73) failed [ 1744.249856][T15837] loop1: detected capacity change from 0 to 16 [ 1744.263878][T15837] erofs: (device loop1): mounted with root inode @ nid 36. [ 1745.463617][T15838] erofs: (device loop1): z_erofs_readahead: readahead error at folio 87 @ nid 36 [ 1745.474224][T15838] erofs: (device loop1): z_erofs_readahead: readahead error at folio 86 @ nid 36 [ 1745.643250][T15838] syz.1.2354: attempt to access beyond end of device [ 1745.643250][T15838] loop1: rw=524288, sector=8, nr_sectors = 24 limit=16 [ 1745.670211][T15838] syz.1.2354: attempt to access beyond end of device [ 1745.670211][T15838] loop1: rw=524288, sector=14425508768, nr_sectors = 8 limit=16 [ 1745.926952][T15845] loop3: detected capacity change from 0 to 128 [ 1746.162115][T15852] loop4: detected capacity change from 0 to 512 [ 1747.563197][T15852] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 1748.514112][T15859] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1749.029265][ T7539] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 1750.008845][ T7539] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 1750.038284][ T7539] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 1750.070854][ T7539] usb 4-1: New USB device found, idVendor=2c7c, idProduct=030e, bcdDevice=81.28 [ 1750.091029][ T7539] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1750.102287][ T7539] usb 4-1: Product: syz [ 1750.285772][ T7539] usb 4-1: Manufacturer: syz [ 1750.291036][ T7539] usb 4-1: SerialNumber: syz [ 1750.301010][ T7539] usb 4-1: config 0 descriptor?? [ 1750.308758][T15863] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1750.325157][T15863] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1750.338994][ T7539] option 4-1:0.0: GSM modem (1-port) converter detected [ 1751.091653][ T7539] usb 4-1: GSM modem (1-port) converter now attached to ttyUSB0 [ 1751.173271][ T5754] usb 4-1: USB disconnect, device number 3 [ 1751.276262][ T5754] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0 [ 1751.290800][ T5754] option 4-1:0.0: device disconnected [ 1755.754713][T15904] loop3: detected capacity change from 0 to 128 [ 1755.796128][T15904] qnx6: unable to set blocksize [ 1756.393240][T15694] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1757.389959][T15910] loop3: detected capacity change from 0 to 64 [ 1758.067544][T15913] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2378'. [ 1762.971971][T15935] loop1: detected capacity change from 0 to 16 [ 1762.996820][T15935] erofs: (device loop1): mounted with root inode @ nid 36. [ 1763.005782][T15933] xt_ipcomp: unknown flags 12 [ 1763.027915][T15935] erofs: (device loop1): z_erofs_readahead: readahead error at folio 340 @ nid 36 [ 1763.039987][T15935] syz.1.2382: attempt to access beyond end of device [ 1763.039987][T15935] loop1: rw=524288, sector=22873858832, nr_sectors = 16 limit=16 [ 1763.054831][T15935] syz.1.2382: attempt to access beyond end of device [ 1763.054831][T15935] loop1: rw=524288, sector=22873858840, nr_sectors = 16 limit=16 [ 1763.069626][T15935] syz.1.2382: attempt to access beyond end of device [ 1763.069626][T15935] loop1: rw=524288, sector=14519143264, nr_sectors = 16 limit=16 [ 1763.084658][T15935] syz.1.2382: attempt to access beyond end of device [ 1763.084658][T15935] loop1: rw=524288, sector=14519143272, nr_sectors = 16 limit=16 [ 1763.099320][T15935] syz.1.2382: attempt to access beyond end of device [ 1763.099320][T15935] loop1: rw=524288, sector=63675288, nr_sectors = 16 limit=16 [ 1763.113976][T15935] syz.1.2382: attempt to access beyond end of device [ 1763.113976][T15935] loop1: rw=524288, sector=63675296, nr_sectors = 16 limit=16 [ 1763.128765][T15935] syz.1.2382: attempt to access beyond end of device [ 1763.128765][T15935] loop1: rw=524288, sector=16240345096, nr_sectors = 16 limit=16 [ 1763.143374][T15935] syz.1.2382: attempt to access beyond end of device [ 1763.143374][T15935] loop1: rw=524288, sector=16240345104, nr_sectors = 16 limit=16 [ 1763.158545][T15935] syz.1.2382: attempt to access beyond end of device [ 1763.158545][T15935] loop1: rw=524288, sector=16438238104, nr_sectors = 16 limit=16 [ 1763.175507][T15935] syz.1.2382: attempt to access beyond end of device [ 1763.175507][T15935] loop1: rw=524288, sector=16438238112, nr_sectors = 16 limit=16 [ 1766.256874][T15956] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2388'. [ 1771.499979][T15996] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2395'. [ 1771.510916][T15996] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2395'. [ 1780.619953][T16046] tipc: Resetting bearer [ 1780.620155][T16046] tipc: Resetting bearer [ 1784.806434][T16067] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.2409' sets config #1 [ 1785.469893][T16070] loop4: detected capacity change from 0 to 512 [ 1785.639285][T16073] hub 1-0:1.0: USB hub found [ 1785.653362][T16073] hub 1-0:1.0: 1 port detected [ 1786.341886][T16070] EXT4-fs (loop4): Test dummy encryption mode enabled [ 1786.419235][T16070] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 1787.548280][T16070] EXT4-fs error (device loop4): ext4_orphan_get:1424: comm syz.4.2414: bad orphan inode 131083 [ 1787.582380][T16070] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1789.336083][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1790.712379][T16095] loop4: detected capacity change from 0 to 512 [ 1790.911695][T16095] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000101) [ 1792.147170][T16105] hub 2-0:1.0: USB hub found [ 1792.154415][T16105] hub 2-0:1.0: 1 port detected [ 1792.951965][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1795.895631][T16122] loop3: detected capacity change from 0 to 16 [ 1795.932038][T16122] erofs: (device loop3): mounted with root inode @ nid 36. [ 1797.463133][T16123] erofs: (device loop3): z_erofs_readahead: readahead error at folio 87 @ nid 36 [ 1797.474787][T16123] erofs: (device loop3): z_erofs_readahead: readahead error at folio 86 @ nid 36 [ 1797.490043][T16123] bio_check_eod: 20 callbacks suppressed [ 1797.490071][T16123] syz.3.2426: attempt to access beyond end of device [ 1797.490071][T16123] loop3: rw=524288, sector=8, nr_sectors = 24 limit=16 [ 1797.613469][T16123] syz.3.2426: attempt to access beyond end of device [ 1797.613469][T16123] loop3: rw=524288, sector=14425508768, nr_sectors = 8 limit=16 [ 1799.192684][T16138] 9pnet_fd: Insufficient options for proto=fd [ 1803.901584][T16161] loop4: detected capacity change from 0 to 32768 [ 1803.935074][T16161] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.2433 (16161) [ 1803.983976][T16161] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1803.994406][T16161] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 1804.003818][T16161] BTRFS info (device loop4): using free space tree [ 1805.112107][T16161] BTRFS info (device loop4): enabling ssd optimizations [ 1805.119351][T16161] BTRFS info (device loop4): auto enabling async discard [ 1805.609246][ T27] audit: type=1800 audit(1769191641.030:107): pid=16191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2433" name="file2" dev="loop4" ino=261 res=0 errno=0 [ 1806.193936][T16194] loop1: detected capacity change from 0 to 2048 [ 1806.314441][ T7031] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1807.067076][T16199] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1810.411927][T16230] __vm_enough_memory: pid: 16230, comm: syz.3.2445, not enough memory for the allocation [ 1814.105645][T16255] tipc: Resetting bearer [ 1814.112477][T16255] tipc: Resetting bearer [ 1815.336318][T16264] loop1: detected capacity change from 0 to 64 [ 1821.514831][T16296] (null): rxe_set_mtu: Set mtu to 1024 [ 1822.051665][T16296] infiniband : set active [ 1822.056472][T16296] infiniband : added veth0_vlan [ 1822.197815][T16296] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR [ 1822.202964][T16296] infiniband : Couldn't open port 1 [ 1822.246731][T16296] RDS/IB: : added [ 1822.251077][T16296] smc: adding ib device  with port count 1 [ 1822.257283][T16296] smc: ib device  port 1 has pnetid [ 1822.836169][T16299] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode [ 1824.477858][ T27] audit: type=1326 audit(1769191659.960:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16319 comm="syz.4.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd757d9acb9 code=0x7ffc0000 [ 1824.563238][ T27] audit: type=1326 audit(1769191659.990:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16319 comm="syz.4.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd757d9acb9 code=0x7ffc0000 [ 1824.693379][ T27] audit: type=1326 audit(1769191659.990:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16319 comm="syz.4.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fd757d9acb9 code=0x7ffc0000 [ 1824.833952][ T27] audit: type=1326 audit(1769191659.990:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16319 comm="syz.4.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd757d9acb9 code=0x7ffc0000 [ 1824.867713][ T27] audit: type=1326 audit(1769191659.990:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16319 comm="syz.4.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd757d9acb9 code=0x7ffc0000 [ 1824.941513][ T27] audit: type=1326 audit(1769191659.990:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16319 comm="syz.4.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7fd757d9acb9 code=0x7ffc0000 [ 1825.063208][ T27] audit: type=1326 audit(1769191659.990:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16319 comm="syz.4.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd757d9acb9 code=0x7ffc0000 [ 1825.085877][ T27] audit: type=1326 audit(1769191659.990:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16319 comm="syz.4.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd757d9acb9 code=0x7ffc0000 [ 1825.108519][ T27] audit: type=1326 audit(1769191659.990:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16319 comm="syz.4.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd757d9acb9 code=0x7ffc0000 [ 1825.153073][ T27] audit: type=1326 audit(1769191660.000:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16319 comm="syz.4.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd757d9acb9 code=0x7ffc0000 [ 1831.128436][T16363] ptrace attach of "./syz-executor exec"[7031] was attempted by ""[16363] [ 1834.697755][T16395] loop4: detected capacity change from 0 to 2048 [ 1834.714676][T16395] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 1834.727325][T16395] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 1834.735138][T16395] UDF-fs: Scanning with blocksize 512 failed [ 1834.842798][T16395] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1834.927056][ T27] kauditd_printk_skb: 27 callbacks suppressed [ 1834.927104][ T27] audit: type=1800 audit(1769191670.370:145): pid=16395 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2484" name="file1" dev="loop4" ino=838 res=0 errno=0 [ 1836.995712][T16408] hub 1-0:1.0: USB hub found [ 1837.001104][T16408] hub 1-0:1.0: 1 port detected [ 1840.704162][T16428] tipc: Resetting bearer [ 1840.740441][T16428] infiniband : set active [ 1854.136921][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1869.874314][T16552] loop3: detected capacity change from 0 to 2048 [ 1870.050926][T16561] netlink: 'syz.3.2526': attribute type 1 has an invalid length. [ 1870.138498][T16561] bond0: (slave vxcan3): The slave device specified does not support setting the MAC address [ 1870.170763][T16561] bond0: (slave vxcan3): Error -95 calling set_mac_address [ 1870.267129][T16566] bond0: (slave gretap1): making interface the new active one [ 1870.305343][T16566] bond0: (slave gretap1): Enslaving as an active interface with an up link [ 1870.376264][T16565] bond0: (slave bridge1): Enslaving as an active interface with a down link [ 1870.420645][T16567] macvlan2: entered promiscuous mode [ 1870.463454][T16567] macvlan2: entered allmulticast mode [ 1870.469883][T16567] bond0: entered promiscuous mode [ 1870.475073][T16567] gretap1: entered promiscuous mode [ 1870.481278][T16567] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1870.499423][T16567] bond0: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1 [ 1870.512590][T16567] bond0: left promiscuous mode [ 1870.517712][T16567] gretap1: left promiscuous mode [ 1872.865575][T13768] Bluetooth: hci1: command 0x0406 tx timeout [ 1880.360650][T16621] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2536'. [ 1880.369821][T16621] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2536'. [ 1880.415564][T16621] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1880.424430][T16621] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1880.433777][T16621] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1880.458173][T16621] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2536'. [ 1880.467272][T16621] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2536'. [ 1880.863436][ T27] audit: type=1326 audit(1769191716.340:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16622 comm="syz.1.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf8d9acb9 code=0x7ffc0000 [ 1881.709420][ T27] audit: type=1326 audit(1769191716.340:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16622 comm="syz.1.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf8d9acb9 code=0x7ffc0000 [ 1881.734229][ T27] audit: type=1326 audit(1769191716.340:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16622 comm="syz.1.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fccf8d9acb9 code=0x7ffc0000 [ 1881.757448][ T27] audit: type=1326 audit(1769191716.350:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16622 comm="syz.1.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf8d9acb9 code=0x7ffc0000 [ 1881.908636][ T27] audit: type=1326 audit(1769191716.350:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16622 comm="syz.1.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf8d9acb9 code=0x7ffc0000 [ 1881.931355][ T27] audit: type=1326 audit(1769191717.190:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16622 comm="syz.1.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7fccf8d9acb9 code=0x7ffc0000 [ 1882.088571][ T27] audit: type=1326 audit(1769191717.190:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16622 comm="syz.1.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf8d9acb9 code=0x7ffc0000 [ 1882.111340][ T27] audit: type=1326 audit(1769191717.190:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16622 comm="syz.1.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf8d9acb9 code=0x7ffc0000 [ 1882.145333][ T27] audit: type=1326 audit(1769191717.190:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16622 comm="syz.1.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fccf8d9acb9 code=0x7ffc0000 [ 1882.199442][ T27] audit: type=1326 audit(1769191717.220:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16622 comm="syz.1.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf8d9acb9 code=0x7ffc0000 [ 1884.405927][T16638] loop3: detected capacity change from 0 to 128 [ 1884.459812][T16638] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1884.493807][T16638] ext4 filesystem being mounted at /646/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1885.189234][ T5767] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1890.526896][T16668] lo: entered allmulticast mode [ 1891.987286][T16671] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2548'. [ 1892.149136][T16666] lo: left allmulticast mode [ 1895.937155][T16697] syzkaller0: entered promiscuous mode [ 1895.947832][T16697] syzkaller0: entered allmulticast mode [ 1898.904021][T16711] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2562'. [ 1901.406230][T16725] loop4: detected capacity change from 0 to 512 [ 1901.499482][T16725] EXT4-fs error (device loop4): ext4_orphan_get:1398: inode #15: comm syz.4.2564: inode has both inline data and extents flags [ 1901.515656][T16725] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.2564: couldn't read orphan inode 15 (err -117) [ 1901.667090][T16725] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1901.763990][T16725] syz.4.2564 (pid 16725) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 1904.429986][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1914.743495][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1917.904501][T16793] loop1: detected capacity change from 0 to 128 [ 1917.914512][T16793] hpfs: bad mount options. [ 1917.963807][T16643] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1920.433707][T16811] 9pnet_fd: Insufficient options for proto=fd [ 1927.408605][T16836] netdevsim netdevsim2: Direct firmware load for . failed with error -2 [ 1928.112032][T16836] netdevsim netdevsim2: Falling back to sysfs fallback for: . [ 1929.160083][T16845] loop4: detected capacity change from 0 to 128 [ 1929.185907][T16847] lo: entered allmulticast mode [ 1929.229219][T16845] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 1929.448481][T16852] lo: left allmulticast mode [ 1929.540777][T16856] syz.4.2597: attempt to access beyond end of device [ 1929.540777][T16856] loop4: rw=0, sector=13269809, nr_sectors = 1 limit=128 [ 1930.080706][ T7031] sysv_free_block: trying to free block not in datazone [ 1930.153508][ T7031] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 1930.540649][T16858] loop4: detected capacity change from 0 to 32768 [ 1931.294689][T16860] read_mapping_page failed! [ 1931.307686][T16860] ERROR: (device loop4): txCommit: [ 1931.307686][T16860] [ 1932.511538][ T27] kauditd_printk_skb: 44 callbacks suppressed [ 1932.511553][ T27] audit: type=1326 audit(1769191767.990:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16866 comm="syz.1.2591" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fccf8d9acb9 code=0x0 [ 1932.554575][T16871] lo: entered allmulticast mode [ 1932.617771][T16877] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2595'. [ 1933.312315][T16870] lo: left allmulticast mode [ 1936.613393][T16906] loop3: detected capacity change from 0 to 32768 [ 1937.863060][T16913] read_mapping_page failed! [ 1937.879638][T16913] ERROR: (device loop3): txCommit: [ 1937.879638][T16913] [ 1939.188867][T16921] loop3: detected capacity change from 0 to 128 [ 1939.199245][T16921] EXT4-fs: Ignoring removed nobh option [ 1939.636240][T16921] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1939.658971][T16921] ext4 filesystem being mounted at /663/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1939.988352][ T5767] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1940.153642][T16928] loop4: detected capacity change from 0 to 8 [ 1940.348063][T16928] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1940.356163][T16928] SQUASHFS error: Failed to read block 0x91: -5 [ 1940.362476][T16928] SQUASHFS error: Unable to read metadata cache entry [8f] [ 1940.369830][T16928] SQUASHFS error: Unable to read inode 0x11f [ 1941.278376][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b80b400: rx timeout, send abort [ 1941.715734][ C0] vcan0: j1939_tp_rxtimer: 0xffff888021b23400: rx timeout, send abort [ 1941.788834][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b80b400: abort rx timeout. Force session deactivation [ 1942.224124][ C0] vcan0: j1939_tp_rxtimer: 0xffff888021b23400: abort rx timeout. Force session deactivation [ 1942.318536][T16930] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2610'. [ 1946.000448][T16956] netdevsim netdevsim1: Direct firmware load for . failed with error -2 [ 1946.328825][T16961] loop4: detected capacity change from 0 to 4096 [ 1946.700770][T16961] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 1946.846775][T16956] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 1949.366585][T16973] Process accounting resumed [ 1949.650350][T16976] loop3: detected capacity change from 0 to 64 [ 1952.433634][T13872] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 1952.643214][T13872] usb 2-1: Using ep0 maxpacket: 32 [ 1952.643868][T16987] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2624'. [ 1952.650344][T13872] usb 2-1: config 250 has an invalid interface number: 228 but max is 0 [ 1952.698373][T13872] usb 2-1: config 250 has no interface number 0 [ 1952.724231][T13872] usb 2-1: New USB device found, idVendor=041e, idProduct=4034, bcdDevice=ff.d7 [ 1952.735768][T13872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1953.064583][T13872] usb 2-1: string descriptor 0 read error: -71 [ 1953.075356][T13872] gspca_main: gspca_zc3xx-2.14.0 probing 041e:4034 [ 1953.089705][T13872] gspca_zc3xx: reg_w_i err -71 [ 1954.203419][T13872] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 1954.211405][T13872] gspca_zc3xx: probe of 2-1:250.228 failed with error -71 [ 1954.225477][T13872] usb 2-1: USB disconnect, device number 2 [ 1954.541817][T16996] dlm: no local IP address has been set [ 1954.548101][T16996] dlm: cannot start dlm midcomms -107 [ 1954.582647][T16996] loop3: detected capacity change from 0 to 16 [ 1954.702145][T16996] erofs: (device loop3): mounted with root inode @ nid 36. [ 1956.462611][T17005] netlink: 'syz.4.2632': attribute type 10 has an invalid length. [ 1959.665746][T17027] netlink: 'syz.1.2634': attribute type 1 has an invalid length. [ 1959.673601][T17027] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.2634'. [ 1960.111077][T17020] loop4: detected capacity change from 0 to 4096 [ 1960.144233][T17020] EXT4-fs: Ignoring removed mblk_io_submit option [ 1960.195457][T17020] EXT4-fs (loop4): Test dummy encryption mode enabled [ 1960.250324][T17020] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1962.571445][T17045] loop3: detected capacity change from 0 to 512 [ 1964.213630][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1965.159705][T17045] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.2636: inode has both inline data and extents flags [ 1965.297686][T17045] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.2636: couldn't read orphan inode 15 (err -117) [ 1965.354956][T17045] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1965.520189][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1976.117419][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1986.483268][T17176] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 1988.766034][T17180] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2672'. [ 1989.608011][T17193] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 1991.647371][T17203] loop4: detected capacity change from 0 to 128 [ 1991.672266][T17203] hpfs: bad mount options. [ 1993.349752][T16827] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 2000.954483][T17250] loop1: detected capacity change from 0 to 8 [ 2002.071269][T17250] SQUASHFS error: lzo decompression failed, data probably corrupt [ 2002.079207][T17250] SQUASHFS error: Failed to read block 0x91: -5 [ 2002.085491][T17250] SQUASHFS error: Unable to read metadata cache entry [8f] [ 2002.092713][T17250] SQUASHFS error: Unable to read inode 0x11f [ 2002.275061][T17235] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 2005.685612][T17269] loop3: detected capacity change from 0 to 4096 [ 2005.700046][T17269] EXT4-fs: Ignoring removed mblk_io_submit option [ 2005.718839][T17269] EXT4-fs (loop3): Test dummy encryption mode enabled [ 2005.762312][T17269] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 2009.114429][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2010.340631][T17307] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2700'. [ 2011.183188][T17309] loop1: detected capacity change from 0 to 40427 [ 2011.259422][T17309] F2FS-fs (loop1): build fault injection attr: rate: 174, type: 0x7ffff [ 2015.228794][T17342] loop1: detected capacity change from 0 to 32768 [ 2017.954144][T17357] loop1: detected capacity change from 0 to 512 [ 2017.973954][T17357] EXT4-fs (loop1): Test dummy encryption mode enabled [ 2017.985872][T17357] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 2018.021318][T17357] EXT4-fs error (device loop1): ext4_orphan_get:1424: comm syz.1.2710: bad orphan inode 131083 [ 2018.094378][T17357] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 2018.835739][T17369] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 2020.141415][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2020.267347][T17386] loop3: detected capacity change from 0 to 2048 [ 2020.328731][T17386] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 2020.344399][T17386] ext4 filesystem being mounted at /692/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 2021.959268][T17398] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2721'. [ 2022.978379][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2024.528233][T17426] overlayfs: failed to resolve './bus': -2 [ 2024.819275][T17429] ax25_connect(): syz.4.2728 uses autobind, please contact jreuter@yaina.de [ 2032.325560][T17468] lo speed is unknown, defaulting to 1000 [ 2034.440525][T13768] Bluetooth: hci4: unexpected event 0x03 length: 1 < 11 [ 2036.055066][T17491] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2737'. [ 2036.065281][T17491] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 2037.568471][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 2043.132322][T17531] : renamed from vlan0 (while UP) [ 2045.313522][ T5776] Bluetooth: hci4: command 0x0406 tx timeout [ 2048.419381][T17580] loop3: detected capacity change from 0 to 8 [ 2048.511004][T17580] SQUASHFS error: xz decompression failed, data probably corrupt [ 2048.519304][T17580] SQUASHFS error: Failed to read block 0x108: -5 [ 2048.525864][T17580] SQUASHFS error: Unable to read metadata cache entry [106] [ 2048.533469][T17580] SQUASHFS error: Unable to read inode 0x101f [ 2052.880949][T17599] loop3: detected capacity change from 0 to 2048 [ 2052.959912][T17568] udevd[17568]: incorrect nilfs2 checksum on /dev/loop3 [ 2053.007805][T17568] udevd[17568]: incorrect nilfs2 checksum on /dev/loop3 [ 2053.018375][T17599] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 2053.046992][T17599] NILFS (loop3): mounting unchecked fs [ 2053.088150][T17599] NILFS (loop3): recovery complete [ 2053.154913][T17607] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 2065.686259][T17712] loop1: detected capacity change from 0 to 128 [ 2067.296183][T17712] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 2067.330446][T17712] ext4 filesystem being mounted at /689/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 2071.748177][T17740] dvmrp1: entered allmulticast mode [ 2072.514530][ T5764] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 2084.877222][T17811] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 2085.007049][T17811] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 2087.216762][T17830] loop4: detected capacity change from 0 to 1024 [ 2087.274382][T17830] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 2088.283204][T17830] loop4: detected capacity change from 1024 to 64 [ 2091.951591][T17858] netlink: 'syz.3.2821': attribute type 1 has an invalid length. [ 2091.960345][T17858] netlink: 228 bytes leftover after parsing attributes in process `syz.3.2821'. [ 2092.560568][T17832] kmmpd-loop4: attempt to access beyond end of device [ 2092.560568][T17832] loop4: rw=14337, sector=128, nr_sectors = 2 limit=64 [ 2092.591544][T17832] Buffer I/O error on dev loop4, logical block 64, lost sync page write [ 2092.610810][T17832] EXT4-fs error (device loop4): kmmpd:186: comm kmmpd-loop4: Error writing to MMP block [ 2092.640192][ T7031] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 16: comm syz-executor: path (unknown): bad entry in directory: rec_len % 4 != 0 - offset=0, inode=17104912, rec_len=26982, size=1024 fake=0 [ 2093.140180][T17861] overlayfs: bad index found (index=index/00fb210001a64f4ae39d484ea39eef66fcf94cccb7196e28c9de0e000000000000, ftype=2000, origin ftype=a000). [ 2093.446306][T13368] EXT4-fs error (device loop4): ext4_check_bdev_write_error:225: comm syz.4.1754: Error while async write back metadata [ 2093.468393][T13368] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2093.529148][T17832] kmmpd-loop4: attempt to access beyond end of device [ 2093.529148][T17832] loop4: rw=14337, sector=128, nr_sectors = 2 limit=64 [ 2093.542779][T17832] Buffer I/O error on dev loop4, logical block 64, lost sync page write [ 2094.749112][T14225] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2094.914647][T14225] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2094.942042][T17871] loop1: detected capacity change from 0 to 64 [ 2095.097408][T14225] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2095.155582][ T5776] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 2095.167363][ T5776] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 2095.176914][ T5776] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 2095.186604][ T5776] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 2095.195954][ T5776] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 2095.203792][ T5776] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 2095.821696][T17873] lo speed is unknown, defaulting to 1000 [ 2096.036839][T14225] tipc: Disabling bearer [ 2096.061982][T14225] tipc: Disabling bearer [ 2096.073511][T14225] tipc: Left network mode [ 2096.361723][T17873] chnl_net:caif_netlink_parms(): no params data found [ 2097.234666][ T5776] Bluetooth: hci2: command tx timeout [ 2097.487388][T17873] bridge0: port 1(bridge_slave_0) entered blocking state [ 2097.494749][T17873] bridge0: port 1(bridge_slave_0) entered disabled state [ 2097.501961][T17873] bridge_slave_0: entered allmulticast mode [ 2097.511892][T17873] bridge_slave_0: entered promiscuous mode [ 2097.519811][T17873] bridge0: port 2(bridge_slave_1) entered blocking state [ 2097.532191][T17873] bridge0: port 2(bridge_slave_1) entered disabled state [ 2097.540991][T17873] bridge_slave_1: entered allmulticast mode [ 2097.556400][T17873] bridge_slave_1: entered promiscuous mode [ 2098.997358][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 2099.051910][T17873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2099.069900][T17873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2099.271645][T17873] team0: Port device team_slave_0 added [ 2099.667377][ T5776] Bluetooth: hci2: command tx timeout [ 2100.081668][T17873] team0: Port device team_slave_1 added [ 2101.171276][T17873] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2101.182915][T17873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2101.238433][T17873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2101.712993][T13768] Bluetooth: hci2: command tx timeout [ 2101.779065][T14225] dvmrp8 (unregistering): left allmulticast mode [ 2101.804620][T14225] dvmrp1 (unregistering): left allmulticast mode [ 2101.823535][T17873] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2101.931254][T17873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2102.105452][T17873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2102.558160][T17873] hsr_slave_0: entered promiscuous mode [ 2102.619754][T17873] hsr_slave_1: entered promiscuous mode [ 2102.628272][T17873] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2102.638004][T17873] Cannot create hsr debugfs directory [ 2102.672567][T14225] bond0: (slave wlan1): Releasing backup interface [ 2102.680415][T14225] bond0: (slave wlan1): the permanent HWaddr of slave - 08:02:11:00:00:01 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts [ 2102.708775][T14225] ------------[ cut here ]------------ [ 2102.715038][T14225] WARNING: CPU: 1 PID: 14225 at net/mac80211/chan.c:2022 ieee80211_link_release_channel+0x154/0x180 [ 2102.726034][T14225] Modules linked in: [ 2102.729925][T14225] CPU: 1 PID: 14225 Comm: kworker/u4:4 Not tainted syzkaller #0 [ 2102.737687][T14225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2102.747818][T14225] Workqueue: netns cleanup_net [ 2102.752607][T14225] RIP: 0010:ieee80211_link_release_channel+0x154/0x180 [ 2102.759553][T14225] Code: 7c 2d 00 00 74 08 48 89 df e8 98 29 d8 f7 bf 60 1e 00 00 48 03 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 a1 8f 85 00 e8 2c 02 80 f7 <0f> 0b eb c5 48 c7 c1 ac 0e 8b 8e 80 e1 07 80 c1 03 38 c1 0f 8c 51 [ 2102.779311][T14225] RSP: 0018:ffffc9000ffef548 EFLAGS: 00010293 [ 2102.785473][T14225] RAX: ffffffff8a0710f4 RBX: ffff88805dfd5598 RCX: ffff88802dfd8000 [ 2102.793543][T14225] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 2102.801553][T14225] RBP: 0000000000000000 R08: ffffffff8e8ad9ef R09: 1ffffffff1d15b3d [ 2102.809907][T14225] R10: dffffc0000000000 R11: fffffbfff1d15b3e R12: ffff88805dfd6c08 [ 2102.818117][T14225] R13: 1ffff1100bbfaab3 R14: ffff88805dfd63c0 R15: dffffc0000000000 [ 2102.826303][T14225] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 2102.835420][T14225] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2102.842032][T14225] CR2: 000055557fb909e8 CR3: 000000002d44d000 CR4: 00000000003506e0 [ 2102.850110][T14225] Call Trace: [ 2102.853448][T14225] [ 2102.856394][T14225] ? trace_drv_return_void+0x1c0/0x1c0 [ 2102.861874][T14225] unregister_netdevice_many_notify+0x133d/0x1900 [ 2102.868385][T14225] ? lock_chain_count+0x20/0x20 [ 2102.873316][T14225] ? unregister_netdevice_many+0x20/0x20 [ 2102.878991][T14225] ? kernfs_remove_by_name_ns+0x117/0x150 [ 2102.884834][T14225] ? __lock_acquire+0x7d40/0x7d40 [ 2102.889897][T14225] unregister_netdevice_queue+0x32c/0x370 [ 2102.895706][T14225] ? list_netdevice+0x730/0x730 [ 2102.900593][T14225] ? kernfs_remove_by_name_ns+0x117/0x150 [ 2102.906469][T14225] _cfg80211_unregister_wdev+0x16b/0x580 [ 2102.912455][T14225] ieee80211_remove_interfaces+0x49e/0x690 [ 2102.918865][T14225] ? ieee80211_do_stop+0x1e20/0x1e20 [ 2102.924450][T14225] ? rcu_is_watching+0x15/0xb0 [ 2102.929264][T14225] ieee80211_unregister_hw+0x5d/0x2a0 [ 2102.934723][T14225] mac80211_hwsim_del_radio+0x289/0x480 [ 2102.940309][T14225] ? rhashtable_remove_fast+0xc00/0xc00 [ 2102.945999][T14225] hwsim_exit_net+0x58d/0x650 [ 2102.950709][T14225] ? hwsim_init_net+0x90/0x90 [ 2102.955467][T14225] ? __ip_vs_dev_cleanup_batch+0x238/0x250 [ 2102.961304][T14225] cleanup_net+0x70a/0xbb0 [ 2102.965862][T14225] ? ops_free_list+0x3b0/0x3b0 [ 2102.970662][T14225] ? _raw_spin_unlock_irq+0x23/0x50 [ 2102.975972][T14225] ? process_scheduled_works+0x96f/0x15d0 [ 2102.981722][T14225] ? process_scheduled_works+0x96f/0x15d0 [ 2102.987530][T14225] process_scheduled_works+0xa5d/0x15d0 [ 2102.993376][T14225] ? assign_work+0x430/0x430 [ 2102.998008][T14225] ? assign_work+0x3d0/0x430 [ 2103.002627][T14225] worker_thread+0xa55/0xfc0 [ 2103.007416][T14225] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 2103.013658][T14225] ? _raw_spin_unlock+0x40/0x40 [ 2103.018554][T14225] kthread+0x2fa/0x390 [ 2103.022641][T14225] ? pr_cont_work+0x560/0x560 [ 2103.027420][T14225] ? kthread_blkcg+0xd0/0xd0 [ 2103.032036][T14225] ret_from_fork+0x48/0x80 [ 2103.036563][T14225] ? kthread_blkcg+0xd0/0xd0 [ 2103.041187][T14225] ret_from_fork_asm+0x11/0x20 [ 2103.046093][T14225] [ 2103.049125][T14225] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 2103.056397][T14225] CPU: 1 PID: 14225 Comm: kworker/u4:4 Not tainted syzkaller #0 [ 2103.064012][T14225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2103.074065][T14225] Workqueue: netns cleanup_net [ 2103.078864][T14225] Call Trace: [ 2103.082130][T14225] [ 2103.085052][T14225] dump_stack_lvl+0x18c/0x250 [ 2103.089726][T14225] ? show_regs_print_info+0x20/0x20 [ 2103.094911][T14225] ? load_image+0x400/0x400 [ 2103.099427][T14225] panic+0x2dc/0x730 [ 2103.103334][T14225] ? bpf_jit_dump+0xd0/0xd0 [ 2103.107879][T14225] ? ret_from_fork_asm+0x11/0x20 [ 2103.112827][T14225] __warn+0x2e0/0x470 [ 2103.116810][T14225] ? ieee80211_link_release_channel+0x154/0x180 [ 2103.123053][T14225] ? ieee80211_link_release_channel+0x154/0x180 [ 2103.129285][T14225] report_bug+0x2be/0x4f0 [ 2103.133611][T14225] ? ieee80211_link_release_channel+0x154/0x180 [ 2103.139847][T14225] ? ieee80211_link_release_channel+0x154/0x180 [ 2103.146082][T14225] ? ieee80211_link_release_channel+0x156/0x180 [ 2103.152318][T14225] handle_bug+0xcf/0x120 [ 2103.156567][T14225] exc_invalid_op+0x1a/0x50 [ 2103.161080][T14225] asm_exc_invalid_op+0x1a/0x20 [ 2103.165925][T14225] RIP: 0010:ieee80211_link_release_channel+0x154/0x180 [ 2103.172773][T14225] Code: 7c 2d 00 00 74 08 48 89 df e8 98 29 d8 f7 bf 60 1e 00 00 48 03 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 a1 8f 85 00 e8 2c 02 80 f7 <0f> 0b eb c5 48 c7 c1 ac 0e 8b 8e 80 e1 07 80 c1 03 38 c1 0f 8c 51 [ 2103.192383][T14225] RSP: 0018:ffffc9000ffef548 EFLAGS: 00010293 [ 2103.198444][T14225] RAX: ffffffff8a0710f4 RBX: ffff88805dfd5598 RCX: ffff88802dfd8000 [ 2103.206414][T14225] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 2103.214378][T14225] RBP: 0000000000000000 R08: ffffffff8e8ad9ef R09: 1ffffffff1d15b3d [ 2103.222345][T14225] R10: dffffc0000000000 R11: fffffbfff1d15b3e R12: ffff88805dfd6c08 [ 2103.230314][T14225] R13: 1ffff1100bbfaab3 R14: ffff88805dfd63c0 R15: dffffc0000000000 [ 2103.238291][T14225] ? ieee80211_link_release_channel+0x154/0x180 [ 2103.244533][T14225] ? ieee80211_link_release_channel+0x154/0x180 [ 2103.250765][T14225] ? trace_drv_return_void+0x1c0/0x1c0 [ 2103.256222][T14225] unregister_netdevice_many_notify+0x133d/0x1900 [ 2103.262641][T14225] ? lock_chain_count+0x20/0x20 [ 2103.267498][T14225] ? unregister_netdevice_many+0x20/0x20 [ 2103.273138][T14225] ? kernfs_remove_by_name_ns+0x117/0x150 [ 2103.278857][T14225] ? __lock_acquire+0x7d40/0x7d40 [ 2103.283882][T14225] unregister_netdevice_queue+0x32c/0x370 [ 2103.289604][T14225] ? list_netdevice+0x730/0x730 [ 2103.294464][T14225] ? kernfs_remove_by_name_ns+0x117/0x150 [ 2103.300187][T14225] _cfg80211_unregister_wdev+0x16b/0x580 [ 2103.305820][T14225] ieee80211_remove_interfaces+0x49e/0x690 [ 2103.311627][T14225] ? ieee80211_do_stop+0x1e20/0x1e20 [ 2103.316908][T14225] ? rcu_is_watching+0x15/0xb0 [ 2103.321681][T14225] ieee80211_unregister_hw+0x5d/0x2a0 [ 2103.327053][T14225] mac80211_hwsim_del_radio+0x289/0x480 [ 2103.332603][T14225] ? rhashtable_remove_fast+0xc00/0xc00 [ 2103.338157][T14225] hwsim_exit_net+0x58d/0x650 [ 2103.342829][T14225] ? hwsim_init_net+0x90/0x90 [ 2103.347507][T14225] ? __ip_vs_dev_cleanup_batch+0x238/0x250 [ 2103.353310][T14225] cleanup_net+0x70a/0xbb0 [ 2103.357726][T14225] ? ops_free_list+0x3b0/0x3b0 [ 2103.362489][T14225] ? _raw_spin_unlock_irq+0x23/0x50 [ 2103.367679][T14225] ? process_scheduled_works+0x96f/0x15d0 [ 2103.373393][T14225] ? process_scheduled_works+0x96f/0x15d0 [ 2103.379105][T14225] process_scheduled_works+0xa5d/0x15d0 [ 2103.384670][T14225] ? assign_work+0x430/0x430 [ 2103.389256][T14225] ? assign_work+0x3d0/0x430 [ 2103.393841][T14225] worker_thread+0xa55/0xfc0 [ 2103.398429][T14225] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 2103.404320][T14225] ? _raw_spin_unlock+0x40/0x40 [ 2103.409185][T14225] kthread+0x2fa/0x390 [ 2103.413244][T14225] ? pr_cont_work+0x560/0x560 [ 2103.417917][T14225] ? kthread_blkcg+0xd0/0xd0 [ 2103.422497][T14225] ret_from_fork+0x48/0x80 [ 2103.426908][T14225] ? kthread_blkcg+0xd0/0xd0 [ 2103.431491][T14225] ret_from_fork_asm+0x11/0x20 [ 2103.436263][T14225] [ 2103.439610][T14225] Kernel Offset: disabled [ 2103.444057][T14225] Rebooting in 86400 seconds..