last executing test programs: 1.23481492s ago: executing program 0 (id=1): syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000680)={[{@debug}, {@data_err_ignore}, {@grpid}, {@noquota}, {@nodiscard}, {@data_err_ignore}, {@acl}, {@journal_ioprio}, {@resuid}]}, 0x1, 0xbb4, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnHy2zb2TXi6X27tpLpdLC+I0raTYIthKxY0LQbdCQzopIdMPkkhNmsVE/wFR14IbQS1KF3bdjYJbN1q3FhdCkdgoiGjkzEeSJjNJ2k5yYvL7wZvzvvOcOe/z5DBzzgszE8CeNZD9SSMORcT5JKJQfzyNiO5qrzeiUttvYX525Jf52ZEkFhdf/jGJJCLuz8+ONI6V1LcH6oPeiPjquST+8ebaeSenZ8aHy+XSRH18bOrS1WOT0zNPjl0avli6WLp8/OTTQyeGTg6eGmpbrb9+d+bWz/994fvKbx/9fuOndz5I4kz01WMr66hX/dgGYmDpf7JSZ0QMt+H4O0FHvZ6VdSadGzwp3eKkAABoKV1xD/evKERHLN+8FeLzr3NNDgAAAGiLxY6IRQAAAGCXS6z/AQAAYJdrfA7g/vzsSKPl+4mE7XXvbET01+pfqLdapDMq1W1vdEXE/vtJrPxaa1J72mMbiIi73576NGvR5HvIW60yFxH/bnb+k2r9/fVvQq+uP42IwTbMP7Bq/Feq/0wb5s+7fgD2pttnaxeytde/dOn+J5pc/zqbXLseRd7Xv8b938Ka+7/l+jta3P+9tMk5rn/43rVWsaz+Z249/0mjZfNn28cq6iHcm4v4T2ez+pOl+pMW9Z/f5ByFP66VWsXyrn/x/Ygj0bz+hmT93yc6NjpWLg3W/jadY+7LoY9bzZ93/dn539+i/o3O/9UHjtT6R31ePXfuZqvYxvWnP3Qnr1R73fVHXh+empo4HtGdvLj28RPr19vYp3GMrP6j/1v/9d+s/uw9oVL/P2SVz9W32fiNVXM+e+P6Z+vVn6398jz/Fx7x/L+1yTn+/8XbR1vFVq5/s5bNfzeprYUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCGNiL5I0mJEJNV+mhaLEQci4p+xPy1fmZx6YvTKa5cvZLGI/uhKR8fKpcGIKNTGSTY+Xu0vj0+sGj8VEQcj4t3Cvuq4OHKlfCHv4gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhyICL6IkmLEZFGxEIhTYvFvLMCAAAA2q4/7wQAAACALWf9DwAAALuf9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb7ODh23eSiKic3ldtme56rCvXzICtluadAJCbjrwTAHLTmXcCQG4eco3vdgF2oWSDeG/LSE/bcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg5zpy6PadJCIqp/dVW6a7Hutq+ozD25gdsJXSvBMActOxXrBz+/IAtp+XOOxdzdf4wF6SbBDvXd6n8mCkZ8tyAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDn6au2JC1GRFrtp2mxGPG3iOiPrmR0rFwajIi/R8Q3ha6ebNyTd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC03eT0zPhwuVya0NHRybeT7Iw0ap2835kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjD5PTM+HC5XJqYzDsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIG+T0zPjw+VyaWITnZsPs/OKTt41AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQnz8DAAD//9b4DfQ=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000100)={0x6, 0x73, 0x2, 0x3, 0x19, "88bd91aa90758062b5fffd9272e301aa98af75"}) write$UHID_INPUT(r1, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b5b09094bf70e0dd038e7ff7fc6e5539b324c078b089b3438076d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b32310d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e01000000138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12d3099dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f6dc7bcbf2a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509301815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827466cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d951061ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033095563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db87195358bfee2916580dacae008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2df086dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36ffffffff00000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817b97c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000f4ff000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1061}}, 0x1006) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xe3aa6ea) write$tun(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="030100081307e0f5ffff000088f7061000000000aaaaaaaa94f4575af08e456b57bf207bb483e70baaaaaaaaaa1f0edf80d06d97d2ac0aac602792af93aeb181c7cc5fab9d60f8a9374e934c0476be3509ccfa2b7cb0197aa1c3a01a7bf3d1505de23f07fc17f49801ccaa26eec3bc77f706000000000000002e1b9d79b414bbdbcdf6ed1ea5310a66ec9817b05554232868455f2efb8832a989a8a270579c518f2a447e1d01a7ed5fc030cef31e8153a810b6bc93e67b80388d38413f2e035e6804661a9d01258b0189c3c5894e34de2b1a5355eaca0fb1d9e513ef024f13c57a15817485be93c1a6577f6bf7e03c53d5e44d62e199de37bb49180dbb8e63"], 0x38) r3 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000140)={0x0, 0x2000bb22, 0x2, {0x1, @raw_data="3d924b827139e8a4ec01eb92492ff84715d1a004d08b012a7cafe27a5f313d31bbdae5b411ca5be6bfe92437ed0d21b5180e375be56b3b9306d7dbb26bf9f22de7ac7681cca450055250217bdf1113b4258293ba4efed32147bda8454dd115bd5ba066ba06f2854cc96db9a98055cbde9fd084a1223ada91ed2e832907a01ab5ee65f997b617f73d1aa5a6dfc47acdc5eb834f8e448469d235e4380cbcc331c96177b67caa0656f9664277cadb8597e7d911ad1da457ef9744b0993c57a700"}}) ioctl$vim2m_VIDIOC_QBUF(r3, 0xc058560f, &(0x7f00000000c0)=@userptr={0x7, 0x1, 0x4, 0xd08b012a, 0x0, {0x0, 0xea60}, {0x2, 0x0, 0x0, 0x0, 0x0, 0x4, "f1439fae"}, 0x0, 0x2, {0x0}, 0x20000, 0x0, r3}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r4, 0x0) write$binfmt_misc(r4, &(0x7f0000000380)="f4c5c6a6a7dfd5f9b956cbdcc5c138f22e6470bec378b7f186994c442e718dea6758f340352ecd062ff1b7fe227f536bd3f6f66457d39af445de5d3f476915de73e89e0f156b4b234f46272b5228263dc440767599cb3041ea40971b7d001d7ceeec0d7d30e6482ed094d782cf2ec4e54a49795c999083b7f333ce77209b721556b99c9c6385", 0x86) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x40001e0, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r8 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000001c0)={'ip6_vti0\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r9, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, 0x0) 1.067365632s ago: executing program 2 (id=3): unshare(0x6a040000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) fsopen(&(0x7f0000000000)='cgroup\x00', 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x4}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 625.25568ms ago: executing program 1 (id=2): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) close(r1) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000fc85000000040000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x0) writev(r0, &(0x7f0000000440)=[{&(0x7f0000000480)="89e7ee2c78dad9b4b473e4c988cafb0c7d1b1403bb91be0e49e20600000000000000074d53031a741e59ce9161166be63370ed0cec74053630accc", 0x3b}], 0x1) 554.773538ms ago: executing program 3 (id=6): pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x1, 0x81, 0x1ff, 0x801, 0x1}, 0x1c) bind$tipc(r1, 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000080)={'gre0\x00', &(0x7f0000000300)={'syztnl2\x00', 0x0, 0x7800, 0x40, 0x5, 0x5, {{0xc, 0x4, 0x1, 0x2, 0x30, 0x67, 0x0, 0x7f, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x34}, @local, {[@timestamp={0x44, 0xc, 0x95, 0x0, 0x5, [0x0, 0xff]}, @generic={0x86, 0xd, "5654d80cfc445f18577a08"}, @end]}}}}}) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f0000000400)={'syztnl1\x00', &(0x7f0000000380)={'sit0\x00', r2, 0x8, 0x40, 0x1, 0x3, {{0xa, 0x4, 0x0, 0x16, 0x28, 0x66, 0x0, 0x4, 0x0, 0x0, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x35}, {[@end, @ra={0x94, 0x4, 0x1}, @generic={0x94, 0x7, "e4aed78b87"}, @timestamp={0x44, 0x8, 0xb6, 0x0, 0x7, [0x10001]}]}}}}}) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000004c0)=@mangle={'mangle\x00', 0x1f, 0x6, 0x488, 0xc0, 0x1c0, 0x258, 0x2f0, 0x1c0, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x6, &(0x7f0000000280), {[{{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x8}}]}, @TTL={0x28, 'TTL\x00', 0x0, {0x3, 0x1}}}, {{@uncond, 0x0, 0xc0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}, {0x10}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0xe17, 0x80000001, @ipv4=@dev={0xac, 0x14, 0x14, 0x2f}, 0x4e20}}}, {{@ip={@multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xffffffff, 0x0, 'syzkaller0\x00', 'macvtap0\x00', {}, {0xff}, 0x11, 0x2}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28, 'DSCP\x00', 0x0, {0x17}}}, {{@ip={@local, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'batadv_slave_1\x00', 'nicvf0\x00', {0xff}, {0xff}, 0x16, 0x2, 0x28}, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x0, 0xa}}}, {{@ip={@empty, @dev={0xac, 0x14, 0x14, 0x19}, 0xff000000, 0xff000000, 'bridge0\x00', 'ip_vti0\x00', {}, {0xff}, 0x5e, 0x1, 0x47}, 0x0, 0xd8, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x2}}, @common=@set={{0x40}, {{0xffffffffffffffff, [0x4, 0x6, 0x4, 0x1, 0x0, 0x1], 0x4, 0x5}}}]}, @ECN={0x28, 'ECN\x00', 0x0, {0x10, 0x7, 0x2}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4e8) close_range(r0, 0xffffffffffffffff, 0x0) 343.412993ms ago: executing program 0 (id=7): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x10, 0x2, &(0x7f00000002c0)=ANY=[@ANYBLOB="911023000000000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) 282.579762ms ago: executing program 3 (id=8): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r1}, 0x18) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r2}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000300)="b9ff030768f1258c989e14f05c71", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) kexec_load(0x40000000, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0) 241.299131ms ago: executing program 1 (id=9): fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x6, @remote, 0x7fff}, 0x1c) syz_emit_ethernet(0x9a, &(0x7f00000009c0)=ANY=[@ANYBLOB="0180c200000eaaaaaaaaaaaa86dd6001010000641100fe8000000000400000000000000000bbfe8000000000000000000000000000aa4e200e22"], 0x0) 187.101848ms ago: executing program 0 (id=10): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18) unshare(0x40060480) 186.868489ms ago: executing program 4 (id=5): r0 = socket(0x2b, 0x80801, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff9ce}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8000000, 0x7fffffe, 0x2d0, 0x0, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x200, 0xffffffff, 0xffffffff, 0x200, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x3, 0x0}, @mcast1, [0x0, 0x0, 0x0, 0xffffff], [0x0, 0x0, 0x4c62d6309aaa1bde, 0xff000000], 'ip6tnl0\x00', 'nicvf0\x00', {}, {0xff}, 0x3a}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x4, '\x00', 'syz1\x00'}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [], [0x0, 0x0, 0xffffff00, 0xffffff00], 'veth1\x00', 'veth0_to_bridge\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', {0x1}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x330) 186.567151ms ago: executing program 3 (id=11): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000019200)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000400)=ANY=[@ANYBLOB="54020000170001000000000000000000200100000000000000000000000000010000000000000000ac141400000000000000000000000000fc020000000000000003000000000000e000000200001000000000000000000000000000000000080a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="1242ffff040000000000000000000037660b6aff000000000000000000000000000000000000000002"], 0x254}}, 0x0) 186.401958ms ago: executing program 1 (id=12): unshare(0x22020400) r0 = syz_open_dev$loop(&(0x7f0000000680), 0x9, 0x103480) capset(&(0x7f0000a31000)={0x20080522}, &(0x7f0000000080)) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x6e) 177.622996ms ago: executing program 3 (id=13): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = epoll_create1(0x0) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0xc000201e}) write$UHID_INPUT(r0, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b5b09094bf70e0dd038e7ff7fc6e5539b324c078b089b3438076d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b32310d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e01000000138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12d3099dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f6dc7bcbf2a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509301815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827466cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d951061ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153bdf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033095563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db87195358bfee2916580dacae008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2df086dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36ffffffff00000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817b97c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000f4ff000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x40) 142.040832ms ago: executing program 1 (id=14): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) mlockall(0x7) 19.134428ms ago: executing program 3 (id=15): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, 0x0, 0x0) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x44fc2, 0x1) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140), 0x810094, &(0x7f00000021c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 0s ago: executing program 3 (id=16): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000101"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000002000000000000000700000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==") kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.177' (ED25519) to the list of known hosts. [ 28.650944][ T6540] cgroup: Unknown subsys name 'net' [ 28.770904][ T6540] cgroup: Unknown subsys name 'cpuset' [ 28.772716][ T6540] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 28.921871][ T6540] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 31.075919][ T6552] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 31.078199][ T6558] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 31.078836][ T6557] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 31.081472][ T6557] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 31.081577][ T6557] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 31.084649][ T6558] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 31.085585][ T6558] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 31.086427][ T6558] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 31.086919][ T6558] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 31.087089][ T6558] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 31.087424][ T6558] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 31.088233][ T6562] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 31.095625][ T6562] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 31.097128][ T6562] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 31.097768][ T6558] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 31.100001][ T6562] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 31.100794][ T6552] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 31.101093][ T6552] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 31.101244][ T6552] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 31.101547][ T6552] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 31.101732][ T6552] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 31.107057][ T6562] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 31.108545][ T6562] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 31.113574][ T53] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 31.115088][ T53] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 31.245518][ T6560] chnl_net:caif_netlink_parms(): no params data found [ 31.277534][ T6550] chnl_net:caif_netlink_parms(): no params data found [ 31.297711][ T6555] chnl_net:caif_netlink_parms(): no params data found [ 31.341408][ T6560] bridge0: port 1(bridge_slave_0) entered blocking state [ 31.341772][ T6560] bridge0: port 1(bridge_slave_0) entered disabled state [ 31.341853][ T6560] bridge_slave_0: entered allmulticast mode [ 31.342337][ T6560] bridge_slave_0: entered promiscuous mode [ 31.350391][ T6550] bridge0: port 1(bridge_slave_0) entered blocking state [ 31.351127][ T6550] bridge0: port 1(bridge_slave_0) entered disabled state [ 31.351259][ T6550] bridge_slave_0: entered allmulticast mode [ 31.351735][ T6550] bridge_slave_0: entered promiscuous mode [ 31.352556][ T6550] bridge0: port 2(bridge_slave_1) entered blocking state [ 31.352575][ T6550] bridge0: port 2(bridge_slave_1) entered disabled state [ 31.352620][ T6550] bridge_slave_1: entered allmulticast mode [ 31.353000][ T6550] bridge_slave_1: entered promiscuous mode [ 31.360045][ T6560] bridge0: port 2(bridge_slave_1) entered blocking state [ 31.361345][ T6560] bridge0: port 2(bridge_slave_1) entered disabled state [ 31.362040][ T6560] bridge_slave_1: entered allmulticast mode [ 31.362629][ T6560] bridge_slave_1: entered promiscuous mode [ 31.370417][ T6556] chnl_net:caif_netlink_parms(): no params data found [ 31.389017][ T6560] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 31.392038][ T6550] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 31.395061][ T6551] chnl_net:caif_netlink_parms(): no params data found [ 31.409231][ T6560] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 31.415490][ T6550] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 31.424474][ T6555] bridge0: port 1(bridge_slave_0) entered blocking state [ 31.425753][ T6555] bridge0: port 1(bridge_slave_0) entered disabled state [ 31.427058][ T6555] bridge_slave_0: entered allmulticast mode [ 31.428543][ T6555] bridge_slave_0: entered promiscuous mode [ 31.434609][ T6560] team0: Port device team_slave_0 added [ 31.443417][ T6555] bridge0: port 2(bridge_slave_1) entered blocking state [ 31.443532][ T6555] bridge0: port 2(bridge_slave_1) entered disabled state [ 31.443971][ T6555] bridge_slave_1: entered allmulticast mode [ 31.444402][ T6555] bridge_slave_1: entered promiscuous mode [ 31.448417][ T6560] team0: Port device team_slave_1 added [ 31.449132][ T6550] team0: Port device team_slave_0 added [ 31.465623][ T6555] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 31.468042][ T6550] team0: Port device team_slave_1 added [ 31.473286][ T6560] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 31.473313][ T6560] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 31.473339][ T6560] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 31.474268][ T6560] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 31.474275][ T6560] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 31.474289][ T6560] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 31.498161][ T6555] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 31.513116][ T6560] hsr_slave_0: entered promiscuous mode [ 31.513480][ T6560] hsr_slave_1: entered promiscuous mode [ 31.524444][ T6550] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 31.524470][ T6550] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 31.524495][ T6550] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 31.525075][ T6550] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 31.525089][ T6550] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 31.525108][ T6550] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 31.547312][ T6556] bridge0: port 1(bridge_slave_0) entered blocking state [ 31.548674][ T6556] bridge0: port 1(bridge_slave_0) entered disabled state [ 31.549960][ T6556] bridge_slave_0: entered allmulticast mode [ 31.551428][ T6556] bridge_slave_0: entered promiscuous mode [ 31.553579][ T6555] team0: Port device team_slave_0 added [ 31.554343][ T6555] team0: Port device team_slave_1 added [ 31.567643][ T6551] bridge0: port 1(bridge_slave_0) entered blocking state [ 31.567697][ T6551] bridge0: port 1(bridge_slave_0) entered disabled state [ 31.567753][ T6551] bridge_slave_0: entered allmulticast mode [ 31.568206][ T6551] bridge_slave_0: entered promiscuous mode [ 31.569218][ T6551] bridge0: port 2(bridge_slave_1) entered blocking state [ 31.569234][ T6551] bridge0: port 2(bridge_slave_1) entered disabled state [ 31.569279][ T6551] bridge_slave_1: entered allmulticast mode [ 31.570769][ T6551] bridge_slave_1: entered promiscuous mode [ 31.571982][ T6556] bridge0: port 2(bridge_slave_1) entered blocking state [ 31.572059][ T6556] bridge0: port 2(bridge_slave_1) entered disabled state [ 31.572114][ T6556] bridge_slave_1: entered allmulticast mode [ 31.572567][ T6556] bridge_slave_1: entered promiscuous mode [ 31.584779][ T6550] hsr_slave_0: entered promiscuous mode [ 31.585097][ T6550] hsr_slave_1: entered promiscuous mode [ 31.585319][ T6550] debugfs: 'hsr0' already exists in 'hsr' [ 31.585363][ T6550] Cannot create hsr debugfs directory [ 31.601389][ T6555] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 31.601416][ T6555] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 31.601448][ T6555] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 31.607776][ T6551] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 31.609246][ T6551] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 31.611878][ T6556] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 31.612596][ T6555] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 31.612606][ T6555] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 31.612622][ T6555] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 31.632832][ T6556] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 31.644913][ T6551] team0: Port device team_slave_0 added [ 31.645880][ T6551] team0: Port device team_slave_1 added [ 31.671082][ T6556] team0: Port device team_slave_0 added [ 31.684984][ T6556] team0: Port device team_slave_1 added [ 31.691893][ T6551] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 31.691917][ T6551] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 31.691930][ T6551] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 31.692522][ T6551] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 31.692530][ T6551] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 31.692545][ T6551] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 31.713424][ T6555] hsr_slave_0: entered promiscuous mode [ 31.714718][ T6555] hsr_slave_1: entered promiscuous mode [ 31.716220][ T6555] debugfs: 'hsr0' already exists in 'hsr' [ 31.717158][ T6555] Cannot create hsr debugfs directory [ 31.727633][ T6556] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 31.727663][ T6556] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 31.727680][ T6556] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 31.728248][ T6556] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 31.728256][ T6556] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 31.728267][ T6556] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 31.745988][ T6551] hsr_slave_0: entered promiscuous mode [ 31.747369][ T6551] hsr_slave_1: entered promiscuous mode [ 31.748570][ T6551] debugfs: 'hsr0' already exists in 'hsr' [ 31.749543][ T6551] Cannot create hsr debugfs directory [ 31.797080][ T6556] hsr_slave_0: entered promiscuous mode [ 31.797400][ T6556] hsr_slave_1: entered promiscuous mode [ 31.797627][ T6556] debugfs: 'hsr0' already exists in 'hsr' [ 31.797637][ T6556] Cannot create hsr debugfs directory [ 31.825797][ T6560] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 31.834078][ T6560] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 31.837860][ T6560] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 31.840906][ T6560] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 31.872293][ T6550] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 31.886800][ T6550] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 31.889183][ T6550] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 31.897117][ T6550] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 31.900999][ T6560] bridge0: port 2(bridge_slave_1) entered blocking state [ 31.901054][ T6560] bridge0: port 2(bridge_slave_1) entered forwarding state [ 31.901282][ T6560] bridge0: port 1(bridge_slave_0) entered blocking state [ 31.901309][ T6560] bridge0: port 1(bridge_slave_0) entered forwarding state [ 31.920503][ T6550] bridge0: port 2(bridge_slave_1) entered blocking state [ 31.920560][ T6550] bridge0: port 2(bridge_slave_1) entered forwarding state [ 31.920636][ T6550] bridge0: port 1(bridge_slave_0) entered blocking state [ 31.920663][ T6550] bridge0: port 1(bridge_slave_0) entered forwarding state [ 31.925915][ T6555] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 31.928185][ T6555] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 31.932467][ T6555] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 31.936412][ T6555] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 31.969384][ T6560] 8021q: adding VLAN 0 to HW filter on device bond0 [ 31.971160][ T6551] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 31.974024][ T6555] bridge0: port 2(bridge_slave_1) entered blocking state [ 31.974067][ T6555] bridge0: port 2(bridge_slave_1) entered forwarding state [ 31.974144][ T6555] bridge0: port 1(bridge_slave_0) entered blocking state [ 31.974173][ T6555] bridge0: port 1(bridge_slave_0) entered forwarding state [ 31.981905][ T6551] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 31.991876][ T6551] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 31.994407][ T6551] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 32.000262][ T15] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.001740][ T15] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.003108][ T15] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.004284][ T15] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.006890][ T15] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.008084][ T15] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.017285][ T6560] 8021q: adding VLAN 0 to HW filter on device team0 [ 32.037094][ T726] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.037143][ T726] bridge0: port 1(bridge_slave_0) entered forwarding state [ 32.043945][ T6556] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 32.046787][ T6556] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 32.048970][ T6556] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 32.053843][ T15] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.053885][ T15] bridge0: port 2(bridge_slave_1) entered forwarding state [ 32.057007][ T6550] 8021q: adding VLAN 0 to HW filter on device bond0 [ 32.061037][ T6556] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 32.066248][ T6550] 8021q: adding VLAN 0 to HW filter on device team0 [ 32.081254][ T6555] 8021q: adding VLAN 0 to HW filter on device bond0 [ 32.086703][ T6555] 8021q: adding VLAN 0 to HW filter on device team0 [ 32.094007][ T15] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.094052][ T15] bridge0: port 1(bridge_slave_0) entered forwarding state [ 32.094372][ T15] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.094388][ T15] bridge0: port 2(bridge_slave_1) entered forwarding state [ 32.096248][ T6560] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 32.107543][ T15] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.107590][ T15] bridge0: port 1(bridge_slave_0) entered forwarding state [ 32.127689][ T15] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.127733][ T15] bridge0: port 2(bridge_slave_1) entered forwarding state [ 32.136634][ T6550] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 32.136679][ T6550] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 32.181832][ T6551] 8021q: adding VLAN 0 to HW filter on device bond0 [ 32.197129][ T6550] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 32.226365][ T6551] 8021q: adding VLAN 0 to HW filter on device team0 [ 32.233821][ T6560] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 32.242673][ T726] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.242718][ T726] bridge0: port 1(bridge_slave_0) entered forwarding state [ 32.247979][ T6550] veth0_vlan: entered promiscuous mode [ 32.251346][ T6556] 8021q: adding VLAN 0 to HW filter on device bond0 [ 32.256271][ T726] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.256312][ T726] bridge0: port 2(bridge_slave_1) entered forwarding state [ 32.262016][ T6550] veth1_vlan: entered promiscuous mode [ 32.272416][ T6556] 8021q: adding VLAN 0 to HW filter on device team0 [ 32.277197][ T6555] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 32.284036][ T726] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.284075][ T726] bridge0: port 1(bridge_slave_0) entered forwarding state [ 32.295267][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.295317][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 32.298170][ T6550] veth0_macvtap: entered promiscuous mode [ 32.304879][ T6550] veth1_macvtap: entered promiscuous mode [ 32.309297][ T6550] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 32.313003][ T6550] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 32.324178][ T6560] veth0_vlan: entered promiscuous mode [ 32.325691][ T6560] veth1_vlan: entered promiscuous mode [ 32.343462][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.343772][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.343796][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.343812][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.361017][ T6555] veth0_vlan: entered promiscuous mode [ 32.364755][ T6556] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 32.392185][ T6560] veth0_macvtap: entered promiscuous mode [ 32.394269][ T6555] veth1_vlan: entered promiscuous mode [ 32.402915][ T6555] veth0_macvtap: entered promiscuous mode [ 32.405368][ T6555] veth1_macvtap: entered promiscuous mode [ 32.411964][ T6555] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 32.412960][ T2213] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 32.412972][ T2213] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 32.427884][ T6555] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 32.431905][ T6560] veth1_macvtap: entered promiscuous mode [ 32.451563][ T726] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.451637][ T726] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.451655][ T726] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.451670][ T726] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.457374][ T726] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 32.457805][ T726] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 32.468161][ T6560] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 32.474013][ T6560] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 32.500595][ T726] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 32.500638][ T726] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 32.506459][ T6550] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 32.507908][ T6551] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 32.508670][ T2213] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.508706][ T2213] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.508725][ T2213] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.508740][ T2213] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.513118][ T6556] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 32.526548][ T6556] veth0_vlan: entered promiscuous mode [ 32.530765][ T6556] veth1_vlan: entered promiscuous mode [ 32.573356][ T6660] loop0: detected capacity change from 0 to 4096 [ 32.577248][ T726] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 32.577301][ T726] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 32.588048][ T6556] veth0_macvtap: entered promiscuous mode [ 32.591874][ T6660] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c01c, mo2=0002] [ 32.592299][ T6556] veth1_macvtap: entered promiscuous mode [ 32.593225][ T6660] System zones: 0-5 [ 32.597645][ T6660] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 32.627666][ T6556] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 32.667095][ T6556] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 32.686155][ T6660] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 32.690413][ T726] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 32.690445][ T726] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 32.719395][ T6551] veth0_vlan: entered promiscuous mode [ 32.730730][ T763] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.731477][ T763] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.731675][ T763] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.731701][ T763] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.761621][ T763] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 32.763137][ T763] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 32.778194][ T6551] veth1_vlan: entered promiscuous mode [ 32.805666][ T6551] veth0_macvtap: entered promiscuous mode [ 32.807986][ T249] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 32.808014][ T249] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 33.052920][ T6551] veth1_macvtap: entered promiscuous mode [ 33.056173][ T6551] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 33.057127][ T6551] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 33.062420][ T249] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.062563][ T249] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.062590][ T249] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.062610][ T249] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.083587][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 33.083619][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 33.130427][ T6562] Bluetooth: hci4: command tx timeout [ 33.130550][ T6562] Bluetooth: hci0: command tx timeout [ 33.130615][ T6562] Bluetooth: hci2: command tx timeout [ 33.130656][ T6562] Bluetooth: hci1: command tx timeout [ 33.156773][ T763] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 33.156802][ T763] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 33.209245][ T249] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 33.209277][ T249] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 33.210867][ T6557] Bluetooth: hci3: command tx timeout [ 33.217772][ T6679] tipc: Started in network mode [ 33.217814][ T6679] tipc: Node identity 4642691ee7cb, cluster identity 4711 [ 33.217920][ T6679] tipc: Enabled bearer , priority 0 [ 33.227553][ T6678] tipc: Resetting bearer [ 33.232954][ T31] audit: type=1326 audit(33.210:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6668 comm="syz.2.3" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff9755b9e8 code=0x0 [ 33.444530][ T6550] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.472024][ T6678] tipc: Disabling bearer [ 33.519363][ T6686] Driver unsupported XDP return value 0 on prog (id 1) dev N/A, expect packet loss! [ 33.589225][ T6696] netlink: 300 bytes leftover after parsing attributes in process `syz.3.11'. [ 33.802926][ T6706] loop3: detected capacity change from 0 to 512 [ 33.830483][ T6706] [ 33.830949][ T6706] ====================================================== [ 33.832037][ T6706] WARNING: possible circular locking dependency detected [ 33.833105][ T6706] syzkaller #0 Not tainted [ 33.833788][ T6706] ------------------------------------------------------ [ 33.834904][ T6706] syz.3.16/6706 is trying to acquire lock: [ 33.835772][ T6706] ffff0000c2630b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x150/0x2a0 [ 33.837218][ T6706] [ 33.837218][ T6706] but task is already holding lock: [ 33.838264][ T6706] ffff0000f8368a58 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x358/0x6fc [ 33.839733][ T6706] [ 33.839733][ T6706] which lock already depends on the new lock. [ 33.839733][ T6706] [ 33.841213][ T6706] [ 33.841213][ T6706] the existing dependency chain (in reverse order) is: [ 33.842575][ T6706] [ 33.842575][ T6706] -> #2 (&ei->xattr_sem){++++}-{4:4}: [ 33.843693][ T6706] down_write+0x50/0xc0 [ 33.844394][ T6706] ext4_xattr_set_handle+0x11c/0x1260 [ 33.845304][ T6706] ext4_initxattrs+0xa4/0x11c [ 33.846055][ T6706] security_inode_init_security+0x6dc/0x7f4 [ 33.847036][ T6706] ext4_init_security+0x44/0x58 [ 33.847822][ T6706] __ext4_new_inode+0x27f4/0x3190 [ 33.848611][ T6706] ext4_create+0x1f8/0x3fc [ 33.849360][ T6706] path_openat+0x12d8/0x2c40 [ 33.850119][ T6706] do_filp_open+0x18c/0x36c [ 33.850933][ T6706] do_sys_openat2+0x11c/0x1b4 [ 33.851649][ T6706] __arm64_sys_openat+0x120/0x158 [ 33.852463][ T6706] invoke_syscall+0x98/0x254 [ 33.853228][ T6706] el0_svc_common+0xe8/0x23c [ 33.854002][ T6706] do_el0_svc+0x48/0x58 [ 33.854696][ T6706] el0_svc+0x5c/0x254 [ 33.855346][ T6706] el0t_64_sync_handler+0x84/0x12c [ 33.856223][ T6706] el0t_64_sync+0x198/0x19c [ 33.856932][ T6706] [ 33.856932][ T6706] -> #1 (jbd2_handle){++++}-{0:0}: [ 33.857982][ T6706] start_this_handle+0xe74/0x10dc [ 33.858772][ T6706] jbd2__journal_start+0x288/0x51c [ 33.859622][ T6706] __ext4_journal_start_sb+0x378/0x88c [ 33.860529][ T6706] ext4_do_writepages+0xb94/0x39b4 [ 33.861363][ T6706] ext4_writepages+0x178/0x2a0 [ 33.862125][ T6706] do_writepages+0x270/0x468 [ 33.862858][ T6706] file_write_and_wait_range+0x1d0/0x2c4 [ 33.863782][ T6706] ext4_sync_file+0x274/0xb44 [ 33.864573][ T6706] __arm64_sys_fsync+0x170/0x1d4 [ 33.865323][ T6706] invoke_syscall+0x98/0x254 [ 33.866208][ T6706] el0_svc_common+0xe8/0x23c [ 33.866977][ T6706] do_el0_svc+0x48/0x58 [ 33.867696][ T6706] el0_svc+0x5c/0x254 [ 33.868355][ T6706] el0t_64_sync_handler+0x84/0x12c [ 33.869142][ T6706] el0t_64_sync+0x198/0x19c [ 33.869890][ T6706] [ 33.869890][ T6706] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 33.871143][ T6706] __lock_acquire+0x1774/0x30a4 [ 33.871949][ T6706] lock_acquire+0x14c/0x2e0 [ 33.872674][ T6706] percpu_down_read_internal+0x5c/0x298 [ 33.873552][ T6706] ext4_writepages+0x150/0x2a0 [ 33.874316][ T6706] do_writepages+0x270/0x468 [ 33.875053][ T6706] __writeback_single_inode+0x15c/0x13e8 [ 33.875964][ T6706] writeback_single_inode+0x18c/0x54c [ 33.876853][ T6706] write_inode_now+0x13c/0x1a4 [ 33.877582][ T6706] iput+0x7d4/0xad4 [ 33.878186][ T6706] ext4_xattr_block_set+0x13dc/0x24bc [ 33.879049][ T6706] ext4_expand_extra_isize_ea+0xeb8/0x1830 [ 33.879937][ T6706] __ext4_expand_extra_isize+0x2a0/0x37c [ 33.880834][ T6706] __ext4_mark_inode_dirty+0x3c0/0x6fc [ 33.881654][ T6706] ext4_evict_inode+0x930/0x1084 [ 33.882403][ T6706] evict+0x414/0x928 [ 33.883044][ T6706] iput+0x95c/0xad4 [ 33.883697][ T6706] ext4_process_orphan+0x240/0x2b4 [ 33.884513][ T6706] ext4_orphan_cleanup+0x930/0x107c [ 33.885355][ T6706] ext4_fill_super+0x4854/0x4fcc [ 33.886147][ T6706] get_tree_bdev_flags+0x360/0x414 [ 33.886931][ T6706] get_tree_bdev+0x2c/0x3c [ 33.887703][ T6706] ext4_get_tree+0x28/0x38 [ 33.888537][ T6706] vfs_get_tree+0x90/0x28c [ 33.889331][ T6706] do_new_mount+0x284/0x944 [ 33.890204][ T6706] path_mount+0x5b4/0xdfc [ 33.890937][ T6706] __arm64_sys_mount+0x3e8/0x468 [ 33.891843][ T6706] invoke_syscall+0x98/0x254 [ 33.892584][ T6706] el0_svc_common+0xe8/0x23c [ 33.893348][ T6706] do_el0_svc+0x48/0x58 [ 33.894070][ T6706] el0_svc+0x5c/0x254 [ 33.894716][ T6706] el0t_64_sync_handler+0x84/0x12c [ 33.895542][ T6706] el0t_64_sync+0x198/0x19c [ 33.896306][ T6706] [ 33.896306][ T6706] other info that might help us debug this: [ 33.896306][ T6706] [ 33.897829][ T6706] Chain exists of: [ 33.897829][ T6706] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 33.897829][ T6706] [ 33.899724][ T6706] Possible unsafe locking scenario: [ 33.899724][ T6706] [ 33.900777][ T6706] CPU0 CPU1 [ 33.901539][ T6706] ---- ---- [ 33.902321][ T6706] lock(&ei->xattr_sem); [ 33.902971][ T6706] lock(jbd2_handle); [ 33.903972][ T6706] lock(&ei->xattr_sem); [ 33.904976][ T6706] rlock(&sbi->s_writepages_rwsem); [ 33.905792][ T6706] [ 33.905792][ T6706] *** DEADLOCK *** [ 33.905792][ T6706] [ 33.906947][ T6706] 3 locks held by syz.3.16/6706: [ 33.907700][ T6706] #0: ffff0000c260a0e0 (&type->s_umount_key#26/1){+.+.}-{4:4}, at: alloc_super+0x168/0x7d4 [ 33.909091][ T6706] #1: ffff0000c260a610 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2b0/0x1084 [ 33.910489][ T6706] #2: ffff0000f8368a58 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x358/0x6fc [ 33.912114][ T6706] [ 33.912114][ T6706] stack backtrace: [ 33.913033][ T6706] CPU: 1 UID: 0 PID: 6706 Comm: syz.3.16 Not tainted syzkaller #0 PREEMPT [ 33.914440][ T6706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 33.915952][ T6706] Call trace: [ 33.916431][ T6706] show_stack+0x2c/0x3c (C) [ 33.917073][ T6706] __dump_stack+0x30/0x40 [ 33.917727][ T6706] dump_stack_lvl+0xd8/0x12c [ 33.918467][ T6706] dump_stack+0x1c/0x28 [ 33.919066][ T6706] print_circular_bug+0x324/0x32c [ 33.919834][ T6706] check_noncircular+0x154/0x174 [ 33.920530][ T6706] __lock_acquire+0x1774/0x30a4 [ 33.921288][ T6706] lock_acquire+0x14c/0x2e0 [ 33.921998][ T6706] percpu_down_read_internal+0x5c/0x298 [ 33.922860][ T6706] ext4_writepages+0x150/0x2a0 [ 33.923578][ T6706] do_writepages+0x270/0x468 [ 33.924265][ T6706] __writeback_single_inode+0x15c/0x13e8 [ 33.925081][ T6706] writeback_single_inode+0x18c/0x54c [ 33.925813][ T6706] write_inode_now+0x13c/0x1a4 [ 33.926475][ T6706] iput+0x7d4/0xad4 [ 33.927086][ T6706] ext4_xattr_block_set+0x13dc/0x24bc [ 33.927932][ T6706] ext4_expand_extra_isize_ea+0xeb8/0x1830 [ 33.928862][ T6706] __ext4_expand_extra_isize+0x2a0/0x37c [ 33.929695][ T6706] __ext4_mark_inode_dirty+0x3c0/0x6fc [ 33.930504][ T6706] ext4_evict_inode+0x930/0x1084 [ 33.931201][ T6706] evict+0x414/0x928 [ 33.931825][ T6706] iput+0x95c/0xad4 [ 33.932378][ T6706] ext4_process_orphan+0x240/0x2b4 [ 33.933104][ T6706] ext4_orphan_cleanup+0x930/0x107c [ 33.933843][ T6706] ext4_fill_super+0x4854/0x4fcc [ 33.934533][ T6706] get_tree_bdev_flags+0x360/0x414 [ 33.935294][ T6706] get_tree_bdev+0x2c/0x3c [ 33.935924][ T6706] ext4_get_tree+0x28/0x38 [ 33.936600][ T6706] vfs_get_tree+0x90/0x28c [ 33.937249][ T6706] do_new_mount+0x284/0x944 [ 33.937901][ T6706] path_mount+0x5b4/0xdfc [ 33.938539][ T6706] __arm64_sys_mount+0x3e8/0x468 [ 33.939297][ T6706] invoke_syscall+0x98/0x254 [ 33.940014][ T6706] el0_svc_common+0xe8/0x23c [ 33.940650][ T6706] do_el0_svc+0x48/0x58 [ 33.941229][ T6706] el0_svc+0x5c/0x254 [ 33.941792][ T6706] el0t_64_sync_handler+0x84/0x12c [ 33.942476][ T6706] el0t_64_sync+0x198/0x19c [ 33.995015][ T6706] ------------[ cut here ]------------ [ 33.995049][ T6706] EA inode 11 i_nlink=2 [ 33.995161][ T6706] WARNING: CPU: 1 PID: 6706 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x408/0x44c [ 33.998309][ T6706] Modules linked in: [ 33.998876][ T6706] CPU: 1 UID: 0 PID: 6706 Comm: syz.3.16 Not tainted syzkaller #0 PREEMPT [ 34.000177][ T6706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 34.001568][ T6706] pstate: 63400005 (nZCv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) [ 34.002742][ T6706] pc : ext4_xattr_inode_update_ref+0x408/0x44c [ 34.003702][ T6706] lr : ext4_xattr_inode_update_ref+0x408/0x44c [ 34.004611][ T6706] sp : ffff8000a42c6ce0 [ 34.005219][ T6706] x29: ffff8000a42c6d90 x28: 0000000000000000 x27: 1fffe0001f06d559 [ 34.006607][ T6706] x26: dfff800000000000 x25: ffff8000a42c6d00 x24: ffff700014858da0 [ 34.007832][ T6706] x23: ffff800092c29000 x22: ffff0000f836a918 x21: 0000000000000002 [ 34.008972][ T6706] x20: 0000000000000001 x19: ffff0000f836a8d8 x18: 1fffe000337d9290 [ 34.010225][ T6706] x17: ffff80008f5ae000 x16: ffff800082defcc0 x15: 0000000000000001 [ 34.011434][ T6706] x14: 1ffff00014858d10 x13: 0000000000000000 x12: 0000000000000000 [ 34.012572][ T6706] x11: 0000000000080000 x10: 00000000000658d8 x9 : 4a76caaff1985b00 [ 34.013729][ T6706] x8 : 4a76caaff1985b00 x7 : 0000000000000000 x6 : ffff800080565b88 [ 34.014967][ T6706] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff8000807d6f80 [ 34.016153][ T6706] x2 : 0000000000000002 x1 : 0000000100000000 x0 : 0000000000000000 [ 34.017289][ T6706] Call trace: [ 34.017774][ T6706] ext4_xattr_inode_update_ref+0x408/0x44c (P) [ 34.018691][ T6706] ext4_xattr_set_entry+0x928/0x15c0 [ 34.019530][ T6706] ext4_xattr_ibody_set+0x204/0x5fc [ 34.020290][ T6706] ext4_expand_extra_isize_ea+0xf00/0x1830 [ 34.021180][ T6706] __ext4_expand_extra_isize+0x2a0/0x37c [ 34.022023][ T6706] __ext4_mark_inode_dirty+0x3c0/0x6fc [ 34.022813][ T6706] ext4_evict_inode+0x930/0x1084 [ 34.023550][ T6706] evict+0x414/0x928 [ 34.024188][ T6706] iput+0x95c/0xad4 [ 34.024763][ T6706] ext4_process_orphan+0x240/0x2b4 [ 34.025495][ T6706] ext4_orphan_cleanup+0x930/0x107c [ 34.026352][ T6706] ext4_fill_super+0x4854/0x4fcc [ 34.027063][ T6706] get_tree_bdev_flags+0x360/0x414 [ 34.027857][ T6706] get_tree_bdev+0x2c/0x3c [ 34.028493][ T6706] ext4_get_tree+0x28/0x38 [ 34.029153][ T6706] vfs_get_tree+0x90/0x28c [ 34.029820][ T6706] do_new_mount+0x284/0x944 [ 34.030473][ T6706] path_mount+0x5b4/0xdfc [ 34.031054][ T6706] __arm64_sys_mount+0x3e8/0x468 [ 34.031793][ T6706] invoke_syscall+0x98/0x254 [ 34.032401][ T6706] el0_svc_common+0xe8/0x23c [ 34.033058][ T6706] do_el0_svc+0x48/0x58 [ 34.033679][ T6706] el0_svc+0x5c/0x254 [ 34.034302][ T6706] el0t_64_sync_handler+0x84/0x12c [ 34.035058][ T6706] el0t_64_sync+0x198/0x19c [ 34.035735][ T6706] irq event stamp: 3215 [ 34.036278][ T6706] hardirqs last enabled at (3215): [] _raw_spin_unlock_irqrestore+0x38/0x98 [ 34.037855][ T6706] hardirqs last disabled at (3214): [] _raw_spin_lock_irqsave+0x2c/0x7c [ 34.039272][ T6706] softirqs last enabled at (2848): [] handle_softirqs+0xaf8/0xc88 [ 34.040802][ T6706] softirqs last disabled at (2799): [] __do_softirq+0x14/0x20 [ 34.042574][ T6706] ---[ end trace 0000000000000000 ]--- [ 34.050087][ T6706] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #18: comm syz.3.16: iget: bad extra_isize 90 (inode size 256) [ 34.058319][ T6706] EXT4-fs (loop3): Remounting filesystem read-only [ 34.058538][ T6706] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -30) [ 34.058583][ T6706] EXT4-fs (loop3): 1 orphan inode deleted [ 34.058791][ T6706] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 34.077400][ T6560] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 35.209532][ T53] Bluetooth: hci0: command tx timeout [ 35.210501][ T6557] Bluetooth: hci1: command tx timeout [ 35.210501][ T6563] Bluetooth: hci4: command tx timeout [ 35.210950][ T6562] Bluetooth: hci2: command tx timeout [ 35.289511][ T6557] Bluetooth: hci3: command tx timeout [ 37.289828][ T6557] Bluetooth: hci1: command tx timeout [ 37.289905][ T6563] Bluetooth: hci4: command tx timeout [ 37.290359][ T53] Bluetooth: hci0: command tx timeout [ 37.290773][ T6562] Bluetooth: hci2: command tx timeout [ 37.369721][ T6557] Bluetooth: hci3: command tx timeout [ 39.369506][ T6557] Bluetooth: hci1: command tx timeout [ 39.369538][ T6557] Bluetooth: hci2: command tx timeout [ 39.369564][ T6557] Bluetooth: hci0: command tx timeout [ 39.369581][ T6557] Bluetooth: hci4: command tx timeout [ 39.449478][ T6562] Bluetooth: hci3: command tx timeout