last executing test programs: 12.393832014s ago: executing program 2 (id=1420): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r1) sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r3) r4 = socket$unix(0x1, 0x1, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r6, {}, {0x2, 0xb}, {0x9, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x7f, 0x0, 0x5, 0x1, 0xc}, 0xb, 0x0, 0x8, 0x5, 0x5f82, 0x2, 0x9, 0xd, 0x8, 0x1, {0xffff1c72, 0x3, 0x1000, 0x101, 0x0, 0x5}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 11.306583152s ago: executing program 2 (id=1422): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x62200, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r2, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000080)={0x0, 0x5, 0x1, "fd"}, 0x9) sendto$inet6(r2, &(0x7f00000000c0)="eb", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x23, &(0x7f0000000340)={0x0, 0x5}, 0x8) openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) set_mempolicy(0x4005, &(0x7f0000000040)=0x10000000005, 0x7) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) close_range(r3, 0xffffffffffffffff, 0x0) 9.717336299s ago: executing program 2 (id=1427): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0xffffffb3, &(0x7f0000000240)=0x2) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = memfd_create(&(0x7f0000000000)='\xfb\"a&\x8fe\x11\x8c\xd64\xf9 \x00\x00\x00\x00\x00\x12\x1a\'<\xf5\xbeV\x12\xaal\xfa\xf0o\xd8\xb1,\xbd>M\xe3\x98?\xd9\x96\xab\xc7\x06F\x9b\xab\xc8\x1e\x89]\x13bZ\x8d /#k\x95\x9eLV(\x8a\x0e\x93\x93Vc]mP\xbativ\xce\xa4K\xfb\xf2\xe0\xbf\x9d\xa1\xa2\xcd\xb39\xb4\x17a9\x1c\x82\x1aLT\xd0\xb9\x1a\xafB\x95\xb4\xcf\x91X\x8c\x87\xc2\xa1\x1b\xfe\xe7\xbc\xf7\xeb\xdeL\x1d\x98Zq\xcc%\x98\xb0Yc\xec\xb7\xb5m(9\xde\xd3\xefB\xd4\xee\xb5\xee\xe0\xaa\xdd\x00\xb1jOB\xdas\xe3\xb47}%)\xb9\xbf{\xce\x94^\xec\xdf\xbcW\xe0I\x0e\xa4\x1e}\x06\vK\xed\x11\x880\x0e\x9c\xaeVU\x88\xb0\x842kgA]\x1e\x88\xecif\xee\xba\x8b\xc6\"\xcej\x84\x06\x8a\x99\x80\xd7\xcf\x96\xed\x89\x1e6\x93+\xec#\x1d2\xb8\x80Z\xf7\x06\xbe\xc9[L\xc5\xc9\xb5\xd6{\xee\xce\x17\x89\xa6r\xc5j\xec\x1b\xaa\x996\x14e\xcf\x8axQ\x8fXeT\'0.\x85\xa2\xc8\xb3c\t\xe8\x1a\x89\xecL\xcf\xd8\xb5\xfb\xbc\tX\x88\xbe\xf4@[\xb2\xd5\x8c\xb9\x0e\x17\x8b\xce\xd09\xd2\xfb\x9e\xef\xabR\x88\x17\x9et\xf7\x9c\x01\x91\xacH\xdb\xf9\xcb\x7fh\x83>\x8e\xe1=\xedR\xc9\xe68h\x19\xafLD\x94\x93\xebT\x15\x817\x9d#\xea\xd2\xa8\xfb^\x8c\x87#\x10', 0x7) fallocate(r2, 0x0, 0x0, 0x8) fcntl$addseals(r2, 0x409, 0xe) r3 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r3, &(0x7f00000000c0)={0x1d, 0x0, 0x0, {}, 0x1}, 0x18) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newqdisc={0x24, 0x10, 0x1, 0x3, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xffff}, {0xe, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) close_range(r1, 0xffffffffffffffff, 0x0) 8.494303109s ago: executing program 4 (id=1433): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$can_j1939(0x1d, 0x2, 0x7) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newqdisc={0x24, 0x10, 0x1, 0x3, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xffff}, {0xe, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) close_range(r1, 0xffffffffffffffff, 0x0) 7.662072583s ago: executing program 3 (id=1434): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r4}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20) socket$netlink(0x10, 0x3, 0x0) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r5, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, 0x0, 0x0) shutdown(r5, 0x2) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) epoll_create1(0x0) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVdn:Dd', 0x0) r7 = socket$inet_dccp(0x2, 0x6, 0x0) ppoll(&(0x7f0000000280)=[{r7, 0x8042}, {r4, 0x1}, {r6, 0x4008}], 0x3, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) 6.6228426s ago: executing program 3 (id=1436): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, 0x0, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 6.435938883s ago: executing program 3 (id=1437): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x62200, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r2, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000080)={0x0, 0x5, 0x1, "fd"}, 0x9) sendto$inet6(r2, &(0x7f00000000c0)="eb", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x23, &(0x7f0000000340)={0x0, 0x5}, 0x8) openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) set_mempolicy(0x4005, &(0x7f0000000040)=0x10000000005, 0x7) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) close_range(r3, 0xffffffffffffffff, 0x0) 6.110058718s ago: executing program 2 (id=1438): socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r3, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) shutdown(r3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) epoll_create1(0x0) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVdn:Dd', 0x0) 5.097218115s ago: executing program 2 (id=1439): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback=0x19}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) rt_sigaction(0x40, 0x0, 0x0, 0x8, &(0x7f0000001540)) syz_open_dev$tty20(0xc, 0x4, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) write$vga_arbiter(0xffffffffffffffff, 0x0, 0xc) write$vga_arbiter(0xffffffffffffffff, &(0x7f00000000c0)=@unlock_all, 0xb) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x0, 0x18c, 0x203, 0x320, 0x19030000, 0x410, 0x2e0, 0x2e0, 0x410, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x20, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0xe}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x8}, {}, {0x16}, {0x0, 0xff}, {}, {0x7}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0x101}, {}, {0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x9}, {0xfffc, 0x0, 0x0, 0x6}, {}, {0xfffe}, {}, {}, {}, {0xfffe, 0xfb}, {}, {0x7a04}, {}, {}, {0x20, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb8c, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {0x3}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0xb}, {0x4, 0x2}]}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz0\x00', {0x8001}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz0\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540) 5.000538067s ago: executing program 3 (id=1440): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x62200, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r2, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000080)={0x0, 0x5, 0x1, "fd"}, 0x9) sendto$inet6(r2, &(0x7f00000000c0)="eb", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x23, &(0x7f0000000340)={0x0, 0x5}, 0x8) openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) set_mempolicy(0x4005, &(0x7f0000000040)=0x10000000005, 0x7) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) close_range(r3, 0xffffffffffffffff, 0x0) 4.631228453s ago: executing program 4 (id=1442): sendmsg$key(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000bc0)={0x2, 0x7, 0x6, 0x3, 0x6, 0x0, 0x70bd2b, 0x25dfdbff, [@sadb_lifetime={0x4, 0x4, 0x7fffffff, 0x2, 0xffffffffffffffff, 0x2}]}, 0x30}}, 0x4000004) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000002480)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=") r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, 0x0, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[], 0xdc}}, 0x0) sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="44000000190a01020000000000"], 0x44}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) r2 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="480000000214010028bd7000fddbdf250900020073797a3100000000080001000000000008004400", @ANYRES32, @ANYBLOB="050054000100b2ac0800010000000000090002"], 0x48}, 0x1, 0x0, 0x0, 0x4000801}, 0x0) 4.597888034s ago: executing program 0 (id=1443): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback=0x19}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) syz_open_dev$tty20(0xc, 0x4, 0x0) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0) write$vga_arbiter(r3, 0x0, 0xc) write$vga_arbiter(r3, &(0x7f00000000c0)=@unlock_all, 0xb) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x0, 0x18c, 0x203, 0x320, 0x19030000, 0x410, 0x2e0, 0x2e0, 0x410, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x20, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0xe}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x8}, {}, {0x16}, {0x0, 0xff}, {}, {0x7}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0x101}, {}, {0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x9}, {0xfffc, 0x0, 0x0, 0x6}, {}, {0xfffe}, {}, {}, {}, {0xfffe, 0xfb}, {}, {0x7a04}, {}, {}, {0x20, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb8c, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {0x3}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0xb}, {0x4, 0x2}]}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz0\x00', {0x8001}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz0\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540) 4.361377047s ago: executing program 4 (id=1444): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x62200, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r2, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000080)={0x0, 0x5, 0x1, "fd"}, 0x9) sendto$inet6(r2, &(0x7f00000000c0)="eb", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x23, &(0x7f0000000340)={0x0, 0x5}, 0x8) openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) set_mempolicy(0x4005, &(0x7f0000000040)=0x10000000005, 0x7) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) close_range(r3, 0xffffffffffffffff, 0x0) 3.975458884s ago: executing program 3 (id=1445): r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0x9, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x7f, 0x0, 0x5, 0x1, 0xc}, 0xb, 0x0, 0x8, 0x5, 0x5f82, 0x2, 0x9, 0xd, 0x8, 0x1, {0xffff1c72, 0x3, 0x1000, 0x101, 0x0, 0x5}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 2.783795614s ago: executing program 1 (id=1447): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000080)={0x0, 0x5}, 0x8) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 2.782809734s ago: executing program 3 (id=1448): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0xffffffb3, &(0x7f0000000240)=0x2) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = memfd_create(&(0x7f0000000000)='\xfb\"a&\x8fe\x11\x8c\xd64\xf9 \x00\x00\x00\x00\x00\x12\x1a\'<\xf5\xbeV\x12\xaal\xfa\xf0o\xd8\xb1,\xbd>M\xe3\x98?\xd9\x96\xab\xc7\x06F\x9b\xab\xc8\x1e\x89]\x13bZ\x8d /#k\x95\x9eLV(\x8a\x0e\x93\x93Vc]mP\xbativ\xce\xa4K\xfb\xf2\xe0\xbf\x9d\xa1\xa2\xcd\xb39\xb4\x17a9\x1c\x82\x1aLT\xd0\xb9\x1a\xafB\x95\xb4\xcf\x91X\x8c\x87\xc2\xa1\x1b\xfe\xe7\xbc\xf7\xeb\xdeL\x1d\x98Zq\xcc%\x98\xb0Yc\xec\xb7\xb5m(9\xde\xd3\xefB\xd4\xee\xb5\xee\xe0\xaa\xdd\x00\xb1jOB\xdas\xe3\xb47}%)\xb9\xbf{\xce\x94^\xec\xdf\xbcW\xe0I\x0e\xa4\x1e}\x06\vK\xed\x11\x880\x0e\x9c\xaeVU\x88\xb0\x842kgA]\x1e\x88\xecif\xee\xba\x8b\xc6\"\xcej\x84\x06\x8a\x99\x80\xd7\xcf\x96\xed\x89\x1e6\x93+\xec#\x1d2\xb8\x80Z\xf7\x06\xbe\xc9[L\xc5\xc9\xb5\xd6{\xee\xce\x17\x89\xa6r\xc5j\xec\x1b\xaa\x996\x14e\xcf\x8axQ\x8fXeT\'0.\x85\xa2\xc8\xb3c\t\xe8\x1a\x89\xecL\xcf\xd8\xb5\xfb\xbc\tX\x88\xbe\xf4@[\xb2\xd5\x8c\xb9\x0e\x17\x8b\xce\xd09\xd2\xfb\x9e\xef\xabR\x88\x17\x9et\xf7\x9c\x01\x91\xacH\xdb\xf9\xcb\x7fh\x83>\x8e\xe1=\xedR\xc9\xe68h\x19\xafLD\x94\x93\xebT\x15\x817\x9d#\xea\xd2\xa8\xfb^\x8c\x87#\x10', 0x7) fallocate(r2, 0x0, 0x0, 0x8) fcntl$addseals(r2, 0x409, 0xe) r3 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r3, &(0x7f00000000c0)={0x1d, 0x0, 0x0, {}, 0x1}, 0x18) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newqdisc={0x24, 0x10, 0x1, 0x3, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xffff}, {0xe, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) close_range(r1, 0xffffffffffffffff, 0x0) 2.642857176s ago: executing program 1 (id=1449): setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2d0, 0x0, 0x9403, 0x0, 0x230, 0x2c0, 0x348, 0x3d8, 0x3d8, 0x348, 0x3d8, 0x3, 0x0, {[{{@ipv6={@loopback, @dev={0xfe, 0x80, '\x00', 0x2e}, [0xff, 0xff000000, 0xff000000], [0xffffff00, 0x0, 0xff000000, 0xffffffff], 'vlan1\x00', 'tunl0\x00', {0xff}, {0xff}, 0x2e, 0x3e, 0x4, 0x42}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0xab, 0x7fff, 0xffffffff, 'snmp\x00', 'syz1\x00', {0x11ed}}}}, {{@ipv6={@local, @private2, [0xffffff00, 0xffffffff, 0xffffffff, 0xffffff00], [0xffffff00, 0xff, 0xff000000], 'netdevsim0\x00', 'hsr0\x00', {0xff}, {0xff}, 0x0, 0x6f, 0x4, 0x8}, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz1\x00', {0xf5}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x330) r0 = syz_clone(0x22300000, 0x0, 0x0, 0x0, 0x0, 0x0) process_vm_readv(r0, &(0x7f00000008c0)=[{&(0x7f0000000480)=""/208, 0xd0}], 0x1, &(0x7f0000000d00)=[{&(0x7f0000000940)=""/92, 0x5c}], 0x1, 0x0) 2.542557178s ago: executing program 4 (id=1450): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x62200, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r2, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000080)={0x0, 0x5, 0x1, "fd"}, 0x9) sendto$inet6(r2, &(0x7f00000000c0)="eb", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x23, &(0x7f0000000340)={0x0, 0x5}, 0x8) openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) set_mempolicy(0x4005, &(0x7f0000000040)=0x10000000005, 0x7) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) close_range(r3, 0xffffffffffffffff, 0x0) 2.357374121s ago: executing program 1 (id=1451): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback=0x19}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) rt_sigaction(0x40, 0x0, 0x0, 0x8, &(0x7f0000001540)) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) write$vga_arbiter(r3, 0x0, 0xc) write$vga_arbiter(r3, &(0x7f00000000c0)=@unlock_all, 0xb) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x0, 0x18c, 0x203, 0x320, 0x19030000, 0x410, 0x2e0, 0x2e0, 0x410, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x20, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0xe}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x8}, {}, {0x16}, {0x0, 0xff}, {}, {0x7}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0x101}, {}, {0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x9}, {0xfffc, 0x0, 0x0, 0x6}, {}, {0xfffe}, {}, {}, {}, {0xfffe, 0xfb}, {}, {0x7a04}, {}, {}, {0x20, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb8c, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {0x3}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0xb}, {0x4, 0x2}]}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz0\x00', {0x8001}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz0\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540) 2.064238516s ago: executing program 2 (id=1452): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$can_j1939(0x1d, 0x2, 0x7) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newqdisc={0x24, 0x10, 0x1, 0x3, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xffff}, {0xe, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) close_range(r1, 0xffffffffffffffff, 0x0) 1.82240416s ago: executing program 0 (id=1453): r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x201, 0x2) r1 = dup(r0) ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000040)={0x23, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0}) 1.725163081s ago: executing program 0 (id=1454): sendmsg$key(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000bc0)={0x2, 0x7, 0x6, 0x3, 0x6, 0x0, 0x70bd2b, 0x25dfdbff, [@sadb_lifetime={0x4, 0x4, 0x7fffffff, 0x2, 0xffffffffffffffff, 0x2}]}, 0x30}}, 0x4000004) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000002480)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=") r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, 0x0, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB], 0xdc}}, 0x0) sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="44000000190a01020000000000"], 0x44}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) r2 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="480000000214010028bd7000fddbdf250900020073797a3100000000080001000000000008004400", @ANYRES32, @ANYBLOB="050054000100b2ac0800010000000000090002"], 0x48}, 0x1, 0x0, 0x0, 0x4000801}, 0x0) 1.381693347s ago: executing program 4 (id=1455): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000100), 0x1, 0x57d, &(0x7f0000000140)="$eJzs3U1oHGUfAPD/zGb7mfdNX3gFlR6KChVKN0k/tHpqr2Kh0IPgRcNmG0o22ZJNtAk5pPci9iAqvdSbHjwqHjyIF49evSiehWKDQtODrsx+pGm6iZvaZGvm94PZnWee2f0/z8z+n90ZZtgAcutI9pBGPBMRF5KIoTV1A9GuPNJab2V5sXxvebGcRKNx8dckkoi4u7xY7qyftJ8PRsRSRDwdEd8WI46lq2+5pzNTn1+YHKtWKzPt8vDs1JXh+vzC8ctTYxOVicr0yZdfOX3m1OnRE6Nrm3uvsbZU3Fpfr/90473r379268Znnx9eKn8wlsTZGGzXre3H49TaJsU4u275qe0I1kdJvxvAIym08zxLpadiKArtrO+msXZw2LsjzQO2UWNvRAPIqUT+Q051fgdkx7+daSd/f9w+1zoAyeKutKdWzUDr3ETsax6bHPgteeDIJDvePLSTDWVXWroWESMDAw9//pP25+/RjTyOBrKtvjnX2lEP7/90dfyJLuPPYOfc6T/UGf9WHhr/7scvbDD+Xegxxh9v/vzxhvGvRTzbNX6yGj/pEj+NiLd7jH/zja/ObFTX+CTiaHSP35Fsfn54+NLlamWk9dg1xtdHD7+6Wf8PbBC/dc52X/Nrptv2T3vs/5ffffHc0ibxX3x+8/3fbfvvj4j3e4z/v7ufvr5R3e1ryZ3sV8BW938SxbjVY/yXzh75scdVAQAAAAAAAACALUib17IlaWl1Pk1LpdY9vP+PA2m1Vp89dqk2Nz3euubtUBTTzpVWQ61ykpVH29fjdson1pVPFtoBC/ub5VK5Vh3vc98BAAAAAAAAAAAAAAAAAADgSXFw3f3/vxea9/+v/7tqYLfa+C+/gd1O/kN+PZj/Sd/aAew83/+QWw35D/kl/yG/5D/kl/yH/JL/kF/yH/JL/gMAAAAAAAAAAAAAAAAAAAAAAAAAwLa4cP58NjXuLS+Ws/L4wPzcZO2d4+OV+mRpaq5cKtdmrpQmarWJaqVUrk393fsltdqVkZieuzo8W6nPDtfnF96aqs1Nd/5TtFLc9h4BAAAAAAAAAAAAAAAAAADAv89gc0rSUkSkzfk0LZUi/hMRh5JILl2uVkYi4r8R8UOhuDcrj/a70QAAAAAAAAAAAAAAAAAAALDL1OcXJseq1cpMTmYGtrJyRCw93mZk77jlVxXb++pJ2YZm8jDT54EJAAAAAAAAAAAAAAAAAABy6P5Nv72+4s/tbRAAAAAAAAAAAAAAAAAAAADkUvpLEhHZdHTohcH1tXuSlULzOSLevXnxw6tjs7Mzo9nyO6vLZz9qLz/Rj/YDverkaRoRWR4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA99XnFybHqtXKzDbO9LuPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/irwAAAP//49DVXQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x193042, 0x0) readv(r0, &(0x7f0000000040)=[{0x0}, {0x0, 0xfffffff3}, {0x0}, {&(0x7f0000000140)=""/50, 0x2b}], 0x4) 1.249464599s ago: executing program 1 (id=1456): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110c230000) ioctl$TUNSETOFFLOAD(r0, 0x80047441, 0xf0ff1f00000000) 1.137966101s ago: executing program 4 (id=1457): r0 = syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x120c083, &(0x7f0000000480), 0xfd, 0x111d, &(0x7f0000000640)="$eJzs2bFqFFEUBuD/7qwm3cjYD4IWFhIS1gcwhcK2ttqIBARTZUFQfA3fwLfwFTSVtSG9FgFLYWScHRMloCGbQOD7YPeeOTNnzr3lvRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoTZOvJbk5SZoxN0lSkrbdnx8macf8jY/VJCWPd+aLh3uzR4sk1a/Hy5Ok9FV9WZqt2+vNrJk1W839B9t3Pi1ev3n5bHd3Z2/5mpI2B0crXUUZ/6qTubLSHgAAAHBldedW592r/+l0/cvF9AcAAAD+ZeUHCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABn1NXHcTMGkyQladv9+WGS9pS6a5c0PwAAAOD8SiZ5Wp+WH44Bjt3L57r8zvfj99LHm3lfp0wvb8oAAABw5bz48Mdlt7YMTn5f/9EN+n333UyHffn6cO9WptnYGOLlkG/bSZVk869eB0dvn4+/0lXJ2sWsCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJ/swAEJAAAAgKD/r9sRKAAAAAAAAAAAAAAAAAAAAAAAAAAAFwUAAP//cLriEQ==") syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000100)='.\x00', 0x1a484bc, &(0x7f0000000200)=ANY=[@ANYRES8=r0, @ANYBLOB="eea73c3ca047349ab66dff07b1e2bdc61875c6ccebea30ba1b8977c632dd4bd75d3cfd10cce0c88ccff0ff447cd9caded4abf65767e9dbbd7b5841a8ce3eae5cb5abfd7d4fb44c7151dec2b7b8f9cf870af04f1cc951b195c7fd36ffdbd0622cdc14395f095fb0d31f384214d59a0105d577557215473973f3b70178f49f07562f4d21cad59fafb7fbaf76061c56fdd2093329e2ece7cf96435bca11a90ba7f31e69c4b73ba3d172906ffc90f5de134a696a731d20a9cf70009a31f83d4b774b0d99de69f14de9e655b84b646166d979b9cdbde38324510998bba500000000007cf791c3e2fc9c72f920a64e0000000000000000000000b5ff5bb6b1fa869800651587af", @ANYRES8, @ANYRESDEC=r0, @ANYRESOCT, @ANYRES16, @ANYRESHEX=r0, @ANYRESHEX, @ANYRESDEC], 0x1, 0x0, &(0x7f0000000480)) syz_mount_image$msdos(&(0x7f0000000940), &(0x7f0000001cc0)='.\x00', 0x3a6a43b, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000)) 1.062955163s ago: executing program 1 (id=1458): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r4}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r5, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, 0x0, 0x0) shutdown(r5, 0x2) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVdn:Dd', 0x0) r7 = socket$inet_dccp(0x2, 0x6, 0x0) ppoll(&(0x7f0000000280)=[{r7, 0x8042}, {r4, 0x1}, {r6, 0x4008}], 0x3, 0x0, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) 1.049340673s ago: executing program 0 (id=1459): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000080)={0x0, 0x5}, 0x8) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 918.916795ms ago: executing program 0 (id=1460): socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50) socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r3, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) shutdown(r3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) epoll_create1(0x0) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVdn:Dd', 0x0) 1.90793ms ago: executing program 1 (id=1461): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x62200, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r2, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000080)={0x0, 0x5, 0x1, "fd"}, 0x9) sendto$inet6(r2, &(0x7f00000000c0)="eb", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x23, &(0x7f0000000340)={0x0, 0x5}, 0x8) openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) set_mempolicy(0x4005, &(0x7f0000000040)=0x10000000005, 0x7) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) close_range(r3, 0xffffffffffffffff, 0x0) 0s ago: executing program 0 (id=1462): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback=0x19}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) rt_sigaction(0x40, 0x0, 0x0, 0x8, &(0x7f0000001540)) syz_open_dev$tty20(0xc, 0x4, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) write$vga_arbiter(0xffffffffffffffff, 0x0, 0xc) write$vga_arbiter(0xffffffffffffffff, &(0x7f00000000c0)=@unlock_all, 0xb) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x0, 0x18c, 0x203, 0x320, 0x19030000, 0x410, 0x2e0, 0x2e0, 0x410, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x20, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0xe}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x8}, {}, {0x16}, {0x0, 0xff}, {}, {0x7}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0x101}, {}, {0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x9}, {0xfffc, 0x0, 0x0, 0x6}, {}, {0xfffe}, {}, {}, {}, {0xfffe, 0xfb}, {}, {0x7a04}, {}, {}, {0x20, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb8c, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {0x3}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0xb}, {0x4, 0x2}]}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz0\x00', {0x8001}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz0\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540) kernel console output (not intermixed with test programs): strongly recommended to keep mac addresses unique to avoid problems! [ 41.233381][ T4306] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.243879][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 41.246594][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 41.252650][ T4306] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.255006][ T4306] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.257302][ T4306] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.260471][ T4306] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.267166][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 41.270297][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 41.278724][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 41.287088][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 41.289999][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 41.292792][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 41.300944][ T4307] device veth1_vlan entered promiscuous mode [ 41.327915][ T4308] device veth0_vlan entered promiscuous mode [ 41.352801][ T4308] device veth1_vlan entered promiscuous mode [ 41.368436][ T4307] device veth0_macvtap entered promiscuous mode [ 41.374124][ T4307] device veth1_macvtap entered promiscuous mode [ 41.384940][ T4320] device veth0_vlan entered promiscuous mode [ 41.394403][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 41.396970][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 41.399990][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 41.402726][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 41.405361][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 41.408043][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 41.411929][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 41.414515][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 41.417132][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 41.420809][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 41.423272][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 41.457655][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 41.474755][ T4402] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.476919][ T4402] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.484399][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 41.491873][ T4307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.494796][ T4307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.497508][ T4307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.501232][ T4307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.505150][ T4307] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.507838][ T4320] device veth1_vlan entered promiscuous mode [ 41.515580][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 41.518522][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 41.541896][ T4307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.544858][ T4307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.547513][ T4307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.550938][ T4307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.554661][ T4307] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.556747][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 41.560386][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 41.572706][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.574197][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.575008][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.577267][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.597087][ T4307] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.599961][ T4307] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.602374][ T4307] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.604749][ T4307] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.608149][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 41.610960][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 41.626542][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 41.629960][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 41.644880][ T4308] device veth0_macvtap entered promiscuous mode [ 41.652953][ T4308] device veth1_macvtap entered promiscuous mode [ 41.659664][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 41.662442][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 41.664963][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 41.667670][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 41.677304][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.678226][ T4320] device veth0_macvtap entered promiscuous mode [ 41.682152][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.689173][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 41.692216][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 41.700085][ T4320] device veth1_macvtap entered promiscuous mode [ 41.768117][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.795079][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.798112][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.804424][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.807141][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.810698][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.815318][ T4320] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.873104][ T4308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.876048][ T4308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.878777][ T4308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.881978][ T4308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.884628][ T4308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.887311][ T4308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.890584][ T4308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.893302][ T4308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.897650][ T4308] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.905085][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 41.907653][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 41.911184][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 41.913880][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 41.916570][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 41.933868][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.939277][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.942160][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.944969][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.947530][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.952089][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.956465][ T4320] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.959869][ T4308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.962964][ T4308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.965890][ T4308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.968773][ T4308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.973403][ T4308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.978238][ T4308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.981852][ T4308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.984931][ T4308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.996793][ T4308] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.009979][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.012402][ T1606] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.013173][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.014811][ T1606] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.028661][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.036387][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.041847][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 42.047013][ T4320] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.054464][ T4320] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.057248][ T4320] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.060464][ T4320] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.074823][ T4308] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.077698][ T4308] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.080649][ T4308] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.083172][ T4308] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.240652][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.242958][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.495193][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 43.044944][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.047220][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.057081][ T4427] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 43.078138][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.080766][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.139790][ T4427] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 43.189196][ T4427] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.191725][ T4427] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.195473][ T4426] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 43.219884][ T4322] Bluetooth: hci1: command 0x040f tx timeout [ 43.221755][ T4322] Bluetooth: hci4: command 0x040f tx timeout [ 43.223383][ T4322] Bluetooth: hci0: command 0x040f tx timeout [ 43.225085][ T4322] Bluetooth: hci2: command 0x040f tx timeout [ 43.258621][ T4427] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.261166][ T4427] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.264558][ T4426] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 43.284750][ T4313] Bluetooth: hci3: command 0x040f tx timeout [ 44.134228][ T4446] loop2: detected capacity change from 0 to 512 [ 44.149270][ T4446] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 44.169830][ T4435] loop3: detected capacity change from 0 to 4096 [ 44.342768][ T4435] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 44.345377][ T4435] UDF-fs: Scanning with blocksize 512 failed [ 44.356084][ T4446] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.8: casefold flag without casefold feature [ 44.395061][ T4435] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 98: 0xda != 0xd9 [ 44.412712][ T4446] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.8: couldn't read orphan inode 15 (err -117) [ 44.418285][ T4446] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 45.177073][ T4435] UDF-fs: warning (device loop3): udf_fill_super: No fileset found [ 45.304737][ T4322] Bluetooth: hci2: command 0x0419 tx timeout [ 45.304780][ T4313] Bluetooth: hci0: command 0x0419 tx timeout [ 45.306546][ T4322] Bluetooth: hci4: command 0x0419 tx timeout [ 45.308163][ T4313] Bluetooth: hci1: command 0x0419 tx timeout [ 45.383159][ T4317] Bluetooth: hci3: command 0x0419 tx timeout [ 45.703904][ T4309] EXT4-fs (loop2): unmounting filesystem. [ 45.777910][ T4475] netlink: 8 bytes leftover after parsing attributes in process `syz.1.24'. [ 48.273660][ T4506] netlink: 'syz.2.21': attribute type 1 has an invalid length. [ 49.287028][ T4522] loop3: detected capacity change from 0 to 512 [ 49.990075][ T4522] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 50.070490][ T4512] loop0: detected capacity change from 0 to 4096 [ 50.081135][ T4522] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.25: casefold flag without casefold feature [ 50.085196][ T4522] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.25: couldn't read orphan inode 15 (err -117) [ 50.105792][ T4522] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 50.119093][ T4512] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 50.121380][ T4512] UDF-fs: Scanning with blocksize 512 failed [ 50.222283][ T4512] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 98: 0xda != 0xd9 [ 50.225932][ T4512] UDF-fs: warning (device loop0): udf_fill_super: No fileset found [ 53.762799][ T4548] tipc: Started in network mode [ 53.764372][ T4548] tipc: Node identity 667dd0a06ee7, cluster identity 4711 [ 53.766534][ T4548] tipc: Enabled bearer , priority 0 [ 53.800501][ T4548] device syzkaller0 entered promiscuous mode [ 53.831448][ T4307] EXT4-fs (loop3): unmounting filesystem. [ 53.850337][ T4548] tipc: Resetting bearer [ 53.852682][ T4548] syzkaller0: tun_net_xmit 90 [ 53.867599][ T4547] tipc: Resetting bearer [ 53.980122][ T4547] tipc: Disabling bearer [ 54.037825][ T4556] loop2: detected capacity change from 0 to 1024 [ 54.046911][ T4556] ======================================================= [ 54.046911][ T4556] WARNING: The mand mount option has been deprecated and [ 54.046911][ T4556] and is ignored by this kernel. Remove the mand [ 54.046911][ T4556] option from the mount to silence this warning. [ 54.046911][ T4556] ======================================================= [ 54.057981][ T4556] EXT4-fs: Ignoring removed nobh option [ 54.059995][ T4556] EXT4-fs: Ignoring removed bh option [ 54.071317][ T4556] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 54.099801][ T4556] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 54.960038][ T4309] EXT4-fs (loop2): unmounting filesystem. [ 58.008841][ C0] sched: RT throttling activated [ 58.024925][ T4592] loop3: detected capacity change from 0 to 1024 [ 58.278927][ T27] audit: type=1326 audit(58.230:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4582 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5cc28 code=0x7ffc0000 [ 58.285501][ T27] audit: type=1326 audit(58.230:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4582 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5cc28 code=0x7ffc0000 [ 58.307283][ T4596] netlink: 'syz.4.45': attribute type 1 has an invalid length. [ 59.109783][ T4603] loop2: detected capacity change from 0 to 256 [ 59.165418][ T4603] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 59.168501][ T4603] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 59.234831][ T4603] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 59.255365][ T27] audit: type=1326 audit(58.240:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4582 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff89b5cc28 code=0x7ffc0000 [ 59.336764][ T27] audit: type=1326 audit(58.240:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4582 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5cc28 code=0x7ffc0000 [ 59.449244][ T27] audit: type=1326 audit(58.240:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4582 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5cc28 code=0x7ffc0000 [ 59.468962][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 59.485740][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 59.516343][ T4609] device veth3 entered promiscuous mode [ 59.544065][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 59.546268][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 59.572751][ T4618] hfsplus: request for non-existent node 33423360 in B*Tree [ 59.574823][ T4618] hfsplus: request for non-existent node 33423360 in B*Tree [ 59.601067][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 59.603222][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.244866][ T4618] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.246920][ T4618] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.277101][ T4615] loop0: detected capacity change from 0 to 1024 [ 60.309644][ T4615] EXT4-fs: Ignoring removed nobh option [ 60.311153][ T4615] EXT4-fs: Ignoring removed bh option [ 60.320841][ T4619] loop2: detected capacity change from 0 to 2048 [ 60.323358][ T4619] EXT4-fs: Ignoring removed mblk_io_submit option [ 60.325944][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.327858][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.339897][ T4615] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 60.343154][ T4622] tipc: Started in network mode [ 60.344481][ T4622] tipc: Node identity b234a267b0f4, cluster identity 4711 [ 60.356807][ T4622] tipc: Enabled bearer , priority 0 [ 60.364838][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.367232][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.367514][ T4622] device syzkaller0 entered promiscuous mode [ 60.380590][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.382561][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.385206][ T4615] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 60.399524][ T4619] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 60.411406][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.413416][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.428415][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.430540][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.458929][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.460951][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.541591][ T4630] tipc: Resetting bearer [ 60.571924][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.578320][ T4592] hfsplus: request for non-existent node 33423360 in B*Tree [ 60.652841][ T4632] mkiss: ax0: crc mode is auto. [ 60.673474][ T4621] tipc: Resetting bearer [ 60.693383][ T4308] EXT4-fs (loop0): unmounting filesystem. [ 60.809989][ T4621] tipc: Disabling bearer [ 61.829601][ T4635] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.832278][ T4635] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.994401][ T4653] loop1: detected capacity change from 0 to 32768 [ 62.012404][ T4653] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 62.017193][ T4653] XFS (loop1): Mounting V5 Filesystem [ 62.071941][ T4653] XFS (loop1): Ending clean mount [ 62.098715][ T4653] XFS (loop1): Quotacheck needed: Please wait. [ 62.119522][ T4653] XFS (loop1): Quotacheck: Done. [ 62.524420][ T4306] XFS (loop1): Unmounting Filesystem [ 62.547332][ T4635] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 62.597652][ T4635] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 63.113996][ T4670] loop1: detected capacity change from 0 to 32768 [ 63.119015][ T4635] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.121819][ T4635] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.124196][ T4635] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.137150][ T4670] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.56 (4670) [ 63.140445][ T4635] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.156291][ T4670] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 63.160125][ T4670] BTRFS info (device loop1): using sha256 (sha256-ce) checksum algorithm [ 63.162422][ T4670] BTRFS info (device loop1): using free space tree [ 63.214585][ T4670] BTRFS info (device loop1): enabling ssd optimizations [ 63.337975][ T4670] BTRFS info (device loop1): Snapshot src from another FS [ 63.363709][ T4306] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 63.490063][ T4642] tipc: Started in network mode [ 63.491522][ T4642] tipc: Node identity 222f4ae20044, cluster identity 4711 [ 63.493485][ T4642] tipc: Enabled bearer , priority 0 [ 63.559220][ T4644] device syzkaller0 entered promiscuous mode [ 63.643859][ T4645] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 63.668271][ T4645] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 63.673836][ T4309] EXT4-fs (loop2): unmounting filesystem. [ 63.678629][ T4660] tipc: Resetting bearer [ 63.741233][ T4703] Zero length message leads to an empty skb [ 63.770892][ T4660] tipc: Disabling bearer [ 63.781005][ T4700] sch_tbf: burst 1821 is lower than device lo mtu (65550) ! [ 64.000047][ T4703] netlink: 12 bytes leftover after parsing attributes in process `syz.0.69'. [ 64.569833][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.572420][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 64.813056][ T4710] loop3: detected capacity change from 0 to 512 [ 64.816351][ T4710] EXT4-fs: Ignoring removed nobh option [ 64.960922][ T4710] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 64.964268][ T4710] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it [ 64.969135][ T4710] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.59: Corrupt directory, running e2fsck is recommended [ 64.978024][ T4710] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 64.986901][ T4710] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.59: corrupted in-inode xattr [ 64.994938][ T4710] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.59: couldn't read orphan inode 15 (err -117) [ 65.199795][ T4710] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 65.886115][ T4307] EXT4-fs (loop3): unmounting filesystem. [ 66.034707][ T4732] netlink: 8 bytes leftover after parsing attributes in process `syz.2.64'. [ 66.836021][ T4735] binder: 4734:4735 tried to acquire reference to desc 0, got 1 instead [ 66.895730][ T4735] binder_alloc: 4734: pid 4734 spamming oneway? 2 buffers allocated for a total size of 5120 [ 66.920355][ T4735] binder_alloc: 4734: pid 4734 spamming oneway? 3 buffers allocated for a total size of 5128 [ 66.930383][ T4735] binder: 4734:4735 BC_FREE_BUFFER u0000000000000000 no match [ 66.939467][ T4346] binder: undelivered TRANSACTION_COMPLETE [ 66.941184][ T4346] binder: undelivered TRANSACTION_COMPLETE [ 66.942723][ T4346] binder: undelivered TRANSACTION_COMPLETE [ 66.957037][ T4738] netlink: 40 bytes leftover after parsing attributes in process `syz.3.66'. [ 66.968188][ T4346] binder: undelivered transaction 6, process died. [ 66.970202][ T4346] binder: undelivered transaction 7, process died. [ 66.971997][ T4346] binder: undelivered transaction 5, process died. [ 68.295506][ T4754] sch_tbf: burst 1821 is lower than device lo mtu (65550) ! [ 68.482364][ T4759] netlink: 12 bytes leftover after parsing attributes in process `syz.4.74'. [ 69.439211][ T4768] loop1: detected capacity change from 0 to 512 [ 69.534318][ T4768] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 69.538280][ T4768] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 69.621320][ T4761] tipc: Enabled bearer , priority 0 [ 69.730814][ T22] cfg80211: failed to load regulatory.db [ 69.760305][ T4763] device syzkaller0 entered promiscuous mode [ 69.848630][ T4768] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 69.863583][ T4768] EXT4-fs (loop1): 1 truncate cleaned up [ 69.865344][ T4768] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 71.036011][ T4417] tipc: Node number set to 577456866 [ 71.532030][ T4791] loop0: detected capacity change from 0 to 512 [ 71.553425][ T4791] EXT4-fs: Ignoring removed nobh option [ 71.610525][ T4791] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 71.613967][ T4791] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it [ 71.627078][ T4791] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.79: Corrupt directory, running e2fsck is recommended [ 71.654841][ T4791] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117 [ 71.675174][ T4791] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2195: inode #15: comm syz.0.79: corrupted in-inode xattr [ 71.695579][ T4791] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.79: couldn't read orphan inode 15 (err -117) [ 71.717371][ T4791] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 72.032352][ T4763] tipc: Resetting bearer [ 72.138960][ T4306] EXT4-fs (loop1): unmounting filesystem. [ 72.173052][ T4782] tipc: Started in network mode [ 72.174479][ T4782] tipc: Node identity 860e42cbb0d1, cluster identity 4711 [ 72.191119][ T4782] tipc: Enabled bearer , priority 0 [ 72.303162][ T4745] tipc: Resetting bearer [ 72.352461][ T4308] EXT4-fs (loop0): unmounting filesystem. [ 72.400770][ T4745] tipc: Disabling bearer [ 72.413858][ T4784] device syzkaller0 entered promiscuous mode [ 72.418412][ T4802] netlink: 40 bytes leftover after parsing attributes in process `syz.4.83'. [ 72.432154][ T4802] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.434568][ T4802] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.447266][ T4802] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.458929][ T4802] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.464699][ T4794] tipc: Resetting bearer [ 72.551381][ T4794] tipc: Disabling bearer [ 73.895363][ T4806] netlink: 8 bytes leftover after parsing attributes in process `syz.0.84'. [ 73.965973][ T4822] tipc: Enabled bearer , priority 0 [ 73.975413][ T4821] tipc: Started in network mode [ 73.976770][ T4821] tipc: Node identity aede7d5f7547, cluster identity 4711 [ 73.981566][ T4821] tipc: Enabled bearer , priority 0 [ 73.983888][ T4822] device syzkaller0 entered promiscuous mode [ 74.107468][ T4821] device syzkaller0 entered promiscuous mode [ 74.166813][ T4832] tipc: Resetting bearer [ 74.176705][ T4821] tipc: Resetting bearer [ 74.201430][ T4818] tipc: Resetting bearer [ 74.313909][ T4818] tipc: Disabling bearer [ 74.320737][ T4817] tipc: Resetting bearer [ 74.419770][ T4817] tipc: Disabling bearer [ 74.508728][ T4834] tipc: Enabled bearer , priority 0 [ 74.511941][ T4834] device syzkaller0 entered promiscuous mode [ 74.602070][ T4835] tipc: Resetting bearer [ 75.126769][ T4833] tipc: Resetting bearer [ 75.820629][ T4417] tipc: Node number set to 144363680 [ 76.719785][ T4833] tipc: Disabling bearer [ 76.863134][ T4856] loop3: detected capacity change from 0 to 1024 [ 76.902644][ T4856] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 78.176616][ T4872] loop1: detected capacity change from 0 to 256 [ 78.976829][ T4873] EXT4-fs error (device loop3): ext4_generic_delete_entry:2729: inode #2: block 16: comm syz.3.100: bad entry in directory: inode out of bounds - offset=12, inode=1282, rec_len=12, size=1024 fake=1 [ 78.984504][ T4873] EXT4-fs error (device loop3) in ext4_delete_entry:2800: Corrupt filesystem [ 78.987405][ T4873] EXT4-fs warning (device loop3): ext4_rename_delete:3778: inode #2: comm syz.3.100: Deleting old file: nlink 4, error=-117 [ 79.018896][ T4872] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 80.016538][ T4307] EXT4-fs (loop3): unmounting filesystem. [ 81.247425][ T4897] loop1: detected capacity change from 0 to 1024 [ 81.253695][ T4897] EXT4-fs: Ignoring removed nobh option [ 81.620094][ T4897] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 84.553466][ T4306] EXT4-fs (loop1): unmounting filesystem. [ 84.587086][ T4931] tipc: Enabled bearer , priority 0 [ 84.607040][ T4931] device syzkaller0 entered promiscuous mode [ 84.735112][ T4936] tipc: Resetting bearer [ 84.899855][ T4930] tipc: Resetting bearer [ 85.039244][ T4942] loop3: detected capacity change from 0 to 164 [ 85.317451][ T4942] Unsupported NM flag settings (8) [ 85.635823][ T4311] tipc: Node number set to 920601291 [ 85.899936][ T4930] tipc: Disabling bearer [ 87.105948][ T4957] loop3: detected capacity change from 0 to 40427 [ 87.194117][ T4957] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x7 [ 87.196420][ T4957] F2FS-fs (loop3): Unrecognized mount option "barrier" or missing value [ 88.985249][ T4968] device macsec0 entered promiscuous mode [ 88.989070][ T4317] Bluetooth: hci0: command 0x0406 tx timeout [ 89.274386][ T4974] loop1: detected capacity change from 0 to 128 [ 89.448215][ T4974] EXT4-fs: Ignoring removed nomblk_io_submit option [ 89.450329][ T4974] EXT4-fs: Ignoring removed nomblk_io_submit option [ 89.457915][ T4974] EXT4-fs (loop1): Test dummy encryption mode enabled [ 90.293284][ T4974] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 90.304681][ T4974] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-ce" [ 91.505627][ T4974] fscrypt: AES-256-XTS using implementation "xts-aes-ce" [ 91.554439][ T4974] EXT4-fs (loop1): unmounting filesystem. [ 92.218385][ T5005] serio: Serial port ptm0 [ 93.119935][ T27] audit: type=1326 audit(92.430:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4996 comm="syz.4.135" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b95cc28 code=0x0 [ 93.563375][ T5009] loop4: detected capacity change from 0 to 256 [ 93.600738][ T5009] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 93.603598][ T5009] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 93.611038][ T5011] loop3: detected capacity change from 0 to 1024 [ 93.614091][ T5011] EXT4-fs: Ignoring removed nobh option [ 93.615574][ T5011] EXT4-fs: Ignoring removed bh option [ 93.636477][ T5013] loop2: detected capacity change from 0 to 512 [ 93.647041][ T5013] EXT4-fs: Ignoring removed nobh option [ 93.654302][ T5009] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 93.669266][ T5013] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 93.804637][ T5011] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 93.815355][ T5013] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.139: iget: bad i_size value: 38620345925642 [ 93.830664][ T5013] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.139: couldn't read orphan inode 15 (err -117) [ 95.998345][ T5013] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 96.988642][ T5018] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 97.003973][ T4508] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 1536 with error 28 [ 97.007772][ T4508] EXT4-fs (loop2): This should not happen!! Data will be lost [ 97.007772][ T4508] [ 97.016459][ T4508] EXT4-fs (loop2): Total free blocks count 0 [ 97.023207][ T4307] EXT4-fs (loop3): unmounting filesystem. [ 97.195186][ T4508] EXT4-fs (loop2): Free/Dirty block details [ 97.210355][ T4508] EXT4-fs (loop2): free_blocks=0 [ 97.211905][ T4508] EXT4-fs (loop2): dirty_blocks=1536 [ 97.213394][ T4508] EXT4-fs (loop2): Block reservation details [ 97.517813][ T4508] EXT4-fs (loop2): i_reserved_data_blocks=1536 [ 98.087373][ T4309] EXT4-fs (loop2): unmounting filesystem. [ 99.441757][ T4317] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201' [ 99.444679][ T4317] CPU: 0 PID: 4317 Comm: kworker/u5:3 Not tainted 6.1.146-syzkaller #0 [ 99.446848][ T4317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 99.449522][ T4317] Workqueue: hci4 hci_rx_work [ 99.450827][ T4317] Call trace: [ 99.451698][ T4317] dump_backtrace+0x1c8/0x1f4 [ 99.452986][ T4317] show_stack+0x2c/0x3c [ 99.454184][ T4317] __dump_stack+0x30/0x40 [ 99.455361][ T4317] dump_stack_lvl+0xf8/0x160 [ 99.456847][ T4317] dump_stack+0x1c/0x5c [ 99.458053][ T4317] sysfs_create_dir_ns+0x22c/0x24c [ 99.459447][ T4317] kobject_add_internal+0x5a8/0xb30 [ 99.460914][ T4317] kobject_add+0x134/0x1f8 [ 99.462088][ T4317] device_add+0x3f0/0xf94 [ 99.463296][ T4317] hci_conn_add_sysfs+0xbc/0x1cc [ 99.464753][ T4317] le_conn_complete_evt+0xa24/0xf8c [ 99.466259][ T4317] hci_le_conn_complete_evt+0x114/0x3f8 [ 99.467811][ T4317] hci_le_meta_evt+0x2c0/0x4a4 [ 99.469116][ T4317] hci_event_packet+0x6ac/0xf08 [ 99.470452][ T4317] hci_rx_work+0x324/0xaa0 [ 99.471687][ T4317] process_one_work+0x7f4/0x13a8 [ 99.473040][ T4317] worker_thread+0x8c8/0xfbc [ 99.474351][ T4317] kthread+0x250/0x2d8 [ 99.475496][ T4317] ret_from_fork+0x10/0x20 [ 99.479121][ T4317] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 99.482121][ T5058] loop0: detected capacity change from 0 to 4096 [ 99.482585][ T4317] Bluetooth: hci4: failed to register connection device [ 99.512889][ T5066] loop4: detected capacity change from 0 to 512 [ 99.517135][ T5066] EXT4-fs: Ignoring removed nobh option [ 99.778539][ T5058] NILFS (loop0): invalid segment: Checksum error in segment payload [ 99.782824][ T5058] NILFS (loop0): trying rollback from an earlier position [ 99.945937][ T5066] EXT4-fs warning (device loop4): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 100.049352][ T5066] EXT4-fs warning (device loop4): dx_probe:881: Enable large directory feature to access it [ 100.057739][ T5066] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.151: Corrupt directory, running e2fsck is recommended [ 100.278449][ T5066] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 100.285750][ T5066] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.151: corrupted in-inode xattr [ 100.303303][ T5058] NILFS (loop0): recovery complete [ 100.307698][ T5066] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.151: couldn't read orphan inode 15 (err -117) [ 100.359454][ T5066] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 100.369237][ T5073] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 100.393959][ T5066] EXT4-fs warning (device loop4): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 100.397324][ T5066] EXT4-fs warning (device loop4): dx_probe:881: Enable large directory feature to access it [ 100.535073][ T5066] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.151: Corrupt directory, running e2fsck is recommended [ 100.564800][ T5077] netlink: 4 bytes leftover after parsing attributes in process `syz.1.152'. [ 100.568371][ T5077] netlink: 4 bytes leftover after parsing attributes in process `syz.1.152'. [ 100.590413][ T5066] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 3: comm syz.4.151: path /33/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0 [ 102.851534][ T4320] EXT4-fs (loop4): unmounting filesystem. [ 103.570136][ T5100] xt_NFQUEUE: number of queues (65532) out of range (got 66665) [ 104.245119][ T5101] loop2: detected capacity change from 0 to 512 [ 104.638938][ T5101] EXT2-fs (loop2): nobh option not supported [ 104.644420][ T5101] EXT2-fs (loop2): warning: mounting ext3 filesystem as ext2 [ 104.706475][ T5105] loop3: detected capacity change from 0 to 2048 [ 104.875705][ T5105] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 108.427725][ T5132] loop4: detected capacity change from 0 to 256 [ 108.443305][ T5132] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 108.446317][ T5132] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 108.513755][ T5132] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 108.583039][ T5136] netlink: 4 bytes leftover after parsing attributes in process `syz.1.167'. [ 108.585606][ T5136] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 108.587549][ T5136] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 108.701419][ T4317] Bluetooth: hci4: command 0x0405 tx timeout [ 109.911190][ T5136] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 109.913301][ T5136] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 111.647335][ T5157] loop0: detected capacity change from 0 to 4096 [ 115.752865][ T5191] loop4: detected capacity change from 0 to 2048 [ 116.403891][ T5191] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 117.604977][ T5209] loop3: detected capacity change from 0 to 256 [ 117.901931][ T5212] loop2: detected capacity change from 0 to 2048 [ 117.904450][ T5212] UDF-fs: bad mount option "undelete`Eò±:æÈË=À4”" or missing value [ 118.379416][ T4320] EXT4-fs error (device loop4): ext4_free_inode:355: comm syz-executor: bit already cleared for inode 11 [ 119.384871][ T4320] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 119.394064][ T4320] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 119.468482][ T4320] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 119.476665][ T4320] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 119.482592][ T4320] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 120.249423][ T4320] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 120.318388][ T4320] EXT4-fs (loop4): unmounting filesystem. [ 124.562093][ T5259] process 'syz.2.196' launched '/dev/fd/5' with NULL argv: empty string added [ 126.685143][ T5276] loop4: detected capacity change from 0 to 512 [ 126.970235][ T5276] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 130.614023][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 130.615825][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 130.731125][ T5276] EXT4-fs: failed to create workqueue [ 130.732710][ T5276] EXT4-fs (loop4): mount failed [ 133.071867][ T5304] loop2: detected capacity change from 0 to 512 [ 133.399258][ T5304] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 133.903838][ T5321] ptrace attach of "./syz-executor exec"[4307] was attempted by "./syz-executor exec"[5321] [ 134.356492][ T5325] capability: warning: `syz.4.212' uses deprecated v2 capabilities in a way that may be insecure [ 134.523151][ T5327] loop3: detected capacity change from 0 to 256 [ 134.536041][ T5327] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 136.774292][ T4309] EXT4-fs (loop2): unmounting filesystem. [ 150.097096][ T5470] loop4: detected capacity change from 0 to 2048 [ 150.243018][ T5470] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 152.477631][ T5486] loop4: detected capacity change from 0 to 8 [ 153.731031][ T5496] wg1 speed is unknown, defaulting to 1000 [ 153.732832][ T5496] wg1 speed is unknown, defaulting to 1000 [ 153.735737][ T5496] wg1 speed is unknown, defaulting to 1000 [ 153.740173][ T5496] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 153.745110][ T5496] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 153.874855][ T5496] wg1 speed is unknown, defaulting to 1000 [ 153.877047][ T5496] wg1 speed is unknown, defaulting to 1000 [ 153.879114][ T5496] wg1 speed is unknown, defaulting to 1000 [ 153.881130][ T5496] wg1 speed is unknown, defaulting to 1000 [ 153.883084][ T5496] wg1 speed is unknown, defaulting to 1000 [ 153.885062][ T5496] wg1 speed is unknown, defaulting to 1000 [ 155.600718][ T5506] Bluetooth: MGMT ver 1.22 [ 156.800538][ T5523] loop4: detected capacity change from 0 to 4096 [ 158.153279][ T5523] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 158.507017][ T5529] loop3: detected capacity change from 0 to 1024 [ 158.773908][ T5534] netlink: 4 bytes leftover after parsing attributes in process `syz.1.265'. [ 160.284589][ T5555] ax25_connect(): syz.2.269 uses autobind, please contact jreuter@yaina.de [ 160.323252][ T5558] loop4: detected capacity change from 0 to 512 [ 160.328517][ T5558] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 160.344585][ T5558] EXT4-fs error (device loop4): ext4_init_orphan_info:586: comm syz.4.268: inode #0: comm syz.4.268: iget: illegal inode # [ 160.348422][ T5558] EXT4-fs (loop4): Remounting filesystem read-only [ 160.354849][ T5558] EXT4-fs (loop4): get orphan inode failed [ 160.357486][ T5558] EXT4-fs (loop4): mount failed [ 160.522259][ T4459] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 161.304380][ T5565] loop2: detected capacity change from 0 to 2048 [ 161.516739][ T5565] Alternate GPT is invalid, using primary GPT. [ 161.543979][ T5565] loop2: p1 p2 p3 [ 163.313160][ T5582] IPVS: set_ctl: invalid protocol: 51 100.1.1.0:20000 [ 163.794350][ T4309] __loop_clr_fd: partition scan of loop2 failed (rc=-16) [ 163.816761][ T5364] I/O error, dev loop2, sector 58 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 163.849206][ T5381] I/O error, dev loop2, sector 1008 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 163.863939][ T5364] I/O error, dev loop2, sector 58 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 164.026180][ T5381] I/O error, dev loop2, sector 1008 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 164.204993][ T4459] I/O error, dev loop2, sector 108 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 164.208028][ T4459] I/O error, dev loop2, sector 108 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 164.307289][ T5381] Buffer I/O error on dev loop2p3, logical block 8, async page read [ 164.329091][ T5364] Buffer I/O error on dev loop2p2, logical block 8, async page read [ 164.352689][ T4459] Buffer I/O error on dev loop2p1, logical block 8, async page read [ 164.524828][ T4459] I/O error, dev loop2, sector 109 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 164.581408][ T4313] Bluetooth: hci1: command 0x0406 tx timeout [ 164.581471][ T4317] Bluetooth: hci2: command 0x0406 tx timeout [ 164.589002][ T4322] Bluetooth: hci4: command 0x0406 tx timeout [ 164.591742][ T5381] I/O error, dev loop2, sector 1009 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 164.594393][ T5381] Buffer I/O error on dev loop2p3, logical block 9, async page read [ 164.595639][ T5364] I/O error, dev loop2, sector 59 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 165.290022][ T4317] Bluetooth: hci3: command 0x0406 tx timeout [ 165.362815][ T4459] Buffer I/O error on dev loop2p1, logical block 9, async page read [ 165.499796][ T5381] Buffer I/O error on dev loop2p3, logical block 10, async page read [ 165.505490][ T5381] Buffer I/O error on dev loop2p3, logical block 11, async page read [ 165.505846][ T5364] Buffer I/O error on dev loop2p2, logical block 9, async page read [ 165.507746][ T5381] Buffer I/O error on dev loop2p3, logical block 12, async page read [ 165.510437][ T4459] Buffer I/O error on dev loop2p1, logical block 10, async page read [ 165.589482][ T5381] blk_print_req_error: 15 callbacks suppressed [ 165.589845][ T5381] I/O error, dev loop2, sector 1013 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 165.604771][ T5381] I/O error, dev loop2, sector 1014 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 165.895647][ T5600] loop0: detected capacity change from 0 to 128 [ 165.925602][ T5381] I/O error, dev loop2, sector 1015 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 166.135944][ T5381] udevd[5381]: setting owner of /dev/loop2p3 to uid=0, gid=6 failed: No such file or directory [ 166.140151][ T5608] netlink: 4 bytes leftover after parsing attributes in process `syz.2.281'. [ 166.192200][ T5381] udevd[5381]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 166.217487][ T5381] udevd[5381]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 166.229217][ T5380] udevd[5380]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 166.241138][ T5364] udevd[5364]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 173.793857][ T5685] loop0: detected capacity change from 0 to 512 [ 173.796261][ T5685] EXT4-fs: Ignoring removed nobh option [ 173.807181][ T5669] loop3: detected capacity change from 0 to 65536 [ 173.953822][ T5685] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 174.006256][ T5685] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.299: iget: bad i_size value: 38620345925642 [ 174.044752][ T5669] XFS (loop3): Mounting V5 Filesystem [ 174.765482][ T5685] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.299: couldn't read orphan inode 15 (err -117) [ 174.779307][ T5685] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 176.346949][ T5694] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 176.456307][ T5669] XFS (loop3): Ending clean mount [ 176.475336][ T4307] XFS (loop3): Unmounting Filesystem [ 176.479400][ T4427] EXT4-fs (loop0): Delayed block allocation failed for inode 20 at logical offset 0 with max blocks 2048 with error 28 [ 176.489589][ T4427] EXT4-fs (loop0): This should not happen!! Data will be lost [ 176.489589][ T4427] [ 176.515479][ T4427] EXT4-fs (loop0): Total free blocks count 0 [ 176.517156][ T4427] EXT4-fs (loop0): Free/Dirty block details [ 176.518715][ T4427] EXT4-fs (loop0): free_blocks=0 [ 176.540055][ T4427] EXT4-fs (loop0): dirty_blocks=9932 [ 176.543793][ T4427] EXT4-fs (loop0): Block reservation details [ 176.549159][ T4427] EXT4-fs (loop0): i_reserved_data_blocks=9932 [ 176.629060][ T9] EXT4-fs (loop0): Delayed block allocation failed for inode 20 at logical offset 2052 with max blocks 2048 with error 28 [ 176.980024][ T4313] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 176.983291][ T4313] CPU: 1 PID: 4313 Comm: kworker/u5:2 Not tainted 6.1.146-syzkaller #0 [ 176.985529][ T4313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 176.988295][ T4313] Workqueue: hci3 hci_rx_work [ 176.989607][ T4313] Call trace: [ 176.990490][ T4313] dump_backtrace+0x1c8/0x1f4 [ 176.991850][ T4313] show_stack+0x2c/0x3c [ 176.993016][ T4313] __dump_stack+0x30/0x40 [ 176.994230][ T4313] dump_stack_lvl+0xf8/0x160 [ 176.995433][ T4313] dump_stack+0x1c/0x5c [ 176.996583][ T4313] sysfs_create_dir_ns+0x22c/0x24c [ 176.997966][ T4313] kobject_add_internal+0x5a8/0xb30 [ 176.999395][ T4313] kobject_add+0x134/0x1f8 [ 177.000590][ T4313] device_add+0x3f0/0xf94 [ 177.001750][ T4313] hci_conn_add_sysfs+0xbc/0x1cc [ 177.003103][ T4313] le_conn_complete_evt+0xa24/0xf8c [ 177.004499][ T4313] hci_le_conn_complete_evt+0x114/0x3f8 [ 177.005988][ T4313] hci_le_meta_evt+0x2c0/0x4a4 [ 177.007271][ T4313] hci_event_packet+0x6ac/0xf08 [ 177.008596][ T4313] hci_rx_work+0x324/0xaa0 [ 177.009828][ T4313] process_one_work+0x7f4/0x13a8 [ 177.011175][ T4313] worker_thread+0x8c8/0xfbc [ 177.012423][ T4313] kthread+0x250/0x2d8 [ 177.013550][ T4313] ret_from_fork+0x10/0x20 [ 177.021956][ T4313] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 177.144972][ T4313] Bluetooth: hci3: failed to register connection device [ 177.658030][ T5728] loop2: detected capacity change from 0 to 1024 [ 177.670391][ T5728] EXT4-fs: Ignoring removed nobh option [ 177.671885][ T5728] EXT4-fs: Ignoring removed bh option [ 177.747502][ T5728] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 177.760495][ T5725] netlink: 'syz.4.310': attribute type 1 has an invalid length. [ 178.510168][ T5725] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 178.522550][ T5725] 8021q: adding VLAN 0 to HW filter on device bond1 [ 178.537579][ T4427] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 178.557808][ T4426] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 178.645338][ T4309] EXT4-fs (loop2): unmounting filesystem. [ 178.670184][ T4456] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 179.257989][ T4313] Bluetooth: hci3: command 0x2016 tx timeout [ 182.822768][ T5776] loop2: detected capacity change from 0 to 512 [ 183.274825][ T5776] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 183.525022][ T4309] EXT4-fs (loop2): unmounting filesystem. [ 183.578251][ T5784] loop3: detected capacity change from 0 to 512 [ 183.629693][ T5784] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 183.649468][ T5784] EXT4-fs warning (device loop3): dx_probe:869: inode #2: comm syz.3.320: Unimplemented hash flags: 0x0001 [ 183.652717][ T5784] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.320: Corrupt directory, running e2fsck is recommended [ 185.008149][ T5784] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 3: comm syz.3.320: path /53/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0 [ 185.267376][ T5792] 9pnet_virtio: no channels available for device syz [ 185.279028][ T5792] fuse: Bad value for 'fd' [ 186.759544][ T4307] EXT4-fs (loop3): unmounting filesystem. [ 186.777144][ T5798] loop2: detected capacity change from 0 to 2048 [ 187.013332][ T5798] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 187.767299][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.769138][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 189.970259][ T5829] hub 6-0:1.0: USB hub found [ 189.975532][ T5829] hub 6-0:1.0: 8 ports detected [ 191.287847][ T5839] netlink: 12 bytes leftover after parsing attributes in process `syz.1.334'. [ 191.334161][ T5837] fuse: Bad value for 'fd' [ 191.348134][ T5847] loop0: detected capacity change from 0 to 1024 [ 191.417196][ T5849] 8021q: adding VLAN 0 to HW filter on device bond2 [ 191.425239][ T5849] bond1: (slave bond2): Enslaving as an active interface with an up link [ 191.516803][ T5839] netlink: 4 bytes leftover after parsing attributes in process `syz.1.334'. [ 191.542388][ T5839] bond1 (unregistering): (slave bond2): Releasing backup interface [ 191.564921][ T5847] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 191.568533][ T5847] EXT4-fs (loop0): unmounting filesystem. [ 192.984324][ T5865] loop4: detected capacity change from 0 to 1024 [ 192.987907][ T5865] EXT4-fs: Ignoring removed nobh option [ 192.989588][ T5865] EXT4-fs: Ignoring removed bh option [ 193.957844][ T5865] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 193.977720][ T5839] bond1 (unregistering): Released all slaves [ 194.035779][ T5865] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 194.280922][ T4320] EXT4-fs (loop4): unmounting filesystem. [ 194.713048][ T5882] binder: 5876:5882 got transaction to invalid handle, 1 [ 194.715367][ T5882] binder: 5882:5876 cannot find target node [ 194.717235][ T5882] binder: 5876:5882 transaction async to 0:0 failed 8/29201/-22, size 72-0 line 3054 [ 196.298334][ T4389] binder: undelivered TRANSACTION_ERROR: 29201 [ 200.494436][ T5908] loop4: detected capacity change from 0 to 40427 [ 200.523494][ T5908] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 200.525797][ T5908] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 200.546470][ T5908] F2FS-fs (loop4): invalid crc value [ 203.529512][ T5908] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-4) [ 203.895739][ T5929] loop2: detected capacity change from 0 to 128 [ 203.899934][ T5929] EXT4-fs: Ignoring removed nobh option [ 204.709537][ T5934] netlink: 12 bytes leftover after parsing attributes in process `syz.0.351'. [ 205.619961][ T5929] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 205.832044][ T5938] 8021q: adding VLAN 0 to HW filter on device bond2 [ 205.834761][ T5938] bond1: (slave bond2): Enslaving as an active interface with an up link [ 205.841312][ T5934] netlink: 4 bytes leftover after parsing attributes in process `syz.0.351'. [ 205.841448][ T4309] EXT4-fs (loop2): unmounting filesystem. [ 207.023840][ T5934] bond1 (unregistering): (slave bond2): Releasing backup interface [ 208.700984][ T5934] bond1 (unregistering): Released all slaves [ 210.593735][ T5982] loop2: detected capacity change from 0 to 4096 [ 210.682952][ T5982] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 217.054204][ T6026] netlink: 4 bytes leftover after parsing attributes in process `syz.4.381'. [ 217.064095][ T6021] loop2: detected capacity change from 0 to 2048 [ 217.150031][ T6021] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 219.576248][ T4309] EXT4-fs error (device loop2): ext4_free_inode:355: comm syz-executor: bit already cleared for inode 11 [ 219.603985][ T4309] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem [ 219.607022][ T4309] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem [ 219.672273][ T4309] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem [ 219.680458][ T4309] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem [ 219.684780][ T4309] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem [ 219.687901][ T4309] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem [ 219.897005][ T4309] EXT4-fs (loop2): unmounting filesystem. [ 220.976920][ T6042] loop3: detected capacity change from 0 to 8192 [ 221.025743][ T6052] netlink: 12 bytes leftover after parsing attributes in process `syz.2.375'. [ 221.032785][ T6042] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 221.212585][ T6042] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 221.224693][ T6042] REISERFS (device loop3): using ordered data mode [ 221.227329][ T6042] reiserfs: using flush barriers [ 221.260754][ T6042] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 221.273037][ T6042] REISERFS (device loop3): checking transaction log (loop3) [ 222.298219][ T6061] xt_socket: unknown flags 0x50 [ 222.486439][ T6042] REISERFS (device loop3): Using r5 hash to sort names [ 222.495520][ T6042] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 222.843435][ T6056] 8021q: adding VLAN 0 to HW filter on device bond2 [ 222.846148][ T6056] bond1: (slave bond2): Enslaving as an active interface with an up link [ 222.855422][ T6052] netlink: 4 bytes leftover after parsing attributes in process `syz.2.375'. [ 223.896323][ T6052] bond1 (unregistering): (slave bond2): Releasing backup interface [ 224.050863][ T6052] bond1 (unregistering): Released all slaves [ 226.125607][ T6089] loop2: detected capacity change from 0 to 1024 [ 226.128041][ T6089] EXT4-fs: Ignoring removed nobh option [ 227.385533][ T6089] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 231.839377][ T4309] EXT4-fs (loop2): unmounting filesystem. [ 231.898242][ T6120] netlink: 'syz.0.396': attribute type 1 has an invalid length. [ 232.091057][ T6122] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 234.596531][ T6127] device veth3 entered promiscuous mode [ 234.604342][ T6127] bond1: (slave veth3): Enslaving as a backup interface with a down link [ 237.208586][ T6154] loop2: detected capacity change from 0 to 1024 [ 237.469047][ T6154] hfsplus: unable to load nls mapping "koi8-" [ 237.473235][ T6154] hfsplus: unable to parse mount options [ 240.238953][ T6181] wg1 speed is unknown, defaulting to 1000 [ 240.943331][ T6184] loop2: detected capacity change from 0 to 1024 [ 240.945915][ T6184] EXT4-fs: Ignoring removed nobh option [ 240.947455][ T6184] EXT4-fs: Ignoring removed oldalloc option [ 241.117489][ T6184] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 241.300130][ T6184] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 244.337861][ T6217] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready [ 244.495323][ T6225] loop4: detected capacity change from 0 to 1024 [ 244.510926][ T4309] EXT4-fs (loop2): unmounting filesystem. [ 245.373330][ T6225] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 248.200143][ T6246] EXT4-fs error (device loop4): ext4_generic_delete_entry:2729: inode #2: block 16: comm syz.4.426: bad entry in directory: inode out of bounds - offset=12, inode=1282, rec_len=12, size=1024 fake=1 [ 248.205913][ T6246] EXT4-fs error (device loop4) in ext4_delete_entry:2800: Corrupt filesystem [ 248.208713][ T6246] EXT4-fs warning (device loop4): ext4_rename_delete:3778: inode #2: comm syz.4.426: Deleting old file: nlink 4, error=-117 [ 248.789266][ T4320] EXT4-fs (loop4): unmounting filesystem. [ 248.923492][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 248.925396][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 250.389485][ T6268] serio: Serial port ptm0 [ 251.386263][ T27] audit: type=1326 audit(251.030:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6259 comm="syz.2.433" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3b5cc28 code=0x0 [ 251.698655][ T6273] loop4: detected capacity change from 0 to 8192 [ 251.779407][ T6280] loop3: detected capacity change from 0 to 512 [ 251.781915][ T6280] EXT4-fs: Ignoring removed nobh option [ 251.969164][ T6280] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 253.287117][ T6280] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.437: iget: bad i_size value: 38620345925642 [ 253.311302][ T6280] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.437: couldn't read orphan inode 15 (err -117) [ 253.315033][ T6280] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 254.466933][ T4455] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm kworker/u4:12: bg 0: block 5: invalid block bitmap [ 254.480426][ T4455] EXT4-fs (loop3): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 1928 with error 28 [ 254.658908][ T4455] EXT4-fs (loop3): This should not happen!! Data will be lost [ 254.658908][ T4455] [ 254.661667][ T4455] EXT4-fs (loop3): Total free blocks count 0 [ 254.663267][ T4455] EXT4-fs (loop3): Free/Dirty block details [ 254.664808][ T4455] EXT4-fs (loop3): free_blocks=0 [ 254.666084][ T4455] EXT4-fs (loop3): dirty_blocks=1928 [ 254.667490][ T4455] EXT4-fs (loop3): Block reservation details [ 255.751142][ T4455] EXT4-fs (loop3): i_reserved_data_blocks=1928 [ 255.903988][ T4307] EXT4-fs (loop3): unmounting filesystem. [ 258.033944][ T6325] loop4: detected capacity change from 0 to 256 [ 258.222764][ T6325] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 258.225807][ T6325] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 258.242182][ T6325] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 258.856256][ T6343] serio: Serial port ptm0 [ 259.089970][ T27] audit: type=1326 audit(259.040:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6334 comm="syz.3.448" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffffbc75cc28 code=0x0 [ 259.418719][ T6348] loop4: detected capacity change from 0 to 8192 [ 261.496983][ T6331] bridge0: port 2(bridge_slave_1) entered disabled state [ 261.499284][ T6331] bridge0: port 1(bridge_slave_0) entered disabled state [ 263.457979][ T6381] loop4: detected capacity change from 0 to 164 [ 263.582086][ T6385] loop3: detected capacity change from 0 to 256 [ 263.630368][ T6385] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 263.672717][ T6381] Unsupported NM flag settings (8) [ 263.952845][ T6331] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 264.011099][ T6331] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 264.667757][ T6331] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.703271][ T6331] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.706122][ T6331] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.708674][ T6331] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 266.632268][ T6408] loop3: detected capacity change from 0 to 256 [ 266.643286][ T6408] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 266.653344][ T6408] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 266.693578][ T6408] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 267.809451][ T6412] loop4: detected capacity change from 0 to 8192 [ 267.833395][ T6346] tipc: Enabled bearer , priority 0 [ 267.866758][ T6349] device syzkaller0 entered promiscuous mode [ 268.093074][ T6349] tipc: Resetting bearer [ 271.645186][ T6349] tipc: Disabling bearer [ 274.226017][ T4317] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201' [ 274.228689][ T4317] CPU: 1 PID: 4317 Comm: kworker/u5:3 Not tainted 6.1.146-syzkaller #0 [ 274.230938][ T4317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 274.233778][ T4317] Workqueue: hci4 hci_rx_work [ 274.235071][ T4317] Call trace: [ 274.236007][ T4317] dump_backtrace+0x1c8/0x1f4 [ 274.237290][ T4317] show_stack+0x2c/0x3c [ 274.238459][ T4317] __dump_stack+0x30/0x40 [ 274.239739][ T4317] dump_stack_lvl+0xf8/0x160 [ 274.240991][ T4317] dump_stack+0x1c/0x5c [ 274.242305][ T4317] sysfs_create_dir_ns+0x22c/0x24c [ 274.243882][ T4317] kobject_add_internal+0x5a8/0xb30 [ 274.245412][ T4317] kobject_add+0x134/0x1f8 [ 274.246725][ T4317] device_add+0x3f0/0xf94 [ 274.247971][ T4317] hci_conn_add_sysfs+0xbc/0x1cc [ 274.249420][ T4317] le_conn_complete_evt+0xa24/0xf8c [ 274.250980][ T4317] hci_le_conn_complete_evt+0x114/0x3f8 [ 274.252565][ T4317] hci_le_meta_evt+0x2c0/0x4a4 [ 274.253922][ T4317] hci_event_packet+0x6ac/0xf08 [ 274.255284][ T4317] hci_rx_work+0x324/0xaa0 [ 274.256553][ T4317] process_one_work+0x7f4/0x13a8 [ 274.257964][ T4317] worker_thread+0x8c8/0xfbc [ 274.259273][ T4317] kthread+0x250/0x2d8 [ 274.260497][ T4317] ret_from_fork+0x10/0x20 [ 274.270102][ T6456] loop2: detected capacity change from 0 to 256 [ 274.276644][ T4317] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 274.280345][ T4317] Bluetooth: hci4: failed to register connection device [ 277.027319][ T4317] Bluetooth: hci4: command 0x2016 tx timeout [ 279.419453][ T6488] loop4: detected capacity change from 0 to 8192 [ 279.640166][ T6503] tipc: Enabling of bearer rejected, failed to enable media [ 280.211179][ T6505] 9pnet_virtio: no channels available for device syz [ 280.241088][ T6505] fuse: Bad value for 'fd' [ 281.114634][ T6513] loop4: detected capacity change from 0 to 256 [ 282.020474][ T4313] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 282.023398][ T4313] CPU: 0 PID: 4313 Comm: kworker/u5:2 Not tainted 6.1.146-syzkaller #0 [ 282.025685][ T4313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 282.028510][ T4313] Workqueue: hci0 hci_rx_work [ 282.029885][ T4313] Call trace: [ 282.030831][ T4313] dump_backtrace+0x1c8/0x1f4 [ 282.032200][ T4313] show_stack+0x2c/0x3c [ 282.033402][ T4313] __dump_stack+0x30/0x40 [ 282.034631][ T4313] dump_stack_lvl+0xf8/0x160 [ 282.035908][ T4313] dump_stack+0x1c/0x5c [ 282.037069][ T4313] sysfs_create_dir_ns+0x22c/0x24c [ 282.038589][ T4313] kobject_add_internal+0x5a8/0xb30 [ 282.040103][ T4313] kobject_add+0x134/0x1f8 [ 282.041335][ T4313] device_add+0x3f0/0xf94 [ 282.042544][ T4313] hci_conn_add_sysfs+0xbc/0x1cc [ 282.044024][ T4313] le_conn_complete_evt+0xa24/0xf8c [ 282.045538][ T4313] hci_le_conn_complete_evt+0x114/0x3f8 [ 282.047077][ T4313] hci_le_meta_evt+0x2c0/0x4a4 [ 282.048439][ T4313] hci_event_packet+0x6ac/0xf08 [ 282.049912][ T4313] hci_rx_work+0x324/0xaa0 [ 282.051181][ T4313] process_one_work+0x7f4/0x13a8 [ 282.052591][ T4313] worker_thread+0x8c8/0xfbc [ 282.053812][ T4313] kthread+0x250/0x2d8 [ 282.054923][ T4313] ret_from_fork+0x10/0x20 [ 282.062469][ T4313] kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 282.066022][ T4313] Bluetooth: hci0: failed to register connection device [ 286.140743][ T4317] Bluetooth: hci0: command 0x2016 tx timeout [ 287.731649][ T6550] hub 6-0:1.0: USB hub found [ 287.734873][ T6550] hub 6-0:1.0: 8 ports detected [ 288.398391][ T6551] loop3: detected capacity change from 0 to 8192 [ 288.545257][ T6566] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 288.550912][ T6566] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 288.572406][ T6566] input: syz0 as /devices/virtual/input/input2 [ 290.160750][ T6571] 9pnet_virtio: no channels available for device syz [ 290.190025][ T6571] fuse: Bad value for 'fd' [ 292.784970][ T6584] loop3: detected capacity change from 0 to 1024 [ 292.792928][ T6584] EXT4-fs: Ignoring removed nobh option [ 292.794524][ T6584] EXT4-fs: Ignoring removed bh option [ 292.796522][ T4313] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 292.799554][ T4313] CPU: 0 PID: 4313 Comm: kworker/u5:2 Not tainted 6.1.146-syzkaller #0 [ 292.801772][ T4313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 292.804453][ T4313] Workqueue: hci2 hci_rx_work [ 292.805714][ T4313] Call trace: [ 292.806602][ T4313] dump_backtrace+0x1c8/0x1f4 [ 292.807844][ T4313] show_stack+0x2c/0x3c [ 292.808959][ T4313] __dump_stack+0x30/0x40 [ 292.810118][ T4313] dump_stack_lvl+0xf8/0x160 [ 292.811352][ T4313] dump_stack+0x1c/0x5c [ 292.812477][ T4313] sysfs_create_dir_ns+0x22c/0x24c [ 292.813909][ T4313] kobject_add_internal+0x5a8/0xb30 [ 292.815350][ T4313] kobject_add+0x134/0x1f8 [ 292.816537][ T4313] device_add+0x3f0/0xf94 [ 292.817780][ T4313] hci_conn_add_sysfs+0xbc/0x1cc [ 292.819116][ T4313] le_conn_complete_evt+0xa24/0xf8c [ 292.820512][ T4313] hci_le_conn_complete_evt+0x114/0x3f8 [ 292.822023][ T4313] hci_le_meta_evt+0x2c0/0x4a4 [ 292.823376][ T4313] hci_event_packet+0x6ac/0xf08 [ 292.824687][ T4313] hci_rx_work+0x324/0xaa0 [ 292.825905][ T4313] process_one_work+0x7f4/0x13a8 [ 292.827324][ T4313] worker_thread+0x8c8/0xfbc [ 292.828630][ T4313] kthread+0x250/0x2d8 [ 292.829758][ T4313] ret_from_fork+0x10/0x20 [ 292.833202][ T4313] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 292.836817][ T4313] Bluetooth: hci2: failed to register connection device [ 292.843368][ T6584] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 294.519120][ T6584] EXT4-fs: error -4 creating inode table initialization thread [ 294.521893][ T6584] EXT4-fs (loop3): mount failed [ 294.900779][ T4313] Bluetooth: hci2: command 0x2016 tx timeout [ 296.871221][ T6618] loop3: detected capacity change from 0 to 1764 [ 299.137350][ T6628] loop4: detected capacity change from 0 to 8192 [ 302.629914][ T6672] netlink: 4 bytes leftover after parsing attributes in process `syz.1.526'. [ 304.237921][ T4362] libceph: connect (1)[c::]:6789 error -101 [ 304.245358][ T4362] libceph: mon0 (1)[c::]:6789 connect error [ 304.510005][ T6683] ceph: No mds server is up or the cluster is laggy [ 304.656155][ T4362] libceph: connect (1)[c::]:6789 error -101 [ 304.658145][ T4362] libceph: mon0 (1)[c::]:6789 connect error [ 305.331820][ T4417] libceph: connect (1)[c::]:6789 error -101 [ 305.365360][ T4417] libceph: mon0 (1)[c::]:6789 connect error [ 306.615500][ T6695] 9pnet_virtio: no channels available for device syz [ 306.642318][ T6695] fuse: Bad value for 'fd' [ 308.183833][ T4355] libceph: connect (1)[c::]:6789 error -101 [ 308.186529][ T4355] libceph: mon0 (1)[c::]:6789 connect error [ 308.192291][ T4417] libceph: connect (1)[c::]:6789 error -101 [ 308.194150][ T4417] libceph: mon0 (1)[c::]:6789 connect error [ 309.945494][ T6714] loop4: detected capacity change from 0 to 40427 [ 310.072465][ T6714] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 310.074752][ T6714] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 310.108343][ T6714] F2FS-fs (loop4): invalid crc value [ 310.309982][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 310.312116][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 310.443586][ T6714] F2FS-fs (loop4): Found nat_bits in checkpoint [ 310.728321][ T6714] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 310.730738][ T6714] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 310.868354][ T6717] loop2: detected capacity change from 0 to 8192 [ 315.178393][ T5285] libceph: connect (1)[c::]:6789 error -101 [ 315.180376][ T5285] libceph: mon0 (1)[c::]:6789 connect error [ 315.374300][ T6749] ceph: No mds server is up or the cluster is laggy [ 315.628692][ T6757] loop2: detected capacity change from 0 to 40427 [ 315.633172][ T5285] libceph: connect (1)[c::]:6789 error -101 [ 315.634851][ T5285] libceph: mon0 (1)[c::]:6789 connect error [ 315.637935][ T6757] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 315.640114][ T6757] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 315.649927][ T6757] F2FS-fs (loop2): invalid crc value [ 315.754111][ T6757] F2FS-fs (loop2): Found nat_bits in checkpoint [ 315.783947][ T6757] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 315.785844][ T6757] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 318.415493][ T6782] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 318.423085][ T6782] CIFS: Unable to determine destination address [ 319.608550][ T6784] loop4: detected capacity change from 0 to 8192 [ 322.532951][ T6815] Cannot find map_set index 0 as target [ 322.546007][ T6815] Cannot find set identified by id 0 to match [ 325.512078][ T6824] loop3: detected capacity change from 0 to 512 [ 325.519485][ T6824] EXT2-fs (loop3): warning: feature flags set on rev 0 fs, running e2fsck is recommended [ 325.538597][ T6824] EXT2-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 325.541346][ T6824] EXT2-fs (loop3): 0.5b, 95/08/09, bs=2048, gc=1, bpg=16384, ipg=32, mo=8021c] [ 325.726753][ T6831] loop4: detected capacity change from 0 to 128 [ 325.740494][ T6831] EXT4-fs: Ignoring removed nobh option [ 328.405206][ T6834] 9pnet_virtio: no channels available for device syz [ 328.408929][ T6834] fuse: Bad value for 'fd' [ 328.419698][ T6831] EXT4-fs: failed to create workqueue [ 328.421228][ T6831] EXT4-fs (loop4): mount failed [ 330.022727][ T6844] loop4: detected capacity change from 0 to 8192 [ 330.539642][ T6864] loop3: detected capacity change from 0 to 512 [ 330.607168][ T6864] EXT2-fs (loop3): warning: feature flags set on rev 0 fs, running e2fsck is recommended [ 330.631710][ T6864] EXT2-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 330.634175][ T6864] EXT2-fs (loop3): 0.5b, 95/08/09, bs=2048, gc=1, bpg=16384, ipg=32, mo=8021c] [ 332.031779][ T6877] loop2: detected capacity change from 0 to 64 [ 333.740001][ T6877] hfs: unable to open catalog tree [ 333.742528][ T6877] hfs: can't find a HFS filesystem on dev loop2 [ 343.388143][ T6972] loop4: detected capacity change from 0 to 4096 [ 344.309384][ T6976] loop2: detected capacity change from 0 to 64 [ 344.313170][ T6976] hfs: unable to parse mount options [ 344.960364][ T6972] ntfs: (device loop4): check_mft_mirror(): $MFT and $MFTMirr (record 2) do not match. Run ntfsfix or chkdsk. [ 344.963898][ T6972] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 344.984161][ T6972] ntfs: (device loop4): map_mft_record_page(): Mft record 0xa is corrupt. Run chkdsk. [ 344.986736][ T6972] ntfs: (device loop4): map_mft_record(): Failed with error code 5. [ 345.006551][ T6972] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 345.016726][ T6972] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 345.021991][ T6664] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 345.027717][ T6972] ntfs: volume version 3.1. [ 345.031964][ T6972] ntfs: (device loop4): ntfs_read_locked_inode(): Found compressed data but compression is disabled due to cluster size (65536) > 4kiB. [ 345.045312][ T6972] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x2 as bad. Run chkdsk. [ 345.063018][ T6972] ntfs: (device loop4): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 345.449640][ T4317] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 345.591077][ T6996] input: syz1 as /devices/virtual/input/input3 [ 347.466520][ T7002] loop3: detected capacity change from 0 to 8192 [ 348.395062][ T7010] loop2: detected capacity change from 0 to 32768 [ 348.499084][ T7010] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.606 (7010) [ 348.593382][ T7010] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 348.604942][ T7010] BTRFS info (device loop2): using crc32c (crc32c-generic) checksum algorithm [ 348.617743][ T7010] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 348.632485][ T7010] BTRFS info (device loop2): force zstd compression, level 3 [ 348.638808][ T7010] BTRFS warning (device loop2): the 'inode_cache' option is deprecated and has no effect since 5.11 [ 348.654907][ T7010] BTRFS info (device loop2): setting nodatasum [ 348.656653][ T7010] BTRFS info (device loop2): turning off barriers [ 348.658361][ T7010] BTRFS info (device loop2): turning on flush-on-commit [ 348.668936][ T7010] BTRFS info (device loop2): turning off flush-on-commit [ 348.670897][ T7010] BTRFS info (device loop2): use zlib compression, level 3 [ 348.672830][ T7010] BTRFS info (device loop2): using free space tree [ 348.820069][ T7010] BTRFS info (device loop2): enabling ssd optimizations [ 348.824782][ T7010] BTRFS info (device loop2): checking UUID tree [ 349.011748][ T4309] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 350.559403][ T7061] loop4: detected capacity change from 0 to 256 [ 351.973172][ T7061] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d) [ 352.266086][ T7063] loop2: detected capacity change from 0 to 4096 [ 352.284576][ T7063] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 352.323571][ T7063] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 353.356319][ T7072] loop2: detected capacity change from 0 to 8192 [ 353.573548][ T7080] loop4: detected capacity change from 0 to 512 [ 353.699476][ T7080] EXT4-fs: Ignoring removed mblk_io_submit option [ 354.313987][ T7080] EXT4-fs (loop4): can't mount with data_err=abort, fs mounted w/o journal [ 354.454924][ T7086] tipc: Enabled bearer , priority 0 [ 354.457566][ T7086] device syzkaller0 entered promiscuous mode [ 354.499431][ T7086] tipc: Resetting bearer [ 354.509286][ T7085] tipc: Resetting bearer [ 354.630935][ T7085] tipc: Disabling bearer [ 356.015203][ T7101] loop4: detected capacity change from 0 to 512 [ 357.109153][ T7101] Quota error (device loop4): do_check_range: Getting dqdh_next_free 256 out of range 0-7 [ 357.114619][ T7101] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 357.154434][ T7101] EXT4-fs error (device loop4): ext4_acquire_dquot:6814: comm syz.4.632: Failed to acquire dquot type 1 [ 357.351851][ T7101] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #16: comm syz.4.632: corrupted inode contents [ 357.360884][ T7101] EXT4-fs error (device loop4): ext4_dirty_inode:6119: inode #16: comm syz.4.632: mark_inode_dirty error [ 357.365528][ T7101] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #16: comm syz.4.632: corrupted inode contents [ 357.373624][ T7101] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.632: mark_inode_dirty error [ 358.388447][ T7101] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #16: comm syz.4.632: corrupted inode contents [ 358.401952][ T7101] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 358.405043][ T7101] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #16: comm syz.4.632: corrupted inode contents [ 358.469197][ T7101] EXT4-fs error (device loop4): ext4_truncate:4312: inode #16: comm syz.4.632: mark_inode_dirty error [ 358.485888][ T7101] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 358.592394][ T7123] loop2: detected capacity change from 0 to 8192 [ 359.888720][ T7101] EXT4-fs (loop4): 1 truncate cleaned up [ 359.897038][ T7101] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 360.031877][ T4320] EXT4-fs (loop4): unmounting filesystem. [ 360.049764][ T7136] tipc: Enabled bearer , priority 0 [ 360.076994][ T7136] device syzkaller0 entered promiscuous mode [ 360.208381][ T7136] tipc: Resetting bearer [ 360.429297][ T7135] tipc: Resetting bearer [ 362.307870][ T7147] loop3: detected capacity change from 0 to 16 [ 362.586401][ T7135] tipc: Disabling bearer [ 362.797535][ T7157] loop3: detected capacity change from 0 to 256 [ 362.891529][ T7143] loop4: detected capacity change from 0 to 40427 [ 362.895586][ T7143] F2FS-fs (loop4): Wrong NAT boundary, start(2560) end(3584) blocks(83968) [ 362.898272][ T7143] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 363.748971][ T7143] F2FS-fs (loop4): Fix alignment : done, start(4096) end(16896) block(12288) [ 363.764309][ T7143] F2FS-fs (loop4): invalid crc value [ 363.765883][ T7143] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-4) [ 363.856817][ T7167] loop3: detected capacity change from 0 to 4096 [ 363.882321][ T7167] ntfs3: loop3: try to read out of volume at offset 0x3fffffc0c00 [ 363.884817][ T7167] ntfs3: loop3: try to read out of volume at offset 0x3fffffc0c00 [ 363.895346][ T7167] ntfs3: loop3: try to read out of volume at offset 0x3fffffc0c00 [ 363.897614][ T7167] ntfs3: loop3: try to read out of volume at offset 0x3fffffc0c00 [ 363.913402][ T7167] ntfs3: loop3: try to read out of volume at offset 0x3fffffc1c00 [ 363.915943][ T7167] ntfs3: loop3: try to read out of volume at offset 0x3fffffc2c00 [ 363.918128][ T7167] ntfs3: loop3: try to read out of volume at offset 0x3fffffc4c00 [ 363.927285][ T7167] ntfs3: loop3: try to read out of volume at offset 0x3fffffc8c00 [ 364.095418][ T7167] ntfs3: loop3: try to read out of volume at offset 0x3fffffd0c00 [ 364.097921][ T7167] ntfs3: loop3: try to read out of volume at offset 0x3fffffe0c00 [ 367.780897][ T7204] tipc: Enabling of bearer rejected, failed to enable media [ 367.786352][ T7209] loop3: detected capacity change from 0 to 64 [ 367.790796][ T7208] loop2: detected capacity change from 0 to 8 [ 368.659979][ T7209] hfs: dir_umask requires a value [ 368.661533][ T7209] hfs: unable to parse mount options [ 368.679939][ T7208] SQUASHFS error: zlib decompression failed, data probably corrupt [ 368.682451][ T7208] SQUASHFS error: Failed to read block 0x9b: -5 [ 368.684103][ T7208] SQUASHFS error: Unable to read metadata cache entry [99] [ 368.766081][ T7208] SQUASHFS error: Unable to read inode 0x127 [ 368.839870][ T6134] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 368.868911][ T6135] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 369.849928][ T7220] loop2: detected capacity change from 0 to 8192 [ 369.860310][ T7223] loop4: detected capacity change from 0 to 128 [ 369.863799][ T7223] befs: (loop4): No write support. Marking filesystem read-only [ 369.949602][ T7223] befs: (loop4): invalid magic header [ 370.033502][ T7231] loop4: detected capacity change from 0 to 128 [ 370.047474][ T7231] EXT4-fs (loop4): Invalid log cluster size: 327680 [ 370.193751][ T6664] udevd[6664]: incorrect ext4 checksum on /dev/loop4 [ 371.126861][ T7248] loop4: detected capacity change from 0 to 128 [ 371.151584][ T7246] loop3: detected capacity change from 0 to 2048 [ 371.183215][ T7248] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only [ 371.187803][ T7248] hpfs: hpfs_map_sector(): read error [ 371.293829][ T7246] loop3: p1 < > p2 < > p3 p4 [ 371.295383][ T7246] loop3: partition table partially beyond EOD, truncated [ 371.297519][ T7246] loop3: p1 start 2305 is beyond EOD, truncated [ 371.323430][ T7246] loop3: p2 start 4294902784 is beyond EOD, truncated [ 371.325565][ T7246] loop3: p3 start 3724543488 is beyond EOD, truncated [ 371.327403][ T7246] loop3: p4 size 8192 extends beyond EOD, truncated [ 371.741465][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 371.745258][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 372.319159][ T6134] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 372.446765][ T7259] loop4: detected capacity change from 0 to 4096 [ 372.474349][ T7259] ntfs: (device loop4): parse_options(): Unrecognized mount option disbble_sparse. [ 372.566614][ T6134] udevd[6134]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 372.617498][ T7265] loop3: detected capacity change from 0 to 8192 [ 372.652523][ T6664] I/O error, dev loop4, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 373.948657][ T4317] Bluetooth: hci2: unexpected event 0x06 length: 10 > 3 [ 376.307367][ T7305] loop2: detected capacity change from 0 to 8192 [ 376.332133][ T7301] loop4: detected capacity change from 0 to 32768 [ 376.566873][ T6134] I/O error, dev loop4, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 376.713592][ T7319] loop2: detected capacity change from 0 to 8192 [ 376.890458][ T7328] loop2: detected capacity change from 0 to 128 [ 376.916591][ T7328] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 376.931169][ T7328] hpfs: filesystem error: improperly stopped [ 376.934370][ T7328] hpfs: You really don't want any checks? You are crazy... [ 376.937933][ T7328] hpfs: hpfs_map_sector(): read error [ 376.940952][ T7328] hpfs: code page support is disabled [ 376.945728][ T7328] hpfs: hpfs_map_sector(): read error [ 376.947587][ T7328] hpfs: hpfs_map_sector(): read error [ 376.954186][ T7328] hpfs: filesystem error: unable to find root dir [ 381.030481][ T7361] loop4: detected capacity change from 0 to 8 [ 381.251726][ T7361] squashfs image failed sanity check [ 381.485374][ T7365] loop2: detected capacity change from 0 to 512 [ 381.489514][ T7365] EXT4-fs (loop2): bad s_min_extra_isize: 2304 [ 381.494139][ T7363] loop3: detected capacity change from 0 to 4096 [ 381.514432][ T7363] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 381.517276][ T7363] ntfs3: loop3: try to read out of volume at offset 0x1ffc00 [ 381.524587][ T7363] ntfs3: loop3: Failed to load $MFT. [ 381.568340][ T7369] loop4: detected capacity change from 0 to 512 [ 381.588197][ T7369] EXT2-fs (loop4): error: invalid #inodes per group: 4 [ 381.653766][ T7373] tipc: Enabled bearer , priority 0 [ 381.656436][ T7373] device syzkaller0 entered promiscuous mode [ 381.701580][ T7373] tipc: Resetting bearer [ 381.732480][ T7372] tipc: Resetting bearer [ 381.825464][ T7378] loop4: detected capacity change from 0 to 64 [ 381.830946][ T7372] tipc: Disabling bearer [ 383.124023][ T7395] loop4: detected capacity change from 0 to 8 [ 383.140594][ T7395] SQUASHFS error: zlib decompression failed, data probably corrupt [ 383.142872][ T7395] SQUASHFS error: Failed to read block 0x9b: -5 [ 383.144606][ T7395] SQUASHFS error: Unable to read metadata cache entry [99] [ 383.158790][ T7395] SQUASHFS error: Unable to read inode 0x127 [ 383.189966][ T6134] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 383.328302][ T7402] loop4: detected capacity change from 0 to 512 [ 383.373419][ T7380] loop3: detected capacity change from 0 to 32768 [ 383.407216][ T7402] EXT4-fs error (device loop4): ext4_quota_enable:7022: comm syz.4.737: inode #65530: comm syz.4.737: iget: illegal inode # [ 383.411970][ T7402] EXT4-fs error (device loop4): ext4_quota_enable:7025: comm syz.4.737: Bad quota inode: 65530, type: 2 [ 383.422143][ T7402] EXT4-fs warning (device loop4): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-117, ino=65530). Please run e2fsck to fix. [ 383.446253][ T7402] EXT4-fs (loop4): mount failed [ 383.503269][ T7380] OCFS2: ERROR (device loop3): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #73: fs_generation is 3923181505 [ 383.511431][ T7380] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 383.514248][ T7380] (syz.3.728,7380,1):ocfs2_read_locked_inode:521 ERROR: status = -30 [ 383.516998][ T7380] (syz.3.728,7380,1):_ocfs2_get_system_file_inode:144 ERROR: status = -30 [ 383.537699][ T7380] (syz.3.728,7380,1):ocfs2_init_local_system_inodes:492 ERROR: status=-30, sysfile=8, slot=0 [ 383.543953][ T7380] (syz.3.728,7380,1):ocfs2_init_local_system_inodes:501 ERROR: status = -30 [ 383.546346][ T7380] (syz.3.728,7380,1):ocfs2_mount_volume:1815 ERROR: status = -30 [ 383.580163][ T7380] (syz.3.728,7380,1):ocfs2_fill_super:1176 ERROR: status = -30 [ 383.611892][ T7390] loop2: detected capacity change from 0 to 32768 [ 383.712763][ T7415] loop4: detected capacity change from 0 to 512 [ 383.752049][ T7390] (syz.2.733,7390,0):ocfs2_load_local_alloc:319 ERROR: Local alloc size is invalid (la_size = 0) [ 383.754922][ T7390] (syz.2.733,7390,0):ocfs2_load_local_alloc:355 ERROR: status = -22 [ 383.757056][ T7390] (syz.2.733,7390,0):ocfs2_check_volume:2461 ERROR: status = -22 [ 383.763161][ T7390] (syz.2.733,7390,0):ocfs2_check_volume:2489 ERROR: status = -22 [ 383.765205][ T7390] (syz.2.733,7390,0):ocfs2_mount_volume:1821 ERROR: status = -22 [ 383.768736][ T7417] tipc: Enabled bearer , priority 0 [ 383.798362][ T7417] device syzkaller0 entered promiscuous mode [ 383.815460][ T7390] (syz.2.733,7390,0):ocfs2_fill_super:1176 ERROR: status = -22 [ 383.835466][ T7415] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0 [ 383.839994][ T7415] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 383.842889][ T7415] EXT4-fs error (device loop4): ext4_acquire_dquot:6814: comm syz.4.741: Failed to acquire dquot type 1 [ 383.846333][ T7417] tipc: Resetting bearer [ 383.858365][ T7415] EXT4-fs (loop4): 1 truncate cleaned up [ 383.863025][ T7415] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 383.879424][ T7416] tipc: Resetting bearer [ 384.014772][ T4320] EXT4-fs (loop4): unmounting filesystem. [ 384.041216][ T7416] tipc: Disabling bearer [ 386.134030][ T7437] loop4: detected capacity change from 0 to 64 [ 386.143814][ T7435] loop3: detected capacity change from 0 to 4096 [ 386.147255][ T7437] Unable to read inode block [ 386.152321][ T7437] MINIX-fs: get root inode failed [ 386.171017][ T7435] ntfs3: loop3: Failed to load $MFT. [ 386.269819][ T7439] loop2: detected capacity change from 0 to 4096 [ 386.287684][ T7443] loop4: detected capacity change from 0 to 8 [ 386.295904][ T4317] Bluetooth: hci1: unexpected cc 0x203e length: 2 > 1 [ 386.333717][ T7447] loop3: detected capacity change from 0 to 64 [ 386.334124][ T7443] SQUASHFS error: lzo decompression failed, data probably corrupt [ 386.366911][ T7447] hfs: get root inode failed [ 386.370202][ T7443] SQUASHFS error: Failed to read block 0x28d: -5 [ 386.373372][ T7443] SQUASHFS error: Unable to read metadata cache entry [28b] [ 386.380190][ T7443] SQUASHFS error: Unable to read inode 0x11f [ 386.391250][ T7439] ntfs: volume version 3.1. [ 386.567123][ T7453] tipc: Enabled bearer , priority 0 [ 386.613692][ T7453] device syzkaller0 entered promiscuous mode [ 386.664033][ T7453] tipc: Resetting bearer [ 386.737563][ T7452] tipc: Resetting bearer [ 387.630579][ T4355] tipc: Node number set to 3684269407 [ 387.881326][ T7452] tipc: Disabling bearer [ 387.958096][ T7469] loop2: detected capacity change from 0 to 8 [ 388.018743][ T7469] SQUASHFS error: zlib decompression failed, data probably corrupt [ 388.025199][ T7471] loop3: detected capacity change from 0 to 128 [ 388.042372][ T7469] SQUASHFS error: Failed to read block 0x9b: -5 [ 388.044135][ T7469] SQUASHFS error: Unable to read metadata cache entry [99] [ 388.046093][ T7469] SQUASHFS error: Unable to read inode 0x127 [ 388.069703][ T7471] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only [ 388.073993][ T7471] hpfs: filesystem error: improperly stopped [ 388.075772][ T7471] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 388.077907][ T7471] hpfs: Proceeding, but your filesystem could be corrupted if you delete files or directories [ 388.183428][ T7471] hpfs: You really don't want any checks? You are crazy... [ 388.185615][ T7471] hpfs: hpfs_map_sector(): read error [ 388.187090][ T7471] hpfs: code page support is disabled [ 388.209185][ T7471] hpfs: hpfs_map_sector(): read error [ 388.210859][ T7471] hpfs: hpfs_map_sector(): read error [ 388.212243][ T7471] hpfs: filesystem error: unable to find root dir [ 388.288434][ T7477] loop2: detected capacity change from 0 to 4096 [ 388.309660][ T7477] ntfs: (device loop2): ntfs_attr_find(): Inode is corrupt. Run chkdsk. [ 388.323430][ T7477] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x0 as bad. Run chkdsk. [ 388.330453][ T7475] loop4: detected capacity change from 0 to 8192 [ 388.338577][ T7477] ntfs: (device loop2): ntfs_read_inode_mount(): ntfs_read_inode() of $MFT failed. BUG or corrupt $MFT. Run chkdsk and if no errors are found, please report you saw this message to linux-ntfs-dev@lists.sourceforge.net [ 388.362907][ T7477] ntfs: (device loop2): ntfs_fill_super(): Failed to load essential metadata. [ 388.630928][ T7487] loop3: detected capacity change from 0 to 2364 [ 390.127929][ T7501] loop3: detected capacity change from 0 to 8192 [ 391.244025][ T7509] loop2: detected capacity change from 0 to 8192 [ 391.306363][ T7524] loop4: detected capacity change from 0 to 16 [ 391.317521][ T7524] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 391.332172][ T7524] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 391.378061][ T7524] erofs: (device loop4): EXPERIMENTAL compressed fragments feature in use. Use at your own risk! [ 391.397704][ T7524] erofs: (device loop4): EXPERIMENTAL global deduplication feature in use. Use at your own risk! [ 391.510191][ T7524] erofs: DAX unsupported by block device. Turning off DAX. [ 391.536951][ T7524] erofs: (device loop4): erofs_read_inode: unsupported chunk format ffff of nid 36 [ 394.268592][ T7548] loop4: detected capacity change from 0 to 1024 [ 394.301117][ T7548] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 394.311092][ T7548] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 394.334695][ T7548] EXT4-fs (loop4): orphan cleanup on readonly fs [ 395.149599][ T7548] EXT4-fs error (device loop4): ext4_free_blocks:6210: comm syz.4.793: Freeing blocks not in datazone - block = 0, count = 4096 [ 395.240760][ T7548] EXT4-fs (loop4): Remounting filesystem read-only [ 395.243258][ T7548] EXT4-fs (loop4): 1 orphan inode deleted [ 395.244870][ T7548] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 396.430918][ T4320] EXT4-fs (loop4): unmounting filesystem. [ 397.673206][ T4313] Bluetooth: hci0: ACL packet too small [ 397.838193][ T7588] loop2: detected capacity change from 0 to 8192 [ 397.900515][ T7588] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 397.904214][ T7588] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 397.938424][ T7588] REISERFS (device loop2): using ordered data mode [ 397.940416][ T7588] reiserfs: using flush barriers [ 399.048936][ T7588] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 399.061412][ T7588] REISERFS (device loop2): checking transaction log (loop2) [ 399.422061][ T7588] REISERFS (device loop2): Using tea hash to sort names [ 399.427669][ T7588] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 399.490106][ T4313] Bluetooth: hci1: command 0x0409 tx timeout [ 400.468351][ T7626] loop3: detected capacity change from 0 to 256 [ 400.495001][ T7626] exfat: Deprecated parameter 'utf8' [ 400.511136][ T7626] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xd9b3646f, utbl_chksum : 0xe619d30d) [ 400.530046][ T7602] loop4: detected capacity change from 0 to 32768 [ 400.532647][ T7602] XFS (loop4): sunit and swidth options incompatible with the noalign option [ 400.768029][ T6135] I/O error, dev loop4, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 401.548113][ T7644] loop3: detected capacity change from 0 to 256 [ 401.561992][ T7644] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 401.602100][ T7644] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 401.609973][ T7644] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 401.612174][ T7644] UDF-fs: Scanning with blocksize 512 failed [ 401.624707][ T7644] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 401.645312][ T7644] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 402.620227][ T7663] loop3: detected capacity change from 0 to 256 [ 402.650395][ T7663] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 403.066275][ T7653] loop4: detected capacity change from 0 to 32768 [ 403.099112][ T7653] (syz.4.826,7653,1):ocfs2_fill_super:1176 ERROR: status = -22 [ 403.151532][ T7662] loop2: detected capacity change from 0 to 32768 [ 403.154548][ T7662] (syz.2.828,7662,0):ocfs2_fill_super:1176 ERROR: status = -22 [ 403.284643][ T6664] I/O error, dev loop2, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 404.161681][ T7679] loop3: detected capacity change from 0 to 1764 [ 404.169619][ T7679] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 404.231067][ T7679] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 404.340170][ T7685] loop3: detected capacity change from 0 to 190 [ 404.344810][ T7688] loop4: detected capacity change from 0 to 256 [ 404.354288][ T7685] ntfs: (device loop3): is_boot_sector_ntfs(): Invalid boot sector checksum. [ 404.358229][ T7688] exfat: Deprecated parameter 'utf8' [ 404.359729][ T7688] exfat: Deprecated parameter 'utf8' [ 404.361167][ T7688] exfat: Deprecated parameter 'utf8' [ 404.362574][ T7688] exfat: Deprecated parameter 'namecase' [ 404.371801][ T7685] ntfs: (device loop3): ntfs_read_locked_inode(): $STANDARD_INFORMATION attribute is missing. [ 404.374934][ T7685] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 404.378438][ T7685] ntfs: (device loop3): load_system_files(): Failed to load $MFTMirr. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 404.391084][ T7688] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d) [ 404.422221][ T7685] ntfs: volume version 3.1. [ 404.423567][ T7685] ntfs: (device loop3): load_system_files(): Volume is dirty. Will not be able to remount read-write. Run chkdsk and mount in Windows. [ 404.450542][ T7685] ntfs: (device loop3): ntfs_read_locked_inode(): Inode is an extent inode! [ 404.453290][ T7685] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x2 as bad. Run chkdsk. [ 404.481239][ T7685] ntfs: (device loop3): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 404.491011][ T7685] ntfs: (device loop3): ntfs_lookup_inode_by_name(): No index allocation attribute but index entry requires one. Directory inode 0x5 is corrupt or driver bug. [ 404.510099][ T7692] loop2: detected capacity change from 0 to 2048 [ 404.513708][ T7685] ntfs: (device loop3): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 404.532911][ T7685] syz.3.837: attempt to access beyond end of device [ 404.532911][ T7685] loop3: rw=0, sector=224, nr_sectors = 8 limit=190 [ 404.536794][ T7685] syz.3.837: attempt to access beyond end of device [ 404.536794][ T7685] loop3: rw=0, sector=240, nr_sectors = 8 limit=190 [ 404.548869][ T7692] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 404.604034][ T7692] UDF-fs: incorrect filename length (10) [ 405.735056][ T7731] netlink: 40 bytes leftover after parsing attributes in process `syz.3.855'. [ 405.816551][ T7723] loop4: detected capacity change from 0 to 40427 [ 405.876007][ T7723] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 405.878285][ T7723] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 405.882025][ T7723] F2FS-fs (loop4): invalid crc value [ 405.962494][ T7738] loop3: detected capacity change from 0 to 64 [ 405.966690][ T7723] F2FS-fs (loop4): Found nat_bits in checkpoint [ 407.126197][ T7723] F2FS-fs (loop4): recover fsync data on readonly fs [ 407.140091][ T7723] F2FS-fs (loop4): Try to recover 1th superblock, ret: -30 [ 407.145466][ T7723] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 409.243999][ T7773] loop4: detected capacity change from 0 to 32768 [ 409.318471][ T7773] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.871 (7773) [ 409.349291][ T7773] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 409.355966][ T7773] BTRFS info (device loop4): using sha256 (sha256-ce) checksum algorithm [ 409.358421][ T7773] BTRFS info (device loop4): force clearing of disk cache [ 409.366729][ T7773] BTRFS info (device loop4): metadata ratio 0 [ 409.368585][ T7773] BTRFS info (device loop4): enabling ssd optimizations [ 409.379539][ T7773] BTRFS info (device loop4): using spread ssd allocation scheme [ 409.383080][ T7773] BTRFS info (device loop4): using free space tree [ 410.244691][ T7764] loop2: detected capacity change from 0 to 40427 [ 410.284667][ T7764] F2FS-fs (loop2): build fault injection attr: rate: 6, type: 0x3ffff [ 410.286916][ T7764] F2FS-fs (loop2): inline encryption not supported [ 410.316445][ T7764] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x2 [ 410.475199][ T7764] F2FS-fs (loop2): invalid crc value [ 410.504355][ T7764] F2FS-fs (loop2) : inject kvmalloc in f2fs_kvmalloc of f2fs_build_segment_manager+0x1184/0x4234 [ 410.509678][ T7764] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-12) [ 410.587438][ T7773] BTRFS info (device loop4): rebuilding free space tree [ 410.846177][ T4320] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 411.403538][ T4317] Bluetooth: hci4: SCO packet for unknown connection handle 0 [ 412.380606][ T7855] No such timeout policy "syz1" [ 412.423549][ T7860] loop2: detected capacity change from 0 to 764 [ 412.467076][ T7863] loop3: detected capacity change from 0 to 256 [ 412.497157][ T7863] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 412.961685][ T7852] loop4: detected capacity change from 0 to 32768 [ 412.992164][ T7852] (syz.4.889,7852,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 413.007295][ T7852] (syz.4.889,7852,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 413.076153][ T7852] JBD2: Ignoring recovery information on journal [ 413.119527][ T7852] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 413.141246][ T7852] (syz.4.889,7852,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC. [ 413.186808][ T7852] (syz.4.889,7852,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x1cec3d0f, computed 0xd2ffbdfe. Applying ECC. [ 413.210520][ T7852] (syz.4.889,7852,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xdf8356d3, computed 0xb8c23ae4. Applying ECC. [ 413.215580][ T7852] (syz.4.889,7852,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xdf8356d3, computed 0x2acb7e3c [ 413.219580][ T7852] (syz.4.889,7852,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 413.223318][ T7852] (syz.4.889,7852,1):ocfs2_quota_read:201 ERROR: status = -5 [ 413.225453][ T7852] __quota_error: 11 callbacks suppressed [ 413.225462][ T7852] Quota error (device loop4): find_block_dqentry: Can't read quota tree block 6 [ 413.230236][ T7852] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 413.233128][ T7852] (syz.4.889,7852,1):ocfs2_acquire_dquot:878 ERROR: status = -5 [ 413.242412][ T7852] (syz.4.889,7852,1):ocfs2_mknod:314 ERROR: status = -5 [ 413.244831][ T7852] (syz.4.889,7852,1):ocfs2_mknod:502 ERROR: status = -5 [ 413.249612][ T7852] (syz.4.889,7852,1):ocfs2_create:676 ERROR: status = -5 [ 413.329106][ T4320] ocfs2: Unmounting device (7,4) on (node local) [ 413.486245][ T7891] Cannot find add_set index 0 as target [ 413.894683][ T4317] Bluetooth: hci2: unexpected subevent 0x0e length: 30 > 15 [ 414.695085][ T7919] loop3: detected capacity change from 0 to 16 [ 414.722036][ T7918] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 414.724246][ T7918] vhci_hcd: default hub control req: 4011 v8001 i0001 l0 [ 414.749860][ T7919] erofs: (device loop3): mounted with root inode @ nid 36. [ 414.774574][ T7922] loop2: detected capacity change from 0 to 1024 [ 414.987575][ T7922] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 415.013382][ T7922] EXT4-fs error (device loop2): ext4_get_first_dir_block:3605: inode #11: comm syz.2.917: directory missing '..' [ 415.086123][ T4309] EXT4-fs (loop2): unmounting filesystem. [ 415.282584][ T7945] loop3: detected capacity change from 0 to 512 [ 415.304215][ T7945] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 415.308345][ T7945] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 415.356033][ T7945] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #16: comm syz.3.926: iget: bogus i_mode (5) [ 415.360156][ T7945] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.926: couldn't read orphan inode 16 (err -117) [ 415.372544][ T7945] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 415.388939][ T7945] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz.3.926: iget: bad i_size value: 360287970189639690 [ 415.496005][ T7941] loop4: detected capacity change from 0 to 32768 [ 415.550886][ T7941] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.924 (7941) [ 415.565443][ T7941] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 415.577082][ T7941] BTRFS info (device loop4): using sha256 (sha256-ce) checksum algorithm [ 415.589308][ T7941] BTRFS info (device loop4): force clearing of disk cache [ 415.591471][ T7941] BTRFS info (device loop4): enabling auto defrag [ 415.672972][ T7941] BTRFS info (device loop4): max_inline at 0 [ 415.674714][ T7941] BTRFS info (device loop4): enabling disk space caching [ 415.676655][ T7941] BTRFS info (device loop4): disk space caching is enabled [ 415.681779][ T4307] EXT4-fs (loop3): unmounting filesystem. [ 415.885276][ T7941] BTRFS info (device loop4): enabling ssd optimizations [ 415.889851][ T7941] BTRFS info (device loop4): rebuilding free space tree [ 415.900730][ T7941] BTRFS info (device loop4): disabling free space tree [ 415.902700][ T7941] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 415.922106][ T7941] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 416.239366][ T4320] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 416.953248][ T7977] loop3: detected capacity change from 0 to 32768 [ 417.029068][ T7977] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 417.113161][ T7989] loop2: detected capacity change from 0 to 4096 [ 417.116913][ T7977] OCFS2: ERROR (device loop3): int ocfs2_reserve_suballoc_bits(struct ocfs2_super *, struct ocfs2_alloc_context *, int, u32, u64 *, int): Invalid chain allocator 73 [ 417.118500][ T7989] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 417.136770][ T7989] ntfs: (device loop2): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 417.143153][ T7977] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 417.146069][ T7977] OCFS2: File system is now read-only. [ 417.147535][ T7989] ntfs: (device loop2): ntfs_read_locked_inode(): $DATA attribute is missing. [ 417.147560][ T7989] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 417.147609][ T7989] ntfs: (device loop2): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 417.149991][ T7977] (syz.3.932,7977,1):ocfs2_reserve_suballoc_bits:850 ERROR: status = -30 [ 417.160382][ T7977] (syz.3.932,7977,1):ocfs2_reserve_new_metadata_blocks:990 ERROR: status = -30 [ 417.163127][ T7977] (syz.3.932,7977,1):ocfs2_reserve_new_metadata_blocks:1013 ERROR: status = -30 [ 417.165749][ T7977] (syz.3.932,7977,1):ocfs2_mknod:350 ERROR: status = -30 [ 417.168084][ T7977] (syz.3.932,7977,1):ocfs2_mknod:502 ERROR: status = -30 [ 417.170163][ T7977] (syz.3.932,7977,1):ocfs2_create:676 ERROR: status = -30 [ 417.256184][ T7989] ntfs: volume version 3.1. [ 417.270542][ T7989] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Index buffer (VCN 0x0) of directory inode 0x5 has a size (24) differing from the directory specified size (4096). Directory inode is corrupt or driver bug. [ 417.292563][ T7989] ntfs: (device loop2): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 417.304265][ T7989] ntfs: (device loop2): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 417.323439][ T4307] ocfs2: Unmounting device (7,3) on (node local) [ 417.517905][ T8010] Cannot find add_set index 0 as target [ 417.623233][ T8016] netlink: 'syz.3.946': attribute type 21 has an invalid length. [ 418.279804][ T8048] usb usb8: usbfs: process 8048 (syz.3.961) did not claim interface 0 before use [ 418.282430][ T8048] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 418.659877][ T8060] vhci_hcd: invalid port number 255 [ 418.661404][ T8060] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 418.822294][ T8042] loop4: detected capacity change from 0 to 32768 [ 418.889364][ T8042] loop4: p1 p2 p3 < p5 p6 p7 > [ 418.892306][ T8042] loop4: p2 size 16775168 extends beyond EOD, truncated [ 418.907432][ T8042] loop4: p5 start 4294970168 is beyond EOD, truncated [ 419.027734][ T8064] loop2: detected capacity change from 0 to 8192 [ 419.215876][ T8070] loop4: detected capacity change from 0 to 8192 [ 419.269078][ T8070] loop4: p3 p4 < > [ 419.270267][ T8070] loop4: p3 start 619312 is beyond EOD, truncated [ 419.288407][ T3923] loop4: p3 p4 < > [ 419.289755][ T3923] loop4: p3 start 619312 is beyond EOD, truncated [ 419.342921][ T8058] loop3: detected capacity change from 0 to 32768 [ 419.476440][ T8058] (syz.3.966,8058,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 419.483450][ T8058] (syz.3.966,8058,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 419.550153][ T8058] JBD2: Ignoring recovery information on journal [ 419.666167][ T8058] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 419.705181][ T8079] loop2: detected capacity change from 0 to 32768 [ 419.754973][ T6133] udevd[6133]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 419.766876][ T6134] udevd[6134]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 419.792554][ T8091] udevd[8091]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 419.798053][ T8092] udevd[8092]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory [ 419.811021][ T8093] udevd[8093]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory [ 419.815385][ T8079] XFS (loop2): Mounting V5 Filesystem [ 419.861858][ T8091] udevd[8091]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 419.887294][ T8091] udevd[8091]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 419.924145][ T4307] ocfs2: Unmounting device (7,3) on (node local) [ 419.960789][ T8079] XFS (loop2): Ending clean mount [ 420.047908][ T8104] loop4: detected capacity change from 0 to 1024 [ 420.080013][ T8104] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 420.168544][ T4309] XFS (loop2): Unmounting Filesystem [ 420.299173][ T4320] EXT4-fs (loop4): unmounting filesystem. [ 420.355585][ T8110] loop3: detected capacity change from 0 to 8192 [ 420.720544][ T8124] loop4: detected capacity change from 0 to 4096 [ 420.744729][ T8124] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 421.686535][ T8124] ntfs3: loop4: failed to convert "c46c" to cp950 [ 425.799344][ T8186] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1007'. [ 427.975336][ T8209] loop2: detected capacity change from 0 to 8192 [ 430.263519][ T8241] loop4: detected capacity change from 0 to 32768 [ 430.270622][ T8241] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz.4.1025 (8241) [ 430.286093][ T8241] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 430.289371][ T8241] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 430.292302][ T8241] BTRFS info (device loop4): using free space tree [ 430.402555][ T8241] BTRFS info (device loop4): enabling ssd optimizations [ 430.555492][ T4320] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 430.611887][ T8275] loop2: detected capacity change from 0 to 512 [ 430.676246][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 430.678373][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 430.874792][ T8275] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 430.899946][ T8275] EXT4-fs (loop2): Remounting filesystem read-only [ 430.911008][ T8275] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.1030: invalid indirect mapped block 4278190080 (level 0) [ 430.919656][ T8275] EXT4-fs (loop2): Remounting filesystem read-only [ 430.921872][ T8275] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.1030: invalid indirect mapped block 1 (level 1) [ 430.939250][ T8275] EXT4-fs (loop2): Remounting filesystem read-only [ 430.944203][ T8291] loop4: detected capacity change from 0 to 256 [ 430.947445][ T8275] EXT4-fs (loop2): 1 truncate cleaned up [ 430.952822][ T8275] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 430.993423][ T8275] EXT4-fs error (device loop2): ext4_lookup:1850: inode #2: comm syz.2.1030: bad inode number: 1 [ 431.015377][ T8275] EXT4-fs (loop2): Remounting filesystem read-only [ 431.046045][ T4309] EXT4-fs (loop2): unmounting filesystem. [ 435.117618][ T8345] loop2: detected capacity change from 0 to 8192 [ 436.258023][ T8378] loop3: detected capacity change from 0 to 256 [ 436.320886][ T8378] FAT-fs (loop3): Directory bread(block 64) failed [ 436.328345][ T8378] FAT-fs (loop3): Directory bread(block 65) failed [ 436.332545][ T8378] FAT-fs (loop3): Directory bread(block 66) failed [ 436.340709][ T8378] FAT-fs (loop3): Directory bread(block 67) failed [ 436.357129][ T8378] FAT-fs (loop3): Directory bread(block 68) failed [ 436.359285][ T8378] FAT-fs (loop3): Directory bread(block 69) failed [ 436.361769][ T8378] FAT-fs (loop3): Directory bread(block 70) failed [ 436.363659][ T8378] FAT-fs (loop3): Directory bread(block 71) failed [ 436.365604][ T8378] FAT-fs (loop3): Directory bread(block 72) failed [ 436.367521][ T8378] FAT-fs (loop3): Directory bread(block 73) failed [ 436.387213][ T8381] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1064'. [ 436.506431][ T8384] loop2: detected capacity change from 0 to 256 [ 436.610351][ T8384] FAT-fs (loop2): Directory bread(block 64) failed [ 436.622960][ T8384] FAT-fs (loop2): Directory bread(block 65) failed [ 436.625015][ T8384] FAT-fs (loop2): Directory bread(block 66) failed [ 436.636370][ T8384] FAT-fs (loop2): Directory bread(block 67) failed [ 436.638386][ T8384] FAT-fs (loop2): Directory bread(block 68) failed [ 436.653630][ T8384] FAT-fs (loop2): Directory bread(block 69) failed [ 436.656969][ T8391] loop3: detected capacity change from 0 to 1024 [ 436.657986][ T8384] FAT-fs (loop2): Directory bread(block 70) failed [ 436.665956][ T8384] FAT-fs (loop2): Directory bread(block 71) failed [ 436.668242][ T8392] tipc: Enabling of bearer rejected, failed to enable media [ 436.671955][ T8384] FAT-fs (loop2): Directory bread(block 72) failed [ 436.674679][ T8384] FAT-fs (loop2): Directory bread(block 73) failed [ 436.684761][ T8391] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 436.752963][ T4307] EXT4-fs (loop3): unmounting filesystem. [ 437.188620][ T8399] loop3: detected capacity change from 0 to 8192 [ 440.082512][ T8450] tipc: Enabled bearer , priority 0 [ 440.521313][ T8453] tipc: Resetting bearer [ 440.603166][ T8447] tipc: Disabling bearer [ 440.918598][ T8468] loop3: detected capacity change from 0 to 8192 [ 442.774526][ T8500] tipc: Enabling of bearer rejected, failed to enable media [ 447.296618][ T8555] tipc: Enabling of bearer rejected, failed to enable media [ 449.638390][ T8576] loop2: detected capacity change from 0 to 8192 [ 450.425179][ T8606] device syzkaller0 entered promiscuous mode [ 452.361304][ T8638] loop2: detected capacity change from 0 to 8192 [ 453.902210][ C1] hrtimer: interrupt took 47165 ns [ 455.763620][ T8682] loop2: detected capacity change from 0 to 8192 [ 459.529813][ T8732] device syzkaller0 entered promiscuous mode [ 459.785370][ T8742] loop4: detected capacity change from 0 to 8192 [ 464.778751][ T8786] loop3: detected capacity change from 0 to 8192 [ 468.035058][ T8845] device syzkaller0 entered promiscuous mode [ 469.881553][ T8848] loop3: detected capacity change from 0 to 8192 [ 474.123393][ T8901] device syzkaller0 entered promiscuous mode [ 478.804818][ T8954] loop4: detected capacity change from 0 to 8192 [ 481.490075][ T9001] loop2: detected capacity change from 0 to 8192 [ 486.743653][ T9059] loop4: detected capacity change from 0 to 8192 [ 488.789269][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 488.795623][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 494.610505][ T9135] tipc: Enabled bearer , priority 0 [ 494.673937][ T9140] tipc: Resetting bearer [ 496.264524][ T9134] tipc: Disabling bearer [ 499.445913][ T9178] loop3: detected capacity change from 0 to 8192 [ 501.222973][ T9207] tipc: Enabled bearer , priority 0 [ 501.310109][ T9210] tipc: Resetting bearer [ 501.418344][ T9206] tipc: Disabling bearer [ 505.745733][ T9260] tipc: Enabled bearer , priority 0 [ 506.213554][ T9264] tipc: Resetting bearer [ 506.367555][ T9259] tipc: Disabling bearer [ 506.793798][ T9270] loop2: detected capacity change from 0 to 8192 [ 509.815984][ T9313] tipc: Enabled bearer , priority 0 [ 509.969538][ T9315] tipc: Resetting bearer [ 510.059120][ T9312] tipc: Disabling bearer [ 510.443365][ T9320] loop2: detected capacity change from 0 to 8192 [ 513.586837][ T9359] tipc: Enabled bearer , priority 0 [ 514.230950][ T9363] tipc: Resetting bearer [ 514.788211][ T9358] tipc: Disabling bearer [ 518.947117][ T9414] loop3: detected capacity change from 0 to 16 [ 518.968788][ T9414] erofs: (device loop3): mounted with root inode @ nid 36. [ 519.124003][ T9416] loop2: detected capacity change from 0 to 8192 [ 520.649125][ T9432] tipc: Enabling of bearer rejected, failed to enable media [ 523.556680][ T9485] tipc: Enabling of bearer rejected, failed to enable media [ 528.915063][ T9548] tipc: Enabling of bearer rejected, failed to enable media [ 533.102602][ T9600] tipc: Enabling of bearer rejected, failed to enable media [ 537.212150][ T9654] loop4: detected capacity change from 0 to 8192 [ 537.285717][ T9661] tipc: Enabling of bearer rejected, failed to enable media [ 540.822824][ T9711] loop2: detected capacity change from 0 to 8192 [ 541.735383][ T9720] tipc: Enabling of bearer rejected, failed to enable media [ 543.711808][ T9750] loop4: detected capacity change from 0 to 8 [ 543.728569][ T9750] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 543.954762][ T8091] udevd[8091]: incorrect cramfs checksum on /dev/loop4 [ 545.707758][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 545.709676][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 545.739422][ T9774] tipc: Enabling of bearer rejected, failed to enable media [ 548.911618][ T9812] loop4: detected capacity change from 0 to 8192 [ 549.457460][ T9825] tipc: Enabling of bearer rejected, failed to enable media [ 552.129204][ T9867] loop4: detected capacity change from 0 to 1024 [ 552.196250][ T9867] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 552.238785][ T4320] EXT4-fs (loop4): unmounting filesystem. [ 552.418975][ T9874] loop4: detected capacity change from 0 to 8192 [ 552.515358][ T9874] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 552.519357][ T9874] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 552.530156][ T9874] REISERFS (device loop4): using ordered data mode [ 552.541811][ T9874] reiserfs: using flush barriers [ 552.554843][ T9874] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 552.575027][ T9874] REISERFS (device loop4): checking transaction log (loop4) [ 553.296417][ T9874] REISERFS (device loop4): Using r5 hash to sort names [ 553.362147][ T9874] reiserfs: enabling write barrier flush mode [ 553.386721][ T9874] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 1 0(1) DIR], item_len 35, item_location 3937, free_space(entry_count) 2 [ 553.394698][ T9874] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 553.407631][ T9874] REISERFS (device loop4): Remounting filesystem read-only [ 553.409654][ T9874] REISERFS error (device loop4): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 1 0x0 SD] stat data [ 553.413284][ T9874] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 1 0(1) DIR], item_len 35, item_location 3937, free_space(entry_count) 2 [ 553.426608][ T9874] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 553.429612][ T9874] REISERFS error (device loop4): zam-7001 reiserfs_find_entry: io error [ 553.431892][ T9874] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 1 0(1) DIR], item_len 35, item_location 3937, free_space(entry_count) 2 [ 553.468529][ T9874] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 553.471756][ T9874] REISERFS error (device loop4): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 1 0x0 SD] stat data [ 553.481596][ T9874] REISERFS warning (device loop4): jdm-20006 create_privroot: xattrs/ACLs enabled and couldn't find/create .reiserfs_priv. Failing mount. [ 553.586363][ T4320] ------------[ cut here ]------------ [ 553.587958][ T4320] kernel BUG at fs/reiserfs/journal.c:1916! [ 553.589858][ T4320] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP [ 553.592046][ T4320] Modules linked in: [ 553.593146][ T4320] CPU: 0 PID: 4320 Comm: syz-executor Not tainted 6.1.146-syzkaller #0 [ 553.595448][ T4320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 553.598293][ T4320] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 553.600510][ T4320] pc : do_journal_release+0x430/0x43c [ 553.602012][ T4320] lr : do_journal_release+0x430/0x43c [ 553.603509][ T4320] sp : ffff800020877740 [ 553.604679][ T4320] x29: ffff8000208777e0 x28: 1ffff00002a15aa8 x27: ffff800020877740 [ 553.606891][ T4320] x26: 1fffe0001effa0cf x25: dfff800000000000 x24: ffff70000410eee8 [ 553.609129][ T4320] x23: ffff800020849000 x22: 0000000000000000 x21: ffff8000208778a0 [ 553.611456][ T4320] x20: ffff0000f7fd0678 x19: ffff0000f7fd0000 x18: ffff800011aabce0 [ 553.613794][ T4320] x17: 1fffe00033ed9d7e x16: ffff8000082ca25c x15: 0000000000000000 [ 553.616125][ T4320] x14: 00000000ffff8000 x13: 1ffff00002a160b1 x12: 0000000000ff0100 [ 553.618462][ T4320] x11: ff00800008cca648 x10: 0000000000000000 x9 : ffff800008cca648 [ 553.620718][ T4320] x8 : ffff0000d656b780 x7 : 0000000000000000 x6 : 0000000000000000 [ 553.623118][ T4320] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000030 [ 553.625398][ T4320] x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 [ 553.627723][ T4320] Call trace: [ 553.628658][ T4320] do_journal_release+0x430/0x43c [ 553.630066][ T4320] journal_release+0x2c/0x40 [ 553.631449][ T4320] reiserfs_put_super+0x1ec/0x428 [ 553.632954][ T4320] generic_shutdown_super+0x130/0x324 [ 553.634473][ T4320] kill_block_super+0x70/0xdc [ 553.635807][ T4320] reiserfs_kill_sb+0x124/0x13c [ 553.637228][ T4320] deactivate_locked_super+0xac/0x124 [ 553.638768][ T4320] deactivate_super+0xe8/0x108 [ 553.640177][ T4320] cleanup_mnt+0x37c/0x404 [ 553.641481][ T4320] __cleanup_mnt+0x20/0x30 [ 553.642735][ T4320] task_work_run+0x1ec/0x270 [ 553.644091][ T4320] do_notify_resume+0x1f70/0x2b0c [ 553.645522][ T4320] el0_svc+0x98/0x138 [ 553.646699][ T4320] el0t_64_sync_handler+0x84/0xf0 [ 553.648131][ T4320] el0t_64_sync+0x18c/0x190 [ 553.649389][ T4320] Code: aa1503e0 97f03059 17ffff57 97df5d68 (d4210000) [ 553.651445][ T4320] ---[ end trace 0000000000000000 ]--- [ 553.908179][ T4320] Kernel panic - not syncing: Oops - BUG: Fatal exception [ 553.910208][ T4320] SMP: stopping secondary CPUs [ 553.911535][ T4320] Kernel Offset: disabled [ 553.912940][ T4320] CPU features: 0x080000,02070084,26017203 [ 553.914652][ T4320] Memory Limit: none [ 554.126333][ T4320] Rebooting in 86400 seconds..