last executing test programs: 33.736395559s ago: executing program 1 (id=2): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x2c, r1, 0x5, 0x70bd27, 0x30000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x2c}}, 0x0) socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r3, 0xffffffffffffffff, 0x0) 33.481439841s ago: executing program 1 (id=8): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x1800004, &(0x7f0000000ac0), 0x6, 0x49f, &(0x7f0000000c00)="$eJzs3M9vFGUfAPDvzG7Lb9qXl/flhRe1isbGHy0tqBy8aDTxoImJHvBY20KAhRpaEyFEqzF4NCTejUcT/wJPejHqycQr3g0JUS6giUnN7M6022273YV2V7qfT7LkmZln+jzfneeZeWaeWQLoWUPZP0nE7oi4HhEDtcVFC3mmLN+dW1cm/7h1ZTKJhYU3fkuq+W7fujJZ5C3225UvDKcR6cdJXshys5cun5uoVKYv5sujc+ffGZ29dPnpM+cnTk+fnr4wfuLE8WNjzz07/syGxJnFd/vQ+zOHD77y1rXXJk9ee/uHr3bk66Mhjlb0tZBnKAv894Wqxm2PtVPYfWBPXTopd7EitKUUEeW8PV+PgSjF0sEbiJc/6mrlgE2VXZu2rb15fgHYwpJoXBMr1gBbUXGhz+5/i0+Hhh7/CDdfqN0AZXHfyT+1LeVI8zx9Dfe3G2koIk7O//l59om7eA4BANCub7Lxz1Orjf/SqB8j7s3nhgYj4l8RsS8i/h0R+yPiPxHx34g4EBH/a63Ys0WicWpo5fgnvXGvMTaTjf+ez+e2lo//itFfDJbypT3V+PuSU2cq00fz72Q4+rZFVKbHmpTx7Us/f7rWtqG/lsZ/2Scr/+SyyaX0Rjl/QLctfxo/NTE30dIEVAtufhhxqLxa/MniTEASEQcj4lB7f3pvkTjzxJeH18pUP/5djD8fC69rA+aZFr6IeLx2/OejIf5C0nx+cnR7VKaPjhatYqUff7r6+lrltxv/Rk+tZcd/5/L2HxHb67MMJvXztbPtl3H1l0/WvKdZP/6l9l/I2n9/8mb1fNSfr3tvYm7u4lhEf/Jqba/69eNL+xbLRf4s/uEjq/f/ffk+Wfz/j4isET8QEQ9GxEN53R+OiEci4kiT+L9/8dGzbcZfbXw7mvzNjZLFP7Xq+W+x/Tcc//YTpXPffd1m/A3H/3g1NZyvqZ7/1tFqBe/luwMAAID7RVp9Bz5JRxbTaToyUnuHf3/sTCszs3NPnpp598JU7V35wehLiyddA3XPQ8eS+fxt4qjefY/nz4qL7cfy58aflXZUl0cmZypTXY4det2uuv6/78BS/8/8Wlqed3FGxO87YOsYTLpdA6BbGq/naZfqAXSe8Tz0Lv0fepf+D71rtf7/QcNyqUN1ATrL9R9613r93/QgbF2N/X97l+oBdJ7xP/SkZr+NT+7+J/8S3UkU/x1GzG96WZFuXhHFALSLX2Z/Cx2k2e6bVLHdEdGZL2HluaJc3tWhsxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDG+TsAAP//iGXlEQ==") r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/snmp\x00') r1 = fanotify_init(0x1, 0x800) r2 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x15e) readv(r1, &(0x7f0000000100)=[{&(0x7f0000000040)=""/175, 0xaf}], 0x1) fanotify_mark(r1, 0x1, 0x40001019, r2, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) getdents64(r0, 0x0, 0x0) 32.671140365s ago: executing program 1 (id=13): syz_mount_image$udf(&(0x7f00000001c0), &(0x7f0000000100)='./file1\x00', 0x1004000, &(0x7f0000000340)={[{@gid}, {@undelete}, {@anchor={'anchor', 0x3d, 0x7}}, {@longad}, {@uid_forget}, {@unhide}, {@undelete}, {@iocharset={'iocharset', 0x3d, 'utf8'}}, {@uid_forget}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@gid_forget}, {@nostrict}, {@session}, {@gid_forget}]}, 0x1, 0xc34, &(0x7f0000001bc0)="$eJzs3U9sXNd5N+D3XHHEofx9FRM7ipPGxaQtUlmxXP2LqViFO6pptgFkWQjF7AJwJFLqwBRJkFQjG2nBdNNFFwGKoousCLRGgRQNjKYIumRaF0g2XhRZdUW0sBEUXbBFgKwCFvfOGXFIkTYjkhJpP49N/WbunHPnnHvH98qC3jkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAET83iuXz5xNj3sUAMCjdHX0q2fOuf8DwMfKdf//DwAAAAAAAAAAAAAAB12KIp6MFLNXV9N49byjfqVdu3tvbHhk624Dqep5pGpf/tTPnjt/4UsvDF3s5pX29Af032ufjddGr19uvDxzZ3Zucn5+cqIxNt2+OTMxueM97Lb/ZqeqA9C48/rdiVu35hvnnj+/4eV7g+/3P3Fi8NLQs6ef6bYdGx4ZGV1vUt/y4UParsLjaBRxOlI8972fplZEFLH7Y1F/tOd+s4FqEqeqSYwNj1QTmWq3phfKF691D0QR0ejp1Oweo63PRfTVHukctteMWCyHXw74VDm90dnWXOvG1GTjWmtuob3Qnpm+ljqjLefTiCIupoiliFjpf3B3tSiiL1J85/hquhERR7rH4YtVYfD24yj2cY47UI6zUYtYKg7BOTvA+qOIVyPFz945GTfLY5Z/4gsRr5b5g4i3ynwpIpUfjAsR723xOeJw6osi/rw8/5dW00R1PeheV658rfGV6VszPW2715Vf8v7wwJXiMd0fBjblo3HAr031KKJVXfFX08P/ZgcAAAAAAAAAAAAAAACAvTYQRXwmUrzyb39U1RVHVZd+/NLQ7w/+/96a8ac/ZD9l2+cjYrHYWU3u0VwYeC1dS2mntcTqTvdcPYr441z/963HPRgAAAAAAAAAAAAAAAAAAICPtSJ+EilefPdkWoreNcXb07cb11s3pjqrwnbX/u2umb62trbWSJ1s5hzPuZhzKedyzpWcUeT+OZs5xwc6O17Mz5dyLudcyRlHcv+czZzjORdzLuVczrmSM/py/5zNnOM5F3Mu5VzOuZIzDsjavQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHyVFFPGLSPHtb6ymSBHRjBiPTi73P+7RAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACl/lTE9yNF4w+a97f1RUSq/u04Wf5yIZpHy/xkNIfKfCmal3O2quxrfusxjJ/dqaUifhwp+utv3z/h+fzXOs/ufwzirW+uP/tsXyePdF8cfL//iRPHLw2N/NrT2z1OWw3g1JX29N17jbHhkZHRns19+d0/2bNtML9vsTdTJyLm33jz9dbU1OTcwz8oPwK76H6IHqS+gz/T2oEf4SF6EH0HYhiPZ+58DJT3//cixW+/++/dG37n/l+P/9d5dv8OHz//k/X7/4ubd7TD+3/f5n75/l/e07e6/z/Zs+3F/LuRWl9EfeHObO1ERH3+jTdPt++0bk/enpy+cObMl4eGvnz+TO1oRP1We2qy59GeHC4AAAAAAAAAAAAAAACARycV8buRovXj1dSIiHtVvdbgpaFnTz9zJI5U9VYb6rZfG71+ufHyzJ3Zucn5+cmJxth0++bMxORO365elXuNDY/sy2Q+1MA+j3+g/vLM7Btz7dt/uLDl68fql2/ML8y1bm79cgxEEdHs3XKqGvDY8Eg16Kl2a7rqem3LYvpfXi0V8R+R4uaFRvp83pbr/zdX+G+o/1/cvKN9qv//RM+28j1TKuLnkeK3/uLp+Hw1zmPxwDHL7f4mUpy6+LncLo6W7bpj6HyvQKcysGz7P5HiH36xsW23HvLJ9bZnd3xgD4ny/B+PFN//s+/Gr+dtG7//Yevzf2zzjvbp/D/Vs+3Yhu8r2PXUyef/dKR46cm34zfytg/6/o/ud2+czI3vfz/HPp3/T/VsG8zv+5t7M3UAAAAAAAAAAIBDrZaK+NtI8cORvvRC3raTv/83sXlH+/T3vz7ds21ib9Yr+tAHuz6oAAAAAHBA1FIRP4kUtxfevl9DvbH+u6f+83fW6z+H06ZXqz/n+5XqewP28s//eg3m9x3f/bQBAAAAAAAAAAAAAAAAAADgQEmpiBfyeurjVT3/xLbrqS9Hilf+67ncLp0o23XXgR+sfq1fnZk+fXlqauZma6F1Y2qyMTrbujlZ9n0qUqz+9edy36JaX7273nxnjff1tdjnIsXI33XbdtZi765N/tR627Nl209Eiv/8+41tu+tYf2q97bmy7V9Fiq//09ZtT6y3PV+2/W6k+NHXG922x8q23e9H/fR62+dvzhT7cFYAAAAAAAAAAAAAAAAAAAD4uKmlIv40Uvz3naX7tfx5/f9az9PKW9/sWe9/k3vVOv+D1fr/2z1+mPX/q+8VWNzuXQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KMpRRFvRorZq6tpub983lG/0p6+e29seGTrbgOp6nmkal/+1M+eO3/hSy8MXezmB/ffa5+J10avX268PHNndm5yfn5yojE23b45MzG54z3stv9mp6oD0Ljz+t2JW7fmG+eeP7/h5XuD7/c/cWLw0tCzp5/pth0bHhkZ7WnTV3vod39A2mb70SjiLyPFc9/7afphf0QRuz8WH/LZ2W8D1SROVZMYGx6pJjLVbk0vlC9e6x6IIqLR06nZPUaP4FzsSjNisRx+OeBT5fRGZ1tzrRtTk41rrbmF9kJ7Zvpa6oy2nE8jiriYIpYiYqX/wd3VoojXI8V3jq+mf+6PONI9Dl+8OvrVM+e2H0exj3PcgXKcjVrEUnEIztkB1h9F/GOk+Nk7J+Nf+iP6ovMTX4h4tcwfRLwVnfOdyg/GhYj3tvgccTj1RRH/W57/S6vpnf7yetC9rlz5WuMr07dmetp2ryuH/v7wKB3wa1M9ivhRdcVfTf/qv2sAAAAAAAAAAAAAAACAA6SIX40UL757MlX1wfdritvTtxvXWzemOmV93dq/bs302traWiN1splzPOdizqWcyzlXckaR++dslllfWxvPzxdzLuVczrmSM47k/jmbOcdzLuZcyrmccyVn9OX+OZs5x3Mu5lzKuZxzJWcckNo9AAAAAAAAAAAAAAAAAADgo6Wo/knx7W+sprX+zvrS49HJZeuBfuT9XwAAAP//M3/28g==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0) mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0) mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x887008, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r0, &(0x7f00000058c0)={0x2020}, 0x2020) 31.106940042s ago: executing program 1 (id=17): bpf$MAP_CREATE(0x0, 0x0, 0x48) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000000000)={@private1, 0x0}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x5c399000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x14}}, 0x4000054) r4 = socket(0x10, 0x803, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x3c}}]}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=@newtfilter={0x54, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0xffec}, {}, {0xfff1, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x28, 0x2, [@TCA_U32_SEL={0x24, 0x5, {0x8d, 0x7, 0x8, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0xff, 0x20008000, 0x4, 0x1}]}}]}}]}, 0x54}}, 0x24040084) r7 = fsopen(&(0x7f0000000280)='squashfs\x00', 0x1) fsconfig$FSCONFIG_SET_PATH(r7, 0x3, &(0x7f0000000500)='\x00', 0x0, 0xffffffffffffff9c) 29.927640963s ago: executing program 1 (id=19): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000940)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad1f50ad32d3fd25dfd73a015e0ca6a0f68a7d007f15451dfb265a0e3ccae669e173a64bc1cfd5587d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661ca3dbe74bd09de8793dbcceef76b2e5feecf9c66c54c3b3ffe1b4ce25d7c983c044c06cd0a48dfe3e26e7a23129d6606fd28a69989d552af6d9a9df2c3af36e0360050011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae82f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b70a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba73c31b05c00fba8a4aee676d7c45bb29671a68ee2e60da7b01a2e5785a238afa4aba70c07fcd95bf8b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf334178b04963d67dd5a5707e618a1ef9057fec00f9e930219fa8d30e716de8cde9c60f0000000c3b64d10f0939b42b788daa7075fa542242b00f6bf9b64ad460e386b6f388351fbdacb3ad074574ee9d450f9dcfaef1be95ff3c449e6482e4403174618c20e887d6f320616d31d78a0e5421d5742cc52509fd90cf2df6d1404f6b8f810d7b94d421971b77a3270153a0d57cccfe27872f3e8e44480f93c33421986a7737842627301fb2fee8cabab074adaa2024ff57e609ba2f4d83b3bbf52309484532416f48f43b31395c6f45fee8f1682a4e8d5e3b9ae634ed24fb0e8b5fadaf5cb7eea62b7bb4264e72950c9dc791d771acc24c08cdb6ef24c813d082a86d9b879bdf5aefdfd905a2bd4ea36b0b"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) socket(0x8000000010, 0x2, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x7) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x8}, {0xfff1, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800) sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000980)=@delchain={0x24, 0x66, 0xf31, 0xfffffff8, 0x0, {0x0, 0x0, 0x0, r4, {0xb, 0xc}, {0x0, 0xffff}, {0x0, 0x1b}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendto$inet(r6, &(0x7f0000000100)="1ce0", 0xffeb, 0x0, &(0x7f0000001100)={0x2, 0x0, @private}, 0x10) ioctl$sock_inet_SIOCSARP(r5, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}}) 29.560881819s ago: executing program 32 (id=19): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000940)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad1f50ad32d3fd25dfd73a015e0ca6a0f68a7d007f15451dfb265a0e3ccae669e173a64bc1cfd5587d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661ca3dbe74bd09de8793dbcceef76b2e5feecf9c66c54c3b3ffe1b4ce25d7c983c044c06cd0a48dfe3e26e7a23129d6606fd28a69989d552af6d9a9df2c3af36e0360050011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae82f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b70a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba73c31b05c00fba8a4aee676d7c45bb29671a68ee2e60da7b01a2e5785a238afa4aba70c07fcd95bf8b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf334178b04963d67dd5a5707e618a1ef9057fec00f9e930219fa8d30e716de8cde9c60f0000000c3b64d10f0939b42b788daa7075fa542242b00f6bf9b64ad460e386b6f388351fbdacb3ad074574ee9d450f9dcfaef1be95ff3c449e6482e4403174618c20e887d6f320616d31d78a0e5421d5742cc52509fd90cf2df6d1404f6b8f810d7b94d421971b77a3270153a0d57cccfe27872f3e8e44480f93c33421986a7737842627301fb2fee8cabab074adaa2024ff57e609ba2f4d83b3bbf52309484532416f48f43b31395c6f45fee8f1682a4e8d5e3b9ae634ed24fb0e8b5fadaf5cb7eea62b7bb4264e72950c9dc791d771acc24c08cdb6ef24c813d082a86d9b879bdf5aefdfd905a2bd4ea36b0b"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) socket(0x8000000010, 0x2, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x7) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x8}, {0xfff1, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800) sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000980)=@delchain={0x24, 0x66, 0xf31, 0xfffffff8, 0x0, {0x0, 0x0, 0x0, r4, {0xb, 0xc}, {0x0, 0xffff}, {0x0, 0x1b}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendto$inet(r6, &(0x7f0000000100)="1ce0", 0xffeb, 0x0, &(0x7f0000001100)={0x2, 0x0, @private}, 0x10) ioctl$sock_inet_SIOCSARP(r5, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}}) 5.130410929s ago: executing program 4 (id=135): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x48, 0x83, 0x0, 0x80000001}, {0x6, 0x5, 0x0, 0xfffffc}]}, 0x10) r1 = socket$igmp6(0xa, 0x3, 0x2) sendmmsg$inet6(r1, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0) 4.797554713s ago: executing program 4 (id=139): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x209044, &(0x7f00000002c0)={[{@journal_checksum}]}, 0x3, 0x53a, &(0x7f0000001b80)="$eJzs3c9vI1cdAPDvTOLN/khJChygEqWiRbsF1tk0bBtxKCAhOFUCirguJnGiKE68Spx2E1U0FX8AEkJQiQucuCDxByChXrgjpEpwR4BAqGzhAFLbQTMedxOvnQTV9kjJ5yO99byZ8Xy/b7x+ec8zsgO4sJ6IiBsRMRURT0fEXLk+LUscdku+39v3X1nJSxJZ9uJbSSTlut6xZsrHa+XTLkfEN78W8d3k4bi7+webjVaruVPWFzpbyTtZdnBzY6ux3lxvbi8tLT67/Nzy7eVbI2nnfEQ8/5W//vgHv/jq87/53Mt/uvP3G9/L0/pvlr0afe0YpW7Ta8W56JmOiJ1xBKvIdNHCrtsV5wIAwMny8f6HI+JTxfh/LqaK0RwAAABwnmRfnI13kogMAAAAOLfSiJiNJK2X9/vORprW6917eD8aV9NWe7fz2bX23vZqvi1iPmrp2kareau8d2A+akleXyzvse3Vn+mrL0XEoxHxo7krRb2+0m6tVv3hBwAAAFwQ1/rm//+e687/C4cVJwcAAACMznzVCQAAAABjZ/4PAAAA55/5PwAAAJxrX3/hhbxkvd+/Xn1pf2+z/dLN1ebuZn1rb6W+0t65W19vt9eL7+zbOu14rXb77udje+/eQqe521nY3T+4s9Xe2+7c2Tj2E9gAAADABD36yTf+mETE4ReuFCV3qdxWi8imju48XUWGwLik/8/OfxlfHsDkHf37fqXCPIDJM6SHi6tWdQJA5ZJTtg+9eed3o88FAAAYj+sfH379/621SlMDxqy8/p+cNv8Hzp+ps+w0M/48gMnrXv97L+uqOhtgkmonjQBMCuDcS0dz/f+UWwkTHQoAAFRstihJWi/nAbORpvV6xCPFzwLUkrWNVvNWRHwoIv4wV5vJ64vFMxOjeQAAAAAAAAAAAAAAAAAAAAAAAAA4oyxLIgMAAADOtYj0b71f5ro+99Rs/+cDl5L/zBWPEfHyT1/8yb1Gp7OzmK//5/vrO6+X65+p4hMMAAAAoF9vnt6bxwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKL19/5WVXplk3H98OSLmB8WfjsvF4+WoRcTVfyUxfeR5SURMjSD+4WsR8bFB8ZM8rZgvszgW/1JEGhFXRhV/4Pk/IX50418bQXy4yN7I+58vDXr/pfFE8Tj4/Tddlg9qeP+Xvt//TQ3p/x4ZdtDa8epjb/5qYWj81yIemx7c//TiJ/nxBsR/8oxt/M63Dg6Gbct+HnF9UP+XHI+10Nm6u7C7f3BzY6ux3lxvbi8tLT67/Nzy7eVbC2sbrWb578AYP/zEr997UHv3ofZfPaH/Ldo/5Pw/dUKbZ44sv/vmvfsf6S72vTJRi59l2Y0nB7/+hc88HL/3t+/T5V55PT+H6evfHpjL47/8/ePD8szbvzqk/ZdPaf+NE9p/1NPf+P6fz7grADABu/sHm41Wq7ljoeKFpBzxfpDj9D4RGX/O+biz6jPWTCKJzUZrJo5talSfWHfh1fLVaLR677YRHfm35X+VcSY/6Y4IAAAYuweD/v4tDy7AuM4MAAAAAAAAAAAAAAAAAAAA43Xq14AN25RGxBm/Tqw/5mE1TQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONH/AgAA//+E8M5m") r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/snmp\x00') r1 = fanotify_init(0x1, 0x40000) chdir(&(0x7f00000001c0)='./file0\x00') r2 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x50) readv(r1, &(0x7f0000000100)=[{&(0x7f0000000480)=""/164, 0xa4}], 0x1) fanotify_mark(r1, 0x1, 0x40001019, r2, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000000180)=""/145, 0x91) 4.080770224s ago: executing program 4 (id=142): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000001c0)={'ipvlan1\x00', 0x400}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101}) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r2, 0xffffffffffffffff, 0x0) 3.188224033s ago: executing program 2 (id=145): r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[0x345, 0xfffffffffffffac2, 0x623faba9, 0x1000, 0x8000000000000001, 0xffffffffffffff8c, 0x7f, 0x1, 0x6, 0x6, 0x4, 0x8000, 0x8001, 0x17a, 0xbcc, 0x1], 0x30000, 0x4}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x67a, 0x6, 0xf3b8, 0x0, 0x1000, 0x800000400, 0x4002004c4, 0x1000, 0x0, 0x97, 0x10, 0x0, 0x3, 0x4, 0x0, 0x8], 0xeeee7ffb, 0x400}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 3.060221768s ago: executing program 4 (id=146): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv4_newaddr={0x20, 0x14, 0x503, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, r3}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@ipv4_newaddr={0x34, 0x14, 0x503, 0x800000, 0x25dfdbff, {0x2, 0x1f, 0x20, 0xc8, r6}, [@IFA_LOCAL={0x8, 0x2, @loopback}, @IFA_LABEL={0x14, 0x3, 'dvmrp0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0xc090}, 0x20008840) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000180)={'lo\x00', {0x2, 0x4e21, @empty=0x7f000000}}) 2.846708837s ago: executing program 4 (id=149): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000300)='./file1\x00', 0x414, &(0x7f0000000340)=ANY=[], 0x1, 0x67d, &(0x7f0000000780)="$eJzs3c1vXFfdB/DvnUzsTNonddOkzYMq1WokQFgkfpELZkNACHlRQVUWrK3EaayM02K7lVsh6vC67aJ/QFl4g1ghsY9UWLCBXXfI7CohsekGsxo013fG4/FLxm3jccrnE905595zz7m/87tz77xY0QT4nzU/kfqDFJmfeHm9vb61OdPc2pxZ7tSTjCbZSOpJakmKf7darQ+TG0nRHaboK/d5f2nu1Y8+2fp4Z61eLeX+taP69an22+jbvNHZNp7kTFV+BnvGu/mZxyu6kd9IcrUqYejOJmnt8ZO/PNlt6dE4qPe5E4kReLSKndfNVK/HXWPJ+epCb78P6Lzy1k4+wsGMDrhf/zsIAAAAeNwM8hn4qe1sZ724cALhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBfCxu7v/xfVUuvUx1N0fv9/pNqWqn66vHC83R88qjgAAAAAAAAA4ET8o3x8YTvbWc+FztZWUf7N/8Vy5VL5+ETezGoWs5JrWc9C1rKWlUwlGesZbmR9YW1tZWqAntMH9px+SLijVdn4POYOAAAAAAAAAF84P8/87t//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgNCiSMztFivs9m8dSqyc5l2SkvWEj+Vun/jh7MOwAAAAA4AQ8tZ3trOdCZ71V5FKSZ8vvAM7lzdzLWpaylmYWc6v8XmDnU39ta3OmubU5s7z1w4PG/c6/jhVGOWJ2vns4+MhXyj0auf1Wp8/NvJ5mbqVW9my7UsazOdPZY3nvQe63Yyq+XRkwsltV2Z75e1W5z7vHmuxhjvllyliZkbO5naUyR5NVbO1sPF1lorvs7XrMs9N/pKnUusFe6jtS3yQ+Vc7PV2V7Pr8+LOdD0Z+J6Z5n37NH5zz5yh9//+PJqn56pjSYM1XZKh8b+zMx05OJ5wbJxJ3mvbt3bq9OPG6Z2GeyzMTl7vp8vp8fZSLjeSUrWcpbWchaFjOe75W1herkFz2X/CGZurFn7ZWHRTJSPUN3TtbxYnqx7HshS/lBXs+tLOal8t90pvKNzGY2cz1n+PLRZ7i86muHXPWt/zsw+KtfrSqNJL+pygMd2vCotPP6dE9ee++5Y2Vb75bdLF0cIEvHvDfWv1RV2sf4RVWeDv2ZmOrJxDNHZ+K35W1ltXnv7sqdhTcGO9zF93qO+6tTdUttP18utk9Wubb32dFue6a75958tdsudfvV9rVd7raVV2pRP/RKHanew+0fabpse+7Atpmy7UpPW6Pbdq37fguAU+/8186PNP7Z+Gvjg8YvG3caL5/77ug3R58fydk/nf1WffLMl2vPF3/IB/nZ7ud/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg01t9+527C83m4kpfpdVqvXtI00lX6g8JdV8l439/ot2hs6WVblPn58xOcBb//2Qy9BwOvfKfVqtVbSkO2ed3fz41iWpVTkXqhlQZ3j0JOBnX15bfuL769jtfX1peeG3xtcV7c7Ozc5Nzsy/NXL+91Fyc3HkcdpTAo7D7oj/sSAAAAAAAAAAAAIBBncR/Jxj2HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDH2/xE6g9SZGry2mR7fWtzptleOvXdPetJakmKnybFh8mN7CwZ6xmuOOw47y/NvfrRJ1sf745V7+xfO6rfYDaqJeNJzuyU9z+v8W5W5ZGKo6ZQdGfYTtjVTuJg2P4bAAD//8o1Bh8=") r0 = open(&(0x7f0000000100)='./file1\x00', 0x147842, 0xc3) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000680)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) preadv2(r0, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x3f00, 0x7) 2.752208601s ago: executing program 2 (id=150): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='fd\x00') getdents64(r0, &(0x7f0000000000)=""/38, 0x26) 2.670180425s ago: executing program 0 (id=152): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="12000000080000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xd, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000003b00000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 2.514963201s ago: executing program 2 (id=153): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000400)={0x1, 0x0, 0x9, 0xc, 0x1a2}) 2.382987597s ago: executing program 4 (id=154): ptrace(0x4208, 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0022220000007bb53ea1c7a325080b01be3d04262c4f7c1ca20800837df6b1c93b09007a151a"], 0x0}, 0x0) 2.380004757s ago: executing program 2 (id=155): bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_buf(r4, 0x1, 0x1c, &(0x7f00000002c0)=""/229, &(0x7f0000000000)=0xe5) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='net/protocols\x00') preadv(r5, &(0x7f0000000700)=[{0x0, 0xf5ff}, {&(0x7f0000000780)=""/68, 0x44}], 0x2, 0x76, 0x0) ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f00000000c0)={0x4, 0x9dc5, 0x101, 0x0, 0xe}) sendto$packet(r0, 0x0, 0x0, 0x4, 0x0, 0x0) 2.379548487s ago: executing program 0 (id=156): sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, 0x0, 0x24000000) syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000005c0)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000980)='./file1\x00', 0x42, 0xc2) pwrite64(r1, &(0x7f0000000080)="cc", 0x1, 0x200980) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xe7c) getdents64(0xffffffffffffffff, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) 2.183927446s ago: executing program 3 (id=157): r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x20000, 0x0) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, 0x0) 1.240583936s ago: executing program 3 (id=158): r0 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000000)={'bridge0\x00', 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r3, 0x0) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0) ioctl$KVM_SET_FPU(r3, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0x99, 0x0, 0x0, 0x10000, 0x2, '\x00', 0xc94}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 1.240295766s ago: executing program 2 (id=159): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x77) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f00000000c0)={0x14c}, 0x137) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000400)={r0, 0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r1 = socket(0x11, 0x2, 0x0) setsockopt(r1, 0x107, 0x9, &(0x7f00000000c0)='\x00', 0x21) 1.064501744s ago: executing program 2 (id=160): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, 0x0, 0x0) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000180)={0xfffc, [0x5, 0xffffffff]}, 0x10) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) syz_usb_connect(0x0, 0x3f, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000d0918108ac051582588f0000000109022d00010000000009040000030b08000009058d67c8002a000009050502000000000009058b6e"], 0x0) 952.210818ms ago: executing program 0 (id=161): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='sys_enter\x00'}, 0x0) unshare(0x2c020400) r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f0000000000)=ANY=[], 0x2000, 0x0) msgrcv(r0, 0x0, 0x0, 0x3, 0x2800) 754.265347ms ago: executing program 0 (id=162): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x40881) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x261f]}}], 0xffc8) poll(&(0x7f0000000140)=[{r0, 0x8}], 0x1, 0x5) 703.483369ms ago: executing program 3 (id=163): socket$inet6_udp(0xa, 0x2, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000a80)=@raw={'raw\x00', 0x8, 0x3, 0x370, 0x0, 0x11, 0x148, 0x1d8, 0x0, 0x2d8, 0x2a8, 0x2a8, 0x2d8, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0x3, 0x7}}}, @common=@unspec=@conntrack3={{0xc8}, {{@ipv4=@broadcast, [0xff, 0xff, 0x0, 0xff], @ipv6=@mcast2, [0xffffffff, 0xffffff00, 0x0, 0xffffffff], @ipv6=@dev={0xfe, 0x80, '\x00', 0x27}, [0xffffffff, 0x0, 0x0, 0xff000000], @ipv4=@multicast2, [0x0, 0x0, 0x0, 0xffffff00], 0x6, 0x6, 0x0, 0x4e23, 0x4e24, 0x4e22, 0x4e23, 0x81}, 0x0, 0x480, 0x0, 0x0, 0x0, 0x4e20}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00', {}, {}, 0x0, 0x2}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3d0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000100)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x64, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e22, 0x8}}}}}, 0x0) 464.19656ms ago: executing program 3 (id=164): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c0000001400010000000000fcdbdf25021f49cb", @ANYRES32=r1, @ANYBLOB="08000200e0eeff00140003000000000000000000000000000000000008000400ffffffff"], 0x3c}}, 0x0) 386.426393ms ago: executing program 0 (id=165): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r0, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in=@empty, @in6=@mcast2, 0x0, 0x0, 0x0, 0x4, 0xa, 0x0, 0x80}, {0x2000000, 0x0, 0x40, 0x4, 0x0, 0x6}, {0x0, 0x2, 0xffffffffffffffff}}}, 0xb8}}, 0x0) 347.736874ms ago: executing program 3 (id=166): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000080)='./file2\x00', 0x4800, &(0x7f0000000100)=ANY=[], 0x1, 0x6bb, &(0x7f00000018c0)="$eJzs3c1vXFfdB/DvHY8dT9ombpq0eR5VqtVIgIhI7FgpmA0BIWSkCqGyYG0lTmNlkhbHRW6FqMPrtov+Ad1kg1ghsWITqbBgA7vukJeVkNh0g1kNujN3XjJ+m+bF45TPJ7pzzj3nnnN/93fvnbfImgD/s5bOp34/RZbOv75Rrm/dW2hu3Vu41a0nOZZkM6knqSUp/t1qtT5OriRFb5piqNzhw9XFNz75bOvTzlq9Wtrb1/YbN6TabnOoebPbNptkoiofwQPzXX3k+Ype5FeSnKtKGLvJJK3WZFo9P/nrs72esvNkp2zsNnr68AIFnpii87pZvhjXBttnkuPVjV6+D+i+8tbGEuQIjo243fA7CAAAAHjajPIZ+OR2trNRnDiEcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOALYbP/+/9FtdS69dkU3d//n6raUtWPllc+3+b3n1QcAAAAAAAAAHCIXtnOdjZyorveKtr/5/9qe+V0+/GZvJM7WclaLmQjy1nPetYyn2RmYKKpjeX19bX5EUZe2nXkpQMCPVaVjcdz3AAAAAAAAADwBfOLLPX//x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI6CIpnoFCnuDjTPpFZPMp1kqmzYTP7erT/N7o87AAAAADgEJ7eznY2c6K63ipxO8mL7O4DpvJPbWc9q1tPMSq61vxfofOqvbd1baG7dW7hVLjvn/fa/HlidPiCM9ozpfPew+57Ptrdo5HpW2y0XcjVvpZlrqbVHls5W8XRnHYrrbhlT8a3KiAm6VpXlkX9QlTu8P+Jk+xv+MqWx/xcsM+2MTPYyMlfFVmbj+e6Z2f0MDZ2dgwzvaT61XmCnh/Y0FPBD5fx4VZbH85u9cj4Ww5m4NHD1vbh/zpMv//H3P56r6kfnkEYzUZWt9mNjZyYWBjLx0iiZuNG8ffPG9Tvnn7ZM7DDXzsSZ3vpSvpcf5Xxm88OsZTU/zXLWs5LZfLddW65OfjFwe++RqSudYnK33S71E9fN+1R1hU5UrZ8nplfbY09kNT/IW7mWlbzW/ncp8/l6LudyFgfO8Jn9z3D7rq89cNf3XwFaz+2axnNfqSrl095vq3JXe3Y8KWVenx/I6+Bz7ky7b7Cln6VTB2epTMsDz41/2j+U+v9XlXIfvxw49+M3nIn5gUy8sF8muhfynebtm2s3lt8ebXenPhgY/usj9ZRaXi+nypOV7gnqXx1l3wvdvqF8lX2ne321HX1nen2dO3Vzzzt1qnoPt3OmS+2+l3btW2j3nR3o2+391sHv5gAYs+NfPT7V+Gfjb42PGr9q3Gi8Pv2dY9849vJUJv88+c363MSXai8Xf8hH+Xn/8z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDw7rz73s3lZnNlbajSarXe36Or2TqZ7NH1cJXanmGUlfoBoe6oZPYfz5QDui2t9Lq6P2f2GIM/qPJ/zyajj6p+gSedlvrjzfMYK/9ptVpVS7HHNr/7y85EPTdS6qZGvzYOqExXV3jlSKSuqtQPeadjekICDs3F9VtvX7zz7ntfW721/ObKmyu3Fy9fXpxbvPzawsXrq82Vuc7juKMEnoT+i/64IwEAAAAAAAAAAABGNdrfA+SR/pxg3McIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPN2Wzqd+P0Xm5y7Mletb9xaa5dKt97esJ6klKX6WFB8nV9JZMjMwXbHXfj5cXXzjk8+2Pu3PVS75/tUDxo1ms1oym2SiU959XPNdrcp9FfsdQtE7wjJh57qJg3H7bwAAAP//EOj9JQ==") setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) creat(&(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x14) rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000002c0)='./file1\x00') 40.151558ms ago: executing program 0 (id=167): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000000)={[{@auto_da_alloc}, {@minixdf}]}, 0x1, 0x569, &(0x7f0000000480)="$eJzs3d1rm9UfAPDvkzZ7//3WwRgqIgUvnMyla+vLBC/mtQ4Gej9D+6yMpsto0rHWgduFu5bhnQPxXrz2UvwHvPBvGOhgyCiCeBN50idZ2iZtuqUvms8HnnK+z0vPOXlyTs7JSUgAQ2s8+1OIeDkivkoiTkZEkh8bjfzg+Np5q0/vzGRbEo3GJ38kzfOyuPW/Wtcdz4OXIuLnLyPOFTbnW1temS9XKuliHk/UF25O1JZXzl9fKM+lc+mNqenpi+9MT73/3rsDq+ubV7KCjOTRqQdJXIoTedRZjxdwtzMYj/H8MSnGpQ0nTg4gs4Mk6br3hz0vBzszkrfzYmR9wMkYyVs98N/3RUQ0gCGV7Lj9/1rcnZIAe6s1DmjN7Qc0D/7XePLh2gRoc/1H194biSPNudGx1WTdzCib744NIP8sjx9/f/gg22Jw70MAbOvuvYi4MDq6uf9L8v7v+V3o45yNeej/YO/8lI1/3uo2/im0xz/RZfxzvEvbfR7bt//C4wFk01M2/vug6/i3vWg1NpJH/2uO+YrJteuVNOvb/h8RZ6N4OIu3Ws+5uPqo0etY5/gv27L8W2PBvByPRw+vv2a2XC+/SJ07PbkX8UrX8W/Svv/J2v1ft8STPR5X+szjTPrwtV7Htq//7mp8F/FG1/v/rLrJ1uuTE83nw0TrWbHZn/fP/NIr//2uf3b/j21d/7Gkc722tvM8vj3ydxrt9eT11tU/+n/+H0o+baYP5ftul+v1xcmIQ8nH7f2F1v6pZ9e24tb5Wf3Pvr51/5d06f+ORsRnfdb//unvX+117CDc/9mu9789u91w/3eeePTR59/0yr+//u/tZupsvqef/q/fAr7IYwcAAAAAAAAHTSEiTkRSKLXThUKptPb5jtNxrFCp1urnrlWXbsxG87uyY1EstFa6T3Z8HmIyXzFsxVMb4umIOBURX48cbcalmWpldr8rDwAAAAAAAAAAAAAAAAAAAAfE8R7f/8/8NrLfpQN2nZ/8huG1bfsfxC89AQeS138YXto/DK++2n9x98sB7D2v/zC8tH8YXto/DC/tH4aX9g8AAAAAAAAAAAAAAAAAAAAAAAAAAAADdeXy5WxrrD69M5PFs7eWl+art87PprX50sLSTGmmunizNFetzlXS0kx1Ybv/V6lWb05OxdLtiXpaq0/UlleuLlSXbtSvXl8oz6VXU78iBgAAAAAAAAAAAAAAAAAAAJvVllfmy5VKuigxxIm/Go3G814+ut+Fl9iVxH73TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwzD8BAAD//1hdMq0=") setxattr$incfs_metadata(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280), &(0x7f00000002c0)="30573472b621739991c336124406e8a5c812ca847e3bf9b837c91d46ab", 0x1d, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000080)='./file1\x00', &(0x7f0000000180), &(0x7f0000000000)=ANY=[], 0x361, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000340)='./file1\x00', &(0x7f0000000400), 0x0, 0x0, 0x2) lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000440)=ANY=[], 0xfe37, 0x0) 0s ago: executing program 3 (id=168): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000005a0000008500000022000000180100002020702500000000002020200100000000000000bfa100000000000007010000f8ffffffb702000008000000b7"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0xcf50, 0x2925, 0xffff, 0x9dff, 0xf, "9402080100"}) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0xfffffff9, 0x7fff, 0x16, "0062ba7d82000000000000000000f7ffffff00"}) r1 = syz_open_pts(r0, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x17) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.19' (ED25519) to the list of known hosts. [ 70.192203][ T5779] cgroup: Unknown subsys name 'net' [ 70.333011][ T5779] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 71.439548][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.446227][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.956811][ T5779] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 74.299583][ T5794] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 74.325465][ T5794] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 74.330368][ T5802] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 74.340977][ T5802] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 74.343332][ T5801] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 74.348650][ T5802] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 74.355258][ T5794] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 74.371045][ T5802] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 74.371582][ T5801] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 74.388199][ T5802] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 74.395762][ T5801] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 74.405363][ T5802] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 74.414213][ T5802] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 74.421486][ T5802] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 74.426554][ T5805] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 74.428804][ T5801] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 74.438019][ T5805] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 74.443381][ T5801] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 74.450638][ T5805] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 74.457219][ T5801] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 74.464724][ T5805] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 74.470925][ T5801] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 74.485665][ T5801] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 74.492963][ T5801] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 75.019696][ T5790] chnl_net:caif_netlink_parms(): no params data found [ 75.049502][ T5791] chnl_net:caif_netlink_parms(): no params data found [ 75.162336][ T5789] chnl_net:caif_netlink_parms(): no params data found [ 75.184132][ T5788] chnl_net:caif_netlink_parms(): no params data found [ 75.200885][ T5790] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.209593][ T5790] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.217107][ T5790] bridge_slave_0: entered allmulticast mode [ 75.224034][ T5790] bridge_slave_0: entered promiscuous mode [ 75.255089][ T5790] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.262308][ T5790] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.269743][ T5790] bridge_slave_1: entered allmulticast mode [ 75.276877][ T5790] bridge_slave_1: entered promiscuous mode [ 75.387597][ T5791] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.395979][ T5791] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.403178][ T5791] bridge_slave_0: entered allmulticast mode [ 75.410271][ T5791] bridge_slave_0: entered promiscuous mode [ 75.420583][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.433862][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.453238][ T5791] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.460542][ T5791] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.467839][ T5791] bridge_slave_1: entered allmulticast mode [ 75.475296][ T5791] bridge_slave_1: entered promiscuous mode [ 75.559007][ T5788] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.566330][ T5788] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.573516][ T5788] bridge_slave_0: entered allmulticast mode [ 75.581189][ T5788] bridge_slave_0: entered promiscuous mode [ 75.604179][ T5790] team0: Port device team_slave_0 added [ 75.622871][ T5788] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.630324][ T5788] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.637911][ T5788] bridge_slave_1: entered allmulticast mode [ 75.645038][ T5788] bridge_slave_1: entered promiscuous mode [ 75.653966][ T5791] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.665481][ T5790] team0: Port device team_slave_1 added [ 75.674929][ T5791] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.684161][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.692087][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.699506][ T5789] bridge_slave_0: entered allmulticast mode [ 75.707079][ T5789] bridge_slave_0: entered promiscuous mode [ 75.751005][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.758637][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.766002][ T5789] bridge_slave_1: entered allmulticast mode [ 75.773025][ T5789] bridge_slave_1: entered promiscuous mode [ 75.796755][ T5788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.842567][ T5788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.867607][ T5791] team0: Port device team_slave_0 added [ 75.875565][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.882535][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.910284][ T5790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.952362][ T5791] team0: Port device team_slave_1 added [ 75.959307][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.967365][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.993513][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.014391][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 76.027883][ T5788] team0: Port device team_slave_0 added [ 76.036802][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 76.061550][ T5788] team0: Port device team_slave_1 added [ 76.130815][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 76.138744][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.165883][ T5791] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 76.180157][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 76.187236][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.213267][ T5791] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.252098][ T5789] team0: Port device team_slave_0 added [ 76.266003][ T5789] team0: Port device team_slave_1 added [ 76.289649][ T5790] hsr_slave_0: entered promiscuous mode [ 76.296629][ T5790] hsr_slave_1: entered promiscuous mode [ 76.304295][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 76.311540][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.337635][ T5788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 76.350826][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 76.357873][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.383831][ T5788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.407754][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 76.414869][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.440816][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 76.497317][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 76.504299][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.530992][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.553847][ T5791] hsr_slave_0: entered promiscuous mode [ 76.555743][ T5805] Bluetooth: hci2: command tx timeout [ 76.562492][ T5799] Bluetooth: hci1: command tx timeout [ 76.565693][ T5801] Bluetooth: hci0: command tx timeout [ 76.571316][ T5796] Bluetooth: hci3: command tx timeout [ 76.577944][ T5791] hsr_slave_1: entered promiscuous mode [ 76.588709][ T5791] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 76.596547][ T5791] Cannot create hsr debugfs directory [ 76.699218][ T5788] hsr_slave_0: entered promiscuous mode [ 76.707596][ T5788] hsr_slave_1: entered promiscuous mode [ 76.713873][ T5788] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 76.722185][ T5788] Cannot create hsr debugfs directory [ 76.766547][ T5789] hsr_slave_0: entered promiscuous mode [ 76.772881][ T5789] hsr_slave_1: entered promiscuous mode [ 76.779837][ T5789] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 76.787697][ T5789] Cannot create hsr debugfs directory [ 77.129550][ T5791] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 77.147094][ T5791] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 77.160421][ T5791] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 77.170661][ T5791] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 77.239367][ T5790] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 77.252020][ T5790] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 77.261966][ T5790] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 77.276687][ T5790] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 77.353865][ T5789] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 77.387062][ T5789] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 77.400865][ T5789] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 77.416662][ T5789] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 77.503847][ T5788] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 77.516286][ T5788] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 77.542163][ T5788] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 77.554409][ T5788] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 77.620751][ T5791] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.693342][ T5791] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.719061][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.746324][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.762548][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.769949][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.780766][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.787966][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.810587][ T5789] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.825419][ T3516] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.832557][ T3516] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.878553][ T3516] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.885723][ T3516] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.897377][ T5790] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.910338][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.917520][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.948895][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.956092][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.013798][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.076235][ T5788] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.123695][ T5790] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 78.139331][ T5790] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 78.172623][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.179827][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.209235][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.216547][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.396430][ T5788] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 78.462828][ T5791] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.583755][ T5791] veth0_vlan: entered promiscuous mode [ 78.638157][ T5791] veth1_vlan: entered promiscuous mode [ 78.645834][ T5796] Bluetooth: hci2: command tx timeout [ 78.651279][ T5796] Bluetooth: hci0: command tx timeout [ 78.659724][ T5805] Bluetooth: hci3: command tx timeout [ 78.665402][ T5796] Bluetooth: hci1: command tx timeout [ 78.753995][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.785410][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.793278][ T5791] veth0_macvtap: entered promiscuous mode [ 78.814392][ T5791] veth1_macvtap: entered promiscuous mode [ 78.852574][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.863405][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.876629][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.905631][ T5791] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.915113][ T5791] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.923924][ T5791] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.935464][ T5791] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.025359][ T5789] veth0_vlan: entered promiscuous mode [ 79.061786][ T5790] veth0_vlan: entered promiscuous mode [ 79.083800][ T5790] veth1_vlan: entered promiscuous mode [ 79.092591][ T5788] veth0_vlan: entered promiscuous mode [ 79.101119][ T5789] veth1_vlan: entered promiscuous mode [ 79.141587][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.148643][ T5788] veth1_vlan: entered promiscuous mode [ 79.156885][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.223568][ T5788] veth0_macvtap: entered promiscuous mode [ 79.241990][ T3516] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.253215][ T5788] veth1_macvtap: entered promiscuous mode [ 79.254510][ T3516] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.269841][ T5790] veth0_macvtap: entered promiscuous mode [ 79.308050][ T5790] veth1_macvtap: entered promiscuous mode [ 79.333375][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.346436][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.362061][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 79.381564][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 79.393448][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.409770][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 79.424018][ T5789] veth0_macvtap: entered promiscuous mode [ 79.439787][ T5788] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.448968][ T5788] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.458934][ T5788] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.467988][ T5788] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.490472][ T5789] veth1_macvtap: entered promiscuous mode [ 79.502722][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.521317][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.531903][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.547172][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.559915][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 79.584280][ T5876] syz.3.4[5876]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 79.599526][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 79.603287][ T5876] loop3: detected capacity change from 0 to 256 [ 79.610197][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.627953][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 79.639585][ T5876] ======================================================= [ 79.639585][ T5876] WARNING: The mand mount option has been deprecated and [ 79.639585][ T5876] and is ignored by this kernel. Remove the mand [ 79.639585][ T5876] option from the mount to silence this warning. [ 79.639585][ T5876] ======================================================= [ 79.677077][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.689416][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 79.699499][ T5876] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x389acbd6, utbl_chksum : 0xe619d30d) [ 79.758705][ T5790] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.768215][ T5790] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.773158][ T5876] loop3: Can't mount, would change RO state [ 79.784229][ T5790] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.793821][ T5790] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.816773][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.830375][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.841439][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.852292][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.862859][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.873925][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.886566][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 79.993838][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.005112][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.020100][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.030977][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.047271][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.060129][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.060270][ T5879] loop3: detected capacity change from 0 to 8192 [ 80.083990][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.110613][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.127144][ T5879] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 80.130513][ T5789] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.147399][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.161637][ T5789] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.171886][ T5789] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.180764][ T5789] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.312494][ T3516] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.332581][ T5880] FAT-fs (loop3): error, invalid access to FAT (entry 0x00005dec) [ 80.359209][ T3516] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.367015][ T5880] FAT-fs (loop3): Filesystem has been set read-only [ 80.496309][ T3516] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.509770][ T3516] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.590103][ T1137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.635841][ T1137] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.689525][ T1049] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.710305][ T1049] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.718024][ T5805] Bluetooth: hci3: command tx timeout [ 80.718060][ T5805] Bluetooth: hci1: command tx timeout [ 80.718092][ T5805] Bluetooth: hci0: command tx timeout [ 80.718123][ T5805] Bluetooth: hci2: command tx timeout [ 80.744189][ T5883] loop2: detected capacity change from 0 to 512 [ 80.753142][ T5883] EXT4-fs: Ignoring removed bh option [ 80.802856][ T1137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.812493][ T1137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.853228][ T5883] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 80.878514][ T5883] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 80.927922][ T5883] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 80.952351][ T5883] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 80.995067][ T5883] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 81.041597][ T5883] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.136422][ T5889] capability: warning: `syz.0.1' uses 32-bit capabilities (legacy support in use) [ 81.164275][ T5883] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.188689][ T5889] loop0: detected capacity change from 0 to 736 [ 81.295032][ T5792] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 81.459750][ T5894] loop3: detected capacity change from 0 to 8 [ 81.501862][ T5894] squashfs image failed sanity check [ 81.543678][ T5896] loop1: detected capacity change from 0 to 512 [ 81.613371][ T5896] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #12: comm syz.1.8: iget: bad extra_isize 64544 (inode size 256) [ 81.646600][ T5800] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 81.686271][ T5899] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 81.748504][ T5896] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.8: couldn't read orphan inode 12 (err -117) [ 81.813992][ T5896] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.035984][ T5905] EXT4-fs warning (device loop1): __ext4fs_dirhash:283: invalid/unsupported hash tree version 9 [ 82.140948][ T5909] loop3: detected capacity change from 0 to 512 [ 82.208674][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.236127][ T5909] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.622370][ T5916] loop1: detected capacity change from 0 to 2048 [ 82.659173][ T1137] Trying to write to read-only block-device loop3 [ 82.664497][ T5916] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 83.018507][ T5801] Bluetooth: hci2: command tx timeout [ 83.024617][ T5801] Bluetooth: hci0: command tx timeout [ 83.030455][ T5801] Bluetooth: hci1: command tx timeout [ 83.050942][ T5805] Bluetooth: hci3: command tx timeout [ 83.335684][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.385272][ T5916] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 83.724354][ T5789] UDF-fs: error (device loop1): udf_read_inode: (ino 1440) failed !bh [ 83.744205][ T5789] UDF-fs: error (device loop1): udf_read_inode: (ino 1440) failed !bh [ 84.097855][ T5930] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 84.844025][ T5934] loop2: detected capacity change from 0 to 128 [ 84.877471][ T5934] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 84.909026][ T3516] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.930191][ T5934] ext4 filesystem being mounted at /3/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 85.124854][ T5788] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 85.517216][ T5939] loop2: detected capacity change from 0 to 1024 [ 85.579102][ T5939] EXT4-fs: Ignoring removed orlov option [ 85.756881][ T5939] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 86.012945][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.223760][ T5952] loop2: detected capacity change from 0 to 16 [ 86.310394][ T5952] erofs: (device loop2): mounted with root inode @ nid 36. [ 86.355807][ T5801] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 86.373073][ T5801] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 86.381737][ T5801] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 86.390672][ T5801] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 86.421219][ T5801] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 86.428971][ T5801] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 86.841801][ T23] cfg80211: failed to load regulatory.db [ 86.907505][ T3516] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.153700][ T3516] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.247080][ T3516] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.281881][ T5968] capability: warning: `syz.2.30' uses deprecated v2 capabilities in a way that may be insecure [ 87.448811][ T5971] loop2: detected capacity change from 0 to 1024 [ 87.470101][ T5971] EXT4-fs: inline encryption not supported [ 87.491264][ T5971] EXT4-fs: Ignoring removed orlov option [ 87.511170][ T5971] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 87.566298][ T5971] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800c019, mo2=0002] [ 87.590668][ T5953] chnl_net:caif_netlink_parms(): no params data found [ 87.607388][ T5971] System zones: 0-1, 3-12 [ 87.661934][ T5971] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.752060][ T5978] loop0: detected capacity change from 0 to 512 [ 87.876652][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.043464][ T5978] EXT4-fs (loop0): Test dummy encryption mode enabled [ 88.078643][ T5978] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 88.137470][ T5978] EXT4-fs (loop0): 1 truncate cleaned up [ 88.160135][ T5989] loop2: detected capacity change from 0 to 512 [ 88.174288][ T5978] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.187363][ T5953] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.220545][ T5953] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.249397][ T5989] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.270365][ T5953] bridge_slave_0: entered allmulticast mode [ 88.299113][ T5953] bridge_slave_0: entered promiscuous mode [ 88.299434][ T5989] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 88.455386][ T5978] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 88.543231][ T5953] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.563049][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.571960][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.574018][ T5801] Bluetooth: hci2: command tx timeout [ 88.587398][ T5953] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.620386][ T5953] bridge_slave_1: entered allmulticast mode [ 88.673346][ T5953] bridge_slave_1: entered promiscuous mode [ 88.683822][ T6011] loop3: detected capacity change from 0 to 512 [ 88.746441][ T6011] EXT4-fs: Ignoring removed bh option [ 88.785842][ T5792] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 88.976411][ T5953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.074456][ T5953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.087827][ T6022] loop3: detected capacity change from 0 to 1024 [ 89.249937][ T5792] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 89.264622][ T5953] team0: Port device team_slave_0 added [ 89.273420][ T5953] team0: Port device team_slave_1 added [ 89.310399][ T6026] loop0: detected capacity change from 0 to 1024 [ 89.345650][ T6026] EXT4-fs: Ignoring removed bh option [ 89.412715][ T6026] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.510803][ T6035] loop2: detected capacity change from 0 to 256 [ 89.589856][ T6035] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 89.617898][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.631441][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.674303][ T5953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.674328][ T6035] process 'syz.2.43' launched './file0' with NULL argv: empty string added [ 89.689078][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.701477][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.729606][ T5953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.733673][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.877900][ T6038] loop3: detected capacity change from 0 to 128 [ 89.970050][ T5800] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 90.140710][ T5953] hsr_slave_0: entered promiscuous mode [ 90.163846][ T5953] hsr_slave_1: entered promiscuous mode [ 90.177077][ T5953] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.185771][ T5953] Cannot create hsr debugfs directory [ 90.414778][ T23] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 90.463953][ T3516] hsr_slave_0: left promiscuous mode [ 90.477788][ T3516] hsr_slave_1: left promiscuous mode [ 90.484201][ T3516] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 90.511291][ T3516] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 90.522809][ T3516] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 90.537818][ T3516] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 90.563943][ T3516] bridge_slave_1: left allmulticast mode [ 90.581448][ T3516] bridge_slave_1: left promiscuous mode [ 90.605933][ T3516] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.625665][ T23] usb 3-1: Using ep0 maxpacket: 8 [ 90.633800][ T3516] bridge_slave_0: left allmulticast mode [ 90.643846][ T3516] bridge_slave_0: left promiscuous mode [ 90.649392][ T23] usb 3-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 90.649489][ T23] usb 3-1: config 0 interface 0 has no altsetting 0 [ 90.649523][ T23] usb 3-1: New USB device found, idVendor=056a, idProduct=0065, bcdDevice= 0.00 [ 90.649545][ T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.689398][ T3516] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.699102][ T23] usb 3-1: config 0 descriptor?? [ 90.843647][ T3516] veth1_macvtap: left promiscuous mode [ 90.864076][ T3516] veth0_macvtap: left promiscuous mode [ 90.885164][ T3516] veth1_vlan: left promiscuous mode [ 90.890806][ T3516] veth0_vlan: left promiscuous mode [ 90.902947][ T6065] loop0: detected capacity change from 0 to 512 [ 90.953427][ T6065] EXT4-fs: Ignoring removed oldalloc option [ 91.012645][ T6065] EXT4-fs (loop0): 1 truncate cleaned up [ 91.043449][ T6065] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.187530][ T23] wacom 0003:056A:0065.0001: unknown main item tag 0x0 [ 91.208063][ T23] wacom 0003:056A:0065.0001: unknown main item tag 0x0 [ 91.224743][ T23] wacom 0003:056A:0065.0001: unknown main item tag 0x0 [ 91.243134][ T23] wacom 0003:056A:0065.0001: unknown main item tag 0x0 [ 91.268329][ T23] wacom 0003:056A:0065.0001: unknown main item tag 0x0 [ 91.336901][ T23] wacom 0003:056A:0065.0001: Unknown device_type for 'HID 056a:0065'. Assuming pen. [ 91.563333][ T23] wacom 0003:056A:0065.0001: hidraw0: USB HID v2.07 Device [HID 056a:0065] on usb-dummy_hcd.2-1/input0 [ 91.591461][ T23] input: Wacom Bamboo Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:0065.0001/input/input5 [ 91.827066][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.896377][ T23] usb 3-1: USB disconnect, device number 2 [ 92.106254][ T6075] fido_id[6075]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 93.014867][ T6091] loop3: detected capacity change from 0 to 1024 [ 93.226374][ T6094] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 93.773243][ T3516] team0 (unregistering): Port device team_slave_1 removed [ 93.825238][ T3516] team0 (unregistering): Port device team_slave_0 removed [ 93.895252][ T3516] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 93.992441][ T3516] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 94.394823][ T6116] loop3: detected capacity change from 0 to 1024 [ 94.408760][ T6116] EXT4-fs: Ignoring removed nomblk_io_submit option [ 94.652341][ T6120] loop3: detected capacity change from 0 to 256 [ 94.701319][ T5792] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 94.701572][ T3516] bond0 (unregistering): Released all slaves [ 94.948860][ T6108] netlink: 60 bytes leftover after parsing attributes in process `syz.2.60'. [ 94.964981][ T6108] netlink: 60 bytes leftover after parsing attributes in process `syz.2.60'. [ 95.193614][ T6126] loop2: detected capacity change from 0 to 128 [ 95.254329][ T6126] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 95.331792][ T6126] ext4 filesystem being mounted at /20/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 95.451523][ T5953] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 95.469061][ T5953] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 95.478164][ T5788] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 95.564806][ T5953] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 95.594617][ T5953] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 95.880041][ T5953] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.991188][ T5953] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.076166][ T3516] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.083894][ T3516] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.164062][ T1111] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.171273][ T1111] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.050022][ T5953] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 97.816665][ T6176] binder: binder_mmap: 6175 200000002000-200000005000 bad vm_flags failed -1 [ 97.882498][ T5953] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.150407][ T6183] loop3: detected capacity change from 0 to 1024 [ 98.178945][ T6183] EXT4-fs: Ignoring removed bh option [ 98.202841][ T6183] Zero length message leads to an empty skb [ 98.286897][ T6192] netlink: 4 bytes leftover after parsing attributes in process `syz.3.77'. [ 98.743216][ T5953] veth0_vlan: entered promiscuous mode [ 98.768804][ T6207] loop2: detected capacity change from 0 to 4096 [ 98.782466][ T5953] veth1_vlan: entered promiscuous mode [ 98.786719][ T6207] EXT4-fs: Ignoring removed nomblk_io_submit option [ 98.888730][ T6207] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.939604][ T5953] veth0_macvtap: entered promiscuous mode [ 98.940218][ T6215] loop0: detected capacity change from 0 to 256 [ 98.999132][ T5953] veth1_macvtap: entered promiscuous mode [ 99.022253][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.076830][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.097036][ T6215] FAT-fs (loop0): Directory bread(block 64) failed [ 99.103630][ T6215] FAT-fs (loop0): Directory bread(block 65) failed [ 99.124807][ T6215] FAT-fs (loop0): Directory bread(block 66) failed [ 99.125364][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.131485][ T6215] FAT-fs (loop0): Directory bread(block 67) failed [ 99.145526][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.158643][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.195016][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.195335][ T6215] FAT-fs (loop0): Directory bread(block 68) failed [ 99.223318][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.263709][ T6215] FAT-fs (loop0): Directory bread(block 69) failed [ 99.279875][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.320229][ T6215] FAT-fs (loop0): Directory bread(block 70) failed [ 99.341460][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.354870][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.367799][ T6222] loop3: detected capacity change from 0 to 128 [ 99.374538][ T6215] FAT-fs (loop0): Directory bread(block 71) failed [ 99.381227][ T6215] FAT-fs (loop0): Directory bread(block 72) failed [ 99.405450][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.425160][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.454658][ T6215] FAT-fs (loop0): Directory bread(block 73) failed [ 99.477900][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.508826][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.550495][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.637399][ T5953] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.674595][ T5953] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.690058][ T6215] syz.0.83: attempt to access beyond end of device [ 99.690058][ T6215] loop0: rw=2049, sector=1224, nr_sectors = 4 limit=256 [ 99.741751][ T5953] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.764504][ T5953] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.844117][ T6230] loop2: detected capacity change from 0 to 1024 [ 99.871122][ T6230] EXT4-fs: inline encryption not supported [ 99.915217][ T6230] EXT4-fs: Ignoring removed nobh option [ 99.934903][ T6230] EXT4-fs: Ignoring removed bh option [ 99.952703][ T6230] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 100.080878][ T6230] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.117403][ T6240] loop3: detected capacity change from 0 to 256 [ 100.127872][ T6242] loop0: detected capacity change from 0 to 256 [ 100.144649][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.172910][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.291795][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.351491][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.440018][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.700998][ T6253] loop4: detected capacity change from 0 to 1024 [ 100.733279][ T6253] EXT4-fs: Ignoring removed bh option [ 100.771430][ T6253] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 101.237577][ T6253] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 101.848268][ T6272] loop2: detected capacity change from 0 to 256 [ 101.867326][ T6272] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 101.970819][ T6272] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 102.194363][ T5953] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.339322][ T6287] loop3: detected capacity change from 0 to 1024 [ 103.570735][ T6303] loop2: detected capacity change from 0 to 512 [ 103.630358][ T6303] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c02c, mo2=0002] [ 103.657399][ T6303] System zones: 1-12 [ 103.702484][ T6303] EXT4-fs error (device loop2): ext4_xattr_inode_iget:449: comm syz.2.107: error while reading EA inode 32 err=-116 [ 103.788310][ T6303] EXT4-fs (loop2): Remounting filesystem read-only [ 103.819860][ T6303] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 103.854503][ T6303] EXT4-fs warning (device loop2): ext4_evict_inode:255: couldn't mark inode dirty (err -5) [ 103.904201][ T6303] EXT4-fs (loop2): 1 orphan inode deleted [ 103.944573][ T6303] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.276860][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.411882][ T6341] loop3: detected capacity change from 0 to 512 [ 105.528621][ T5792] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 105.695048][ T6346] loop2: detected capacity change from 0 to 512 [ 105.708160][ T6346] EXT4-fs (loop2): can't mount with both data=journal and dax [ 105.804903][ T5792] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 106.032547][ T6351] loop4: detected capacity change from 0 to 4096 [ 106.043694][ T6351] EXT4-fs: Ignoring removed nomblk_io_submit option [ 106.043906][ T6356] loop2: detected capacity change from 0 to 1024 [ 106.109522][ T6351] EXT4-fs (loop4): Test dummy encryption mode enabled [ 106.216477][ T6351] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 106.256661][ T6351] System zones: 0-5 [ 106.359413][ T6351] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.107395][ T6368] loop0: detected capacity change from 0 to 512 [ 107.119211][ T6351] ext4: Unknown parameter 'nouser_xattr' [ 107.188894][ T5953] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.216317][ T6368] EXT4-fs error (device loop0): ext4_orphan_get:1425: comm syz.0.122: bad orphan inode 15 [ 107.271023][ T6368] ext4_test_bit(bit=14, block=18) = 1 [ 107.342443][ T6368] is_bad_inode(inode)=0 [ 107.369382][ T6368] NEXT_ORPHAN(inode)=1023 [ 107.373790][ T6368] max_ino=32 [ 107.436839][ T6368] i_nlink=0 [ 107.484813][ T6368] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2988: inode #15: comm syz.0.122: corrupted xattr block 19: invalid header [ 107.640819][ T6375] hfsplus: found bad thread record in catalog [ 107.647332][ T6375] hfsplus: catalog searching failed [ 108.136486][ T6368] EXT4-fs warning (device loop0): ext4_evict_inode:272: xattr delete (err -117) [ 108.158168][ T6378] loop3: detected capacity change from 0 to 128 [ 108.199157][ T6368] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 108.291234][ T5792] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 108.315178][ T6368] ext4 filesystem being mounted at /31/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 108.354333][ T2968] hfsplus: found bad thread record in catalog [ 108.406383][ T2968] hfsplus: found bad thread record in catalog [ 108.571279][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 109.124374][ T6404] loop0: detected capacity change from 0 to 512 [ 109.177073][ T6404] EXT4-fs (loop0): Test dummy encryption mode enabled [ 109.188800][ T6406] loop4: detected capacity change from 0 to 1024 [ 109.210885][ T6404] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 109.327390][ T6404] EXT4-fs error (device loop0): ext4_orphan_get:1425: comm syz.0.132: bad orphan inode 131083 [ 109.371237][ T6406] hfsplus: xattr searching failed [ 109.422474][ T6404] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.466802][ T6406] hfsplus: xattr searching failed [ 109.737946][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.061570][ T6426] loop0: detected capacity change from 0 to 1024 [ 110.089219][ T6426] EXT4-fs: Ignoring removed bh option [ 110.182595][ T6426] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.207518][ T6430] loop4: detected capacity change from 0 to 512 [ 110.214099][ T6428] loop3: detected capacity change from 0 to 764 [ 110.345430][ T6428] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet. [ 110.466513][ T6440] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4031: comm syz.0.137: Allocating blocks 481-513 which overlap fs metadata [ 110.519850][ T6440] EXT4-fs (loop0): Remounting filesystem read-only [ 110.709100][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.112224][ T6477] loop4: detected capacity change from 0 to 1024 [ 112.271081][ T28] audit: type=1800 audit(1764386769.438:2): pid=6477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.149" name="file1" dev="loop4" ino=20 res=0 errno=0 [ 112.300899][ T6482] loop3: detected capacity change from 0 to 128 [ 112.426730][ T5800] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 112.568987][ T6490] loop0: detected capacity change from 0 to 128 [ 112.737471][ T6490] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 113.104159][ T6490] ext4 filesystem being mounted at /39/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 113.739193][ T5877] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 113.841823][ T5790] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 113.935009][ T5877] usb 5-1: Using ep0 maxpacket: 16 [ 113.951924][ T5877] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 113.983844][ T5877] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 114.008477][ T5877] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 114.021648][ T5877] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 114.054628][ T5877] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.089086][ T5877] usb 5-1: config 0 descriptor?? [ 114.144875][ T9] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 114.245657][ T6525] xt_CT: You must specify a L4 protocol and not use inversions on it [ 114.344694][ T9] usb 3-1: Using ep0 maxpacket: 8 [ 114.391239][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 114.408319][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 114.420382][ T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 114.437169][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 114.449999][ T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 114.491604][ T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 114.522114][ T5877] microsoft 0003:045E:07DA.0002: unbalanced collection at end of report description [ 114.553185][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.583915][ T5877] microsoft 0003:045E:07DA.0002: parse failed [ 114.602617][ T9] usb 3-1: config 0 descriptor?? [ 114.615010][ T5877] microsoft: probe of 0003:045E:07DA.0002 failed with error -22 [ 114.637738][ T6538] loop3: detected capacity change from 0 to 1024 [ 114.720920][ T5801] Bluetooth: hci4: urb ffff888026399400 submission failed (90) [ 114.741715][ T5877] usb 5-1: USB disconnect, device number 2 [ 114.784788][ T6542] loop0: detected capacity change from 0 to 1024 [ 114.841536][ T6542] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 114.872828][ T787] usb 3-1: USB disconnect, device number 3 [ 114.944219][ T6542] ================================================================== [ 114.952347][ T6542] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x94b/0x1e90 [ 114.960108][ T6542] Read of size 18446744073709551588 at addr ffff88803013d840 by task syz.0.167/6542 [ 114.969493][ T6542] [ 114.971858][ T6542] CPU: 1 PID: 6542 Comm: syz.0.167 Not tainted syzkaller #0 [ 114.979163][ T6542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 114.989236][ T6542] Call Trace: [ 114.992523][ T6542] [ 114.995460][ T6542] dump_stack_lvl+0x16c/0x230 [ 115.000149][ T6542] ? read_lock_is_recursive+0x20/0x20 [ 115.005527][ T6542] ? show_regs_print_info+0x20/0x20 [ 115.010751][ T6542] ? load_image+0x3b0/0x3b0 [ 115.015271][ T6542] ? _raw_spin_lock_irqsave+0xb4/0xf0 [ 115.020649][ T6542] ? __virt_addr_valid+0x18c/0x540 [ 115.025767][ T6542] ? __virt_addr_valid+0x469/0x540 [ 115.030887][ T6542] print_report+0xac/0x220 [ 115.035314][ T6542] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 115.040784][ T6542] kasan_report+0x117/0x150 [ 115.045315][ T6542] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 115.050789][ T6542] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 115.056258][ T6542] kasan_check_range+0x288/0x290 [ 115.061206][ T6542] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 115.066678][ T6542] __asan_memmove+0x29/0x70 [ 115.071190][ T6542] ext4_xattr_set_entry+0x94b/0x1e90 [ 115.076495][ T6542] ext4_xattr_block_set+0xae3/0x32a0 [ 115.081793][ T6542] ? ext4_destroy_inode+0x200/0x200 [ 115.087017][ T6542] ? proc_nr_inodes+0x230/0x230 [ 115.091881][ T6542] ? do_raw_spin_unlock+0x121/0x230 [ 115.097094][ T6542] ? _raw_spin_unlock+0x28/0x40 [ 115.101961][ T6542] ? ext4_xattr_block_find+0x350/0x350 [ 115.107436][ T6542] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 115.112822][ T6542] ext4_xattr_set_handle+0x10a1/0x1290 [ 115.118300][ T6542] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 115.124295][ T6542] ? __ext4_journal_start_sb+0x259/0x570 [ 115.129937][ T6542] ext4_xattr_set+0x22d/0x320 [ 115.134641][ T6542] ? end_current_label_crit_section+0x170/0x170 [ 115.140893][ T6542] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 115.146450][ T6542] ? posix_xattr_acl+0x93/0xb0 [ 115.151234][ T6542] ? evm_protect_xattr+0x36d/0x7a0 [ 115.156357][ T6542] ? ext4_xattr_trusted_get+0x40/0x40 [ 115.161743][ T6542] __vfs_setxattr+0x431/0x470 [ 115.166433][ T6542] __vfs_setxattr_noperm+0x12d/0x5e0 [ 115.171724][ T6542] vfs_setxattr+0x16c/0x2f0 [ 115.176238][ T6542] ? xattr_permission+0x470/0x470 [ 115.181266][ T6542] ? __mnt_want_write+0x223/0x2a0 [ 115.186317][ T6542] ? path_setxattr+0x314/0x550 [ 115.191183][ T6542] path_setxattr+0x362/0x550 [ 115.195795][ T6542] ? simple_xattrs_free+0x150/0x150 [ 115.201019][ T6542] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 115.207014][ T6542] ? lock_chain_count+0x20/0x20 [ 115.211886][ T6542] __x64_sys_lsetxattr+0xb8/0xd0 [ 115.216829][ T6542] do_syscall_64+0x55/0xb0 [ 115.221256][ T6542] ? clear_bhb_loop+0x40/0x90 [ 115.225960][ T6542] ? clear_bhb_loop+0x40/0x90 [ 115.230658][ T6542] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 115.236561][ T6542] RIP: 0033:0x7f5d68f8f749 [ 115.240999][ T6542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 115.260704][ T6542] RSP: 002b:00007f5d69d65038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 115.269120][ T6542] RAX: ffffffffffffffda RBX: 00007f5d691e5fa0 RCX: 00007f5d68f8f749 [ 115.277094][ T6542] RDX: 0000200000000000 RSI: 0000200000000180 RDI: 0000200000000080 [ 115.285098][ T6542] RBP: 00007f5d69013f91 R08: 0000000000000000 R09: 0000000000000000 [ 115.293091][ T6542] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000 [ 115.301087][ T6542] R13: 00007f5d691e6038 R14: 00007f5d691e5fa0 R15: 00007ffc7da7ffd8 [ 115.309091][ T6542] [ 115.312131][ T6542] [ 115.314470][ T6542] Allocated by task 6542: [ 115.318808][ T6542] kasan_set_track+0x4e/0x70 [ 115.323409][ T6542] __kasan_kmalloc+0x8f/0xa0 [ 115.328056][ T6542] __kmalloc_node_track_caller+0xb2/0x230 [ 115.333818][ T6542] kmemdup+0x2b/0x70 [ 115.337728][ T6542] ext4_xattr_block_set+0x9e5/0x32a0 [ 115.343029][ T6542] ext4_xattr_set_handle+0x10a1/0x1290 [ 115.348543][ T6542] ext4_xattr_set+0x22d/0x320 [ 115.353252][ T6542] __vfs_setxattr+0x431/0x470 [ 115.357942][ T6542] __vfs_setxattr_noperm+0x12d/0x5e0 [ 115.363241][ T6542] vfs_setxattr+0x16c/0x2f0 [ 115.367745][ T6542] path_setxattr+0x362/0x550 [ 115.372346][ T6542] __x64_sys_lsetxattr+0xb8/0xd0 [ 115.377295][ T6542] do_syscall_64+0x55/0xb0 [ 115.381721][ T6542] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 115.387640][ T6542] [ 115.389978][ T6542] Last potentially related work creation: [ 115.395700][ T6542] kasan_save_stack+0x3e/0x60 [ 115.400466][ T6542] __kasan_record_aux_stack+0xaf/0xc0 [ 115.405847][ T6542] kvfree_call_rcu+0xee/0x780 [ 115.410537][ T6542] batadv_hard_if_event+0x7e1/0x15b0 [ 115.415850][ T6542] notifier_call_chain+0x197/0x390 [ 115.420966][ T6542] unregister_netdevice_many_notify+0xf36/0x1810 [ 115.427318][ T6542] default_device_exit_batch+0x9cb/0xa60 [ 115.432967][ T6542] cleanup_net+0x77f/0xb90 [ 115.437403][ T6542] process_scheduled_works+0xa45/0x15b0 [ 115.442966][ T6542] worker_thread+0xa55/0xfc0 [ 115.447590][ T6542] kthread+0x2fa/0x390 [ 115.451666][ T6542] ret_from_fork+0x48/0x80 [ 115.456085][ T6542] ret_from_fork_asm+0x11/0x20 [ 115.460872][ T6542] [ 115.463202][ T6542] The buggy address belongs to the object at ffff88803013d800 [ 115.463202][ T6542] which belongs to the cache kmalloc-1k of size 1024 [ 115.477267][ T6542] The buggy address is located 64 bytes inside of [ 115.477267][ T6542] 1024-byte region [ffff88803013d800, ffff88803013dc00) [ 115.490549][ T6542] [ 115.492876][ T6542] The buggy address belongs to the physical page: [ 115.499295][ T6542] page:ffffea0000c04e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x30138 [ 115.509448][ T6542] head:ffffea0000c04e00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 115.518407][ T6542] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 115.526402][ T6542] page_type: 0xffffffff() [ 115.530824][ T6542] raw: 00fff00000000840 ffff888017841dc0 ffffea0000a64a00 dead000000000002 [ 115.539441][ T6542] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 115.548026][ T6542] page dumped because: kasan: bad access detected [ 115.554572][ T6542] page_owner tracks the page as allocated [ 115.560298][ T6542] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5788, tgid 5788 (syz-executor), ts 76025484675, free_ts 76013833702 [ 115.581840][ T6542] post_alloc_hook+0x1cd/0x210 [ 115.586624][ T6542] get_page_from_freelist+0x195c/0x19f0 [ 115.592185][ T6542] __alloc_pages+0x1e3/0x460 [ 115.596789][ T6542] alloc_slab_page+0x5d/0x170 [ 115.601479][ T6542] new_slab+0x87/0x2e0 [ 115.605561][ T6542] ___slab_alloc+0xc6d/0x1300 [ 115.610246][ T6542] __kmem_cache_alloc_node+0x1a2/0x260 [ 115.615719][ T6542] __kmalloc_node+0xa4/0x230 [ 115.620335][ T6542] qdisc_alloc+0x94/0xa50 [ 115.624669][ T6542] qdisc_create_dflt+0x63/0x430 [ 115.629540][ T6542] dev_activate+0x397/0x11a0 [ 115.634132][ T6542] __dev_open+0x338/0x430 [ 115.638481][ T6542] dev_open+0xab/0x170 [ 115.642551][ T6542] team_add_slave+0xae7/0x2660 [ 115.647320][ T6542] do_setlink+0xe14/0x3fb0 [ 115.651743][ T6542] rtnl_newlink+0x175b/0x2020 [ 115.656464][ T6542] page last free stack trace: [ 115.661156][ T6542] free_unref_page_prepare+0x7ce/0x8e0 [ 115.666648][ T6542] free_unref_page+0x32/0x2e0 [ 115.671347][ T6542] __unfreeze_partials+0x1cf/0x210 [ 115.676484][ T6542] put_cpu_partial+0x17c/0x250 [ 115.681272][ T6542] __slab_free+0x31d/0x410 [ 115.685704][ T6542] qlist_free_all+0x75/0xe0 [ 115.690223][ T6542] kasan_quarantine_reduce+0x143/0x160 [ 115.695699][ T6542] __kasan_slab_alloc+0x22/0x80 [ 115.700561][ T6542] slab_post_alloc_hook+0x6e/0x4d0 [ 115.705696][ T6542] kmem_cache_alloc+0x11e/0x2e0 [ 115.710562][ T6542] __kernfs_new_node+0xd8/0x7e0 [ 115.715432][ T6542] kernfs_new_node+0x14c/0x260 [ 115.720290][ T6542] __kernfs_create_file+0x4b/0x2e0 [ 115.725410][ T6542] sysfs_add_file_mode_ns+0x238/0x300 [ 115.730792][ T6542] sysfs_create_files+0x154/0x310 [ 115.735838][ T6542] bond_enslave+0x1ffe/0x3ac0 [ 115.740571][ T6542] [ 115.742895][ T6542] Memory state around the buggy address: [ 115.748525][ T6542] ffff88803013d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 115.756590][ T6542] ffff88803013d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 115.764674][ T6542] >ffff88803013d800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 115.772730][ T6542] ^ [ 115.778876][ T6542] ffff88803013d880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 115.786940][ T6542] ffff88803013d900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 115.795014][ T6542] ================================================================== [ 115.843236][ T6542] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 115.850484][ T6542] CPU: 0 PID: 6542 Comm: syz.0.167 Not tainted syzkaller #0 [ 115.857806][ T6542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 115.867889][ T6542] Call Trace: [ 115.871186][ T6542] [ 115.874133][ T6542] dump_stack_lvl+0x16c/0x230 [ 115.878846][ T6542] ? show_regs_print_info+0x20/0x20 [ 115.884075][ T6542] ? load_image+0x3b0/0x3b0 [ 115.888612][ T6542] panic+0x2c0/0x710 [ 115.892540][ T6542] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 115.898729][ T6542] ? bpf_jit_dump+0xd0/0xd0 [ 115.903373][ T6542] ? _raw_spin_unlock_irqrestore+0xfa/0x110 [ 115.909299][ T6542] ? _raw_spin_unlock+0x40/0x40 [ 115.914184][ T6542] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 115.919677][ T6542] check_panic_on_warn+0x84/0xa0 [ 115.924652][ T6542] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 115.930144][ T6542] end_report+0x6f/0x140 [ 115.934414][ T6542] kasan_report+0x128/0x150 [ 115.938946][ T6542] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 115.944446][ T6542] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 115.949945][ T6542] kasan_check_range+0x288/0x290 [ 115.954936][ T6542] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 115.960440][ T6542] __asan_memmove+0x29/0x70 [ 115.964968][ T6542] ext4_xattr_set_entry+0x94b/0x1e90 [ 115.970283][ T6542] ext4_xattr_block_set+0xae3/0x32a0 [ 115.975594][ T6542] ? ext4_destroy_inode+0x200/0x200 [ 115.980813][ T6542] ? proc_nr_inodes+0x230/0x230 [ 115.985671][ T6542] ? do_raw_spin_unlock+0x121/0x230 [ 115.990886][ T6542] ? _raw_spin_unlock+0x28/0x40 [ 115.995754][ T6542] ? ext4_xattr_block_find+0x350/0x350 [ 116.001222][ T6542] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 116.006622][ T6542] ext4_xattr_set_handle+0x10a1/0x1290 [ 116.012119][ T6542] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 116.018115][ T6542] ? __ext4_journal_start_sb+0x259/0x570 [ 116.023766][ T6542] ext4_xattr_set+0x22d/0x320 [ 116.028451][ T6542] ? end_current_label_crit_section+0x170/0x170 [ 116.034722][ T6542] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 116.040285][ T6542] ? posix_xattr_acl+0x93/0xb0 [ 116.045059][ T6542] ? evm_protect_xattr+0x36d/0x7a0 [ 116.050185][ T6542] ? ext4_xattr_trusted_get+0x40/0x40 [ 116.055578][ T6542] __vfs_setxattr+0x431/0x470 [ 116.060266][ T6542] __vfs_setxattr_noperm+0x12d/0x5e0 [ 116.065559][ T6542] vfs_setxattr+0x16c/0x2f0 [ 116.070082][ T6542] ? xattr_permission+0x470/0x470 [ 116.075117][ T6542] ? __mnt_want_write+0x223/0x2a0 [ 116.080153][ T6542] ? path_setxattr+0x314/0x550 [ 116.084927][ T6542] path_setxattr+0x362/0x550 [ 116.089533][ T6542] ? simple_xattrs_free+0x150/0x150 [ 116.094750][ T6542] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 116.100744][ T6542] ? lock_chain_count+0x20/0x20 [ 116.105603][ T6542] __x64_sys_lsetxattr+0xb8/0xd0 [ 116.110552][ T6542] do_syscall_64+0x55/0xb0 [ 116.114988][ T6542] ? clear_bhb_loop+0x40/0x90 [ 116.119681][ T6542] ? clear_bhb_loop+0x40/0x90 [ 116.124361][ T6542] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 116.130275][ T6542] RIP: 0033:0x7f5d68f8f749 [ 116.134700][ T6542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.154312][ T6542] RSP: 002b:00007f5d69d65038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 116.162734][ T6542] RAX: ffffffffffffffda RBX: 00007f5d691e5fa0 RCX: 00007f5d68f8f749 [ 116.170710][ T6542] RDX: 0000200000000000 RSI: 0000200000000180 RDI: 0000200000000080 [ 116.178686][ T6542] RBP: 00007f5d69013f91 R08: 0000000000000000 R09: 0000000000000000 [ 116.186658][ T6542] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000 [ 116.194636][ T6542] R13: 00007f5d691e6038 R14: 00007f5d691e5fa0 R15: 00007ffc7da7ffd8 [ 116.202625][ T6542] [ 116.205962][ T6542] Kernel Offset: disabled [ 116.210286][ T6542] Rebooting in 86400 seconds..