last executing test programs: 15.289269357s ago: executing program 3 (id=438): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4) sendto$inet6(r0, &(0x7f00000000c0)="1012", 0xfdb9, 0x24000000, 0x0, 0x0) mprotect(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x9) recvmsg(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000780)=""/243, 0x11000}], 0x1}, 0x142) 14.604616475s ago: executing program 3 (id=441): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r1) sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002cbd7000fedbdf25040000000800080064010100080002800300000008000600"], 0x40}, 0x1, 0x0, 0x0, 0x4c000}, 0x0) 13.253084188s ago: executing program 3 (id=444): r0 = socket$kcm(0x11, 0x3, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r3) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = socket$unix(0x1, 0x1, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x25dfdc01, {0x0, 0x0, 0x0, r8, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xfff3}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x53a8}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x440e0}, 0x4890) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x0, r9, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4", 0x20}], 0x1}, 0x0) 10.367933282s ago: executing program 3 (id=450): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="050000000400000001000000"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000002c0)={r1}, 0xc) 9.624938072s ago: executing program 3 (id=452): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x8000, 0x700, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x67, 0x0, 0x0, 0x29, 0x0, @multicast1, @empty}}}}) r0 = syz_io_uring_setup(0xd2, &(0x7f0000000080)={0x0, 0x6c76, 0x0, 0x1, 0x1b2}, &(0x7f0000000040)=0x0, &(0x7f0000000640)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffff8, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0xda1a0b6210925d17, 0x0, @fd=r0, 0x0, 0x0, 0x1, 0x3}) io_uring_enter(r0, 0x22d0, 0x20, 0x0, 0x0, 0x0) 9.012948283s ago: executing program 3 (id=457): socket$netlink(0x10, 0x3, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e22, 0x8, @mcast1, 0x79}}, 0x0, 0x0, 0x14, 0x0, "aa1cda12482ce936fe2707b31f549402157745ea281f88ea79321f8931e69fff9996d6cc77adb40b96e90df08b90b2a7f62e807928e17a869290e49ecf42b43e5dfc7650c208e65bbb7e7dd058ed1d57"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000400)={@in6={{0xa, 0x4e20, 0x8, @rand_addr=' \x01\x00'}}, 0x0, 0x0, 0x41, 0x0, "b208405cce4456e4fc8f2dabd194ff3763f799f91cf7e5e8260998f956ec57c24451db07550335ebf4a3d0168ccaa268e928f39cd7494c2b19ebef230a3373685fbacfcf3b6e9633bd997a9bfcf08f67"}, 0xd8) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x18, @empty, 0xffff}, 0x1c) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x5) pwrite64(r1, &(0x7f0000000140)='2', 0xff10, 0x8000c61) socket$nl_route(0x10, 0x3, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000200)={[{@nouid32}, {@nodioread_nolock}, {@noquota}, {@delalloc}, {@nogrpid}, {@nodioread_nolock}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x7}}]}, 0x1, 0x5a3, &(0x7f00000002c0)="$eJzs3T1sG3UbAPDnznHTj7xv+krvK72gDhUgFamqk/QDClO7IipV6oDEApHjRlWcuIodaKJIpHuF6IAAdSkbDIwgBgbEwsjKwseMVNEIpKYDGDk+p2nqFCfEMcS/n3TJ/3939vP8fX7OvtOdHEDfOtr4k0Y8EREXk4jhdcsGIlt4tLneyvJi8f7yYjGJev3Sz0kkEXFvebHYWj/J/h+KiKWI+H9EfJWPOJ6uPeW+VqM6vzA1Xi6XZrP+SG366kh1fuHElenxydJkaebU8y+cOXv6zNjJsfXp3q+v7+W3NtYb3998+8Y3L92++fEnR5aK744ncS6GsmXrx7GTmq9JPs5tmH+6G8F6KOl1AmxLLqvzRin9L4Yjl1V9O/X1O4fBXUkP6KL6YER9zbom0AcSRQ99qvU9oHH825p28/vHnfPNA5BG3JXlxeJb0Yo/0Dw3EftXj00O/pI8dGTSON48vJuJsictXY+I0YGBR9//Sfb+277RnUiQrvryfHNDPbr907X9T7TZ/wy1zp3+Ra3930q2/1tpEz+3yf7vYocxfnv1xw82jX99MJ5sGz9Zi5+0iZ9GxOsdxr/1yudnN1tW/zDiWLSP35I8/vzwyOUr5dJo82/bGF8cO/Li5uOPOLhJ/OY52/2riawf/74sp7TD8X/29adPLT0m/rNPP377t3v9D0TEOx3G/8+9j17ebNmd68ndxreArW7/JPJxu8P4z507+l3WdNYQAAAAAAAAAAB2ULp6LVuSFtbaaVooNO/h/W8cTMuVau345crczETzmrfDkU9bV1oNN/tJoz+WXY/b6p/c0D+VywLmDqz2C8VKeaLHYwcAAAAAAAAAAAAAAAAAAIC/i0Mb7v//Nbd6///Gn6sG9qrNf/Ib2OvUP/Svh+s/6VkewO7z+Q99q67+oX+pf+hf6h/6l/qH/tW2/g/sfh7A7vP5D/1L/QMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChMdXvLy8WG/2Jgfm5qcobJyZK1anC9FyxUKzMXi1MViqT5VKhWJn+s+dLKpWrozEzd22kVqrWRqrzC69NV+ZmWr8pWsp3fUQAAAAAAAAAAAAAAAAAAADwzzO0OiVpISLf7KdpoRDxr4g4nERy+Uq5NBoR/46Ib3P5wUZ/rNdJAwAAAAAAAAAAAAAAAAAAwB5TnV+YGi+XS7PdawxkoTp71A+1ruYzsJWVI2JpZ9NoPOOWH5XPXsDubqY+aeQ6fB/2faOHOyUAAAAAAAAAAAAAAAAAAOhTD2767fQRv3c3IQAAAAAAAAAAAAAAAAAAAOhL6U9JRDSmY8PPDG1cui9Zya3+j4g3b11679p4rTY71ph/d21+7f1s/sle5A90qlWnaUQ06hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4oDq/MDVeLpdmt9kY7GCdXo8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDv+CAAA//9bQM66") r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x14b442, 0x82) r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r3, 0x8004587d, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x4, 0x0, 0x85c, 0x5}) ioctl$EXT4_IOC_MOVE_EXT(r2, 0x40305829, &(0x7f0000000140)={0x17c04, r2, 0x6, 0x973f, 0x81, 0x1}) read$msr(r1, &(0x7f0000001200)=""/244, 0xfffffc9c) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0) syz_clone(0x80040000, 0x0, 0x0, 0x0, 0x0, 0x0) mlock(&(0x7f0000325000/0x3000)=nil, 0x3000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00') syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x2208000, &(0x7f0000000a00), 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR") preadv(r4, &(0x7f00000002c0)=[{&(0x7f00000001c0)=""/194, 0xc2}], 0x1, 0x5fae, 0x5) 8.907698632s ago: executing program 0 (id=458): getsockopt$PNPIPE_HANDLE(0xffffffffffffffff, 0x113, 0x3, &(0x7f00000001c0), &(0x7f0000000240)=0x4) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000100)={0x2ffc, 0x400000a, 0xfffffefc, 0x6}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) gettid() prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000), 0x0) 8.35826415s ago: executing program 2 (id=461): r0 = socket$unix(0x1, 0x1, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000800)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x5}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=@newtfilter={0x38, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0x0, 0x4}, {}, {0x8, 0xe}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000010}, 0x20004000) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r6) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)}], 0x1}, 0x4) 8.068520786s ago: executing program 0 (id=462): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SWAP(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000606010100000000000000000300000a0900025e0b797a3100000000050001"], 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x0) 6.709190564s ago: executing program 0 (id=463): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0) epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r0) 5.964055122s ago: executing program 0 (id=465): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, 0x0, 0x0, 0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000006b00)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000080)=0xc) sendmsg$unix(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="ef", 0x1}], 0x1, &(0x7f00000001c0)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {r2, 0x0, 0xee00}}}], 0x38}, 0xe4fa) 5.910951803s ago: executing program 2 (id=466): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x17}]}}}]}]}], {0x14}}, 0xc4}, 0x1, 0x0, 0x0, 0x50}, 0x4000040) 5.660763769s ago: executing program 1 (id=468): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$igmp6(0xa, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'wg1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000400)=@RTM_NEWMDB={0x38, 0x54, 0x81, 0x170bd25, 0x0, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r2, 0x0, 0x5, 0x4, {@in6_addr=@ipv4={'\x00', '\xff\xff', @remote}, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x4840) 5.238036915s ago: executing program 2 (id=469): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x400, &(0x7f0000000180), 0x2, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe") r0 = open(&(0x7f00000000c0)='./file1\x00', 0x66842, 0x21) pwritev2(r0, &(0x7f00000004c0)=[{&(0x7f0000000140)="a4", 0x1}], 0x1, 0xa001, 0x7f, 0x0) pwrite64(0xffffffffffffffff, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) 5.124064878s ago: executing program 0 (id=470): r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) sendmsg$inet(r0, &(0x7f0000000480)={&(0x7f0000000000)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, 0x0}, 0x0) sendmsg$rds(r0, &(0x7f0000000140)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, 0x0, 0x0) 5.088359461s ago: executing program 4 (id=471): prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}, 0x1, 0x0, 0x0, 0x240008c4}, 0x4044) 4.557511667s ago: executing program 0 (id=472): sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000200)={[{@nodioread_nolock}, {@noload}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4c}}, {@errors_remount}, {@delalloc}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x48c, &(0x7f00000002c0)="$eJzs3MtrXNUfAPDvvXm0/fWR/Gp9tFaNFiH4SJq0ahduFAUXFQVd1GVMpiV02kgTxZZiU5G6EaSga3Ep+Be4EEQQdSW41Y0rKRTtptVV5N65N52ZzrSNnWRi5vOByZwz99yc873Pc8+ZJICeNZL9SCK2RcQvETFUyzYWGKm9XbtydvqvK2enk1haeu2PJC939crZ6bJoud7WIjOaRqQfJEUlmxvqnT995vhUtVo5VeTHF068NT5/+syT75yYOlY5Vjk5eejQwQMTzzw9+VRH4sziurrnvbm9u1964+LL00cuvvnDl1l7txXL6+PolJEs8D+Xcs3LHu10ZV22vS6d9HexIaxIX0Rku2sgP/+Hoi+u77yhePH9rjYOWFXZvWlT+8WLS8AGlkS3WwB0R3mjz55/81fS+efg9ezyc7UHoCz2a8WrtqQ/0qLMQNPzbSeNRMSRxb8/y16xSuMQAAD1Ppr+9HA8Udf/W+5/pHFP/v5b/nNHMYcyHBH/j4idEXFXROyKiLsj8rL3RsR9K6x/pCl/Y/8nvfSvg7sNWf/v2WJuq7H/V/b+YrivyG3P4x9Ijs5WK/uLbTIaA5uy/MRN6vjmhZ8/bresvv+XvbL6y75g0Y5L/U0DdDNTC1N5p7QDLp+P2NPfKv5keSYgiYjdEbGnxfpft//VO8rE7GNf7G1X6Nbx30QH5pmWPs/CW8ziX4ym+EtJ/fzk7A3zk+Obo1rZP14eFTf68acLr7ar/47i74DLldp73f5vLjKc1M/Xzq+8jgu/ftj2meZ6/FvaH/9J4zozUwvpYPJ6Ps88WHz27tTCwqmJiMHkcJ5v+Hzy+rplviyfHf+j+1qf/zuLdbLq74+I7CB+ICIejIiHirY/HBGPRMS+m8T//fPtl5XxR9ql/X8+Yqbl9W95ozft/5Un+o5/91W7+m/v+ncwT40Wn+TXv1to1ZzsctHcwDvZdgAAAPBfkebfgU/SseV0mo6N1b7Dvyv+l1bn5hcePzr39smZ2nflh2MgLUe6horx0OpstTKRLBa/sTY+OlmMFZfjpQeKceNP+rbk+bHpuepMl2OHXre1zfmf+b2v260DVtmWlp9ODq55Q4AuaJ5HTxuz514JFwPYqPy9NvSuW5z/6Vq1A1h77v/Qu1qd/+ea8uYCYGNy/4fe5fyHHpV+2+0WAF3k/g896U7+rn8VE5vXRzMa/lPA4lptsfW6U/JERJlI10V7JFYp0e0rEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGf8EwAA///cRegb") syz_io_uring_setup(0x2790, 0x0, 0x0, &(0x7f0000000140)) 4.217761724s ago: executing program 1 (id=473): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001980)={0x4f, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b31373b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d356d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b00", 0x1000}}, 0x1006) 4.154652698s ago: executing program 4 (id=474): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0xfffffffffffffe26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020100020a0000000000000000000000030006002b20000002004e24ac1414aa0000000000000000030005000000000002000a01000000000000000000000000020013"], 0x50}, 0x1, 0x7}, 0x20000000) 3.951724124s ago: executing program 2 (id=475): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000380)='./file1\x00', 0x1000040, &(0x7f0000000300)={[{@nogrpid}, {@nodioread_nolock}, {@nodelalloc}, {@errors_remount}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@user_xattr}]}, 0x1, 0x5b7, &(0x7f0000001380)="$eJzs3U1oHNcdAPD/zGot2ZYrF1poiw+mLbhgvPqw3bo9yddSg8GHQi+tWK2F0UprtKvWEoLKdxPiQ0iCL84tOeSYkEMOIZccc80lH+eAiUUClg/Jhv2SZXnlrGTtbqz9/WC0783M7v//duY9zQwzbAAD63TtTxrx24i4mkSMbVs2FM2FpxvrbW6s5R9vrOWTqFavfZNEEhGPNtbyrfWT5uvxiFiPiN9ExMfZiLPp1kceaRXKK6vzM8ViYalZH68s3Bwvr6yeu7EwM1eYKyye/8tfL166cHFyanJ7uo+r22vZvbX1zhd3X7nz6d/v333n3VPr+ddmkpiO0eay7e04SI3vJBvTO+Zf6EawPkr6nQD7kmn281pX+nWMRabZ69upbh8chnuSHtBF1eGI6pZtRWAAJC/Q6VuDCPAyah0H1M5/W1Mvjz8eXG6cgNTibm6s5f8frfhDjWsTMVI/Nzn2bfLUmUntfPNkLxPlUFq/HRETQ0PP7v9Jc//bv4mDSJCu+uhyY0M9u/3TrfEn2ow/o61rpy+oNf5tNse/zTbxM7uMf1c7jPH9v756c9f4t4fjd23jJ1vxkzbx04j4T4fx7/3zg0u7Lau+FXEm2sdvSZ5/fXj8+o1iYaLxt22MD8+c+tvu7Y84tkv8xjXbkXoi29t/pJlT2mH73//kvd+vPyf+n/7w/O3f7vs/GhGvdhj/l4/e/sduyx7cTh7WjgL2uv2TyMb9DuP/efr0582iq4YAAAAAAAAAAHCA0vq9bEma2yqnaS7XeIb3V3EsLZbKlbPXS8uLs4173k5GNm3daTXWqCe1+mTzftxWfWpH/XymGTBztF7P5UvF2T63HQAAAAAAAAAAAAAAAAAAAH4uju94/v+7TP35/+mIqRP9zg3ogd1/8hs47PR/GFxP9/+kb3kAvef/Pwysqv4Pg0v/h8Gl/8Pg0v9hcLXt/0d7nwfQe8/0/5H+5AH0nuN/AAAAAAAAAAAAAAAAAAAAAAAAAADoiqtXrtSm6uONtXytPju0sjxf+u+52UJ5PrewnM/lS0s3c3Ol0lyxkMuXFn7q85JS6eZELC7fGq8UypXx8srqvxdKy4ut3xQtZLveIgAAAAAAAAAAAAAAAAAAAHj5jNanJM1FZBv1NM3lIk5ExMkkkus3ioWJiPhFRHyWyQ7X6pP9ThoAAAAAAAAAAAAAAAAAAAAOmfLK6vxMsVhY6l5hqBmqs3d9WelqPkN7WTki1g82jdon7vld2eYXWJ8z0vXtdbgLmQ73w4Ev9HFQAgAAAAAAAAAAAAAAAACAAfXkod9O3/FDdxMCAAAAAAAAAAAAAAAAAACAgZR+nUREbToz9sfRnUuPJJuZ+mtE/O/etddvzVQqS5O1+Q+35lfeaM6f6kf+QKda/TSNiFo/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4or6zOzxSLhaV9FoY7WKffbQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYjx8DAAD//95Mx5c=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0) pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0) 3.619199367s ago: executing program 4 (id=476): r0 = socket$unix(0x1, 0x1, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000800)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x5}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=@newtfilter={0x38, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0x0, 0x4}, {}, {0x8, 0xe}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000010}, 0x20004000) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r6) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)}], 0x1}, 0x4) 2.273662087s ago: executing program 2 (id=477): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr', 0x3) recvfrom(r0, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb) 2.179873225s ago: executing program 1 (id=478): r0 = socket$rxrpc(0x21, 0x2, 0xa) r1 = syz_io_uring_setup(0x14ab, 0x0, &(0x7f00000004c0)=0x0, &(0x7f0000000000)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x80, &(0x7f0000000440)=@rxrpc=@in6={0x21, 0x4, 0x2, 0x5, {0xa, 0x4e24, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8}}}) io_uring_enter(r1, 0x351a, 0x0, 0x0, 0x0, 0x0) 1.416688333s ago: executing program 1 (id=479): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x38, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0xc, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x17}]}}}]}]}], {0x14}}, 0xd0}, 0x1, 0x0, 0x0, 0x50}, 0x4000040) 1.41587263s ago: executing program 4 (id=480): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, 0x0, 0x0, 0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000006b00)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000080)=0xc) sendmsg$unix(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="ef", 0x1}], 0x1, &(0x7f00000001c0)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {r2, 0x0, 0xee00}}}], 0x38}, 0xe4fa) 737.362534ms ago: executing program 4 (id=481): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x8000, 0x700, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x67, 0x0, 0x0, 0x29, 0x0, @multicast1, @empty}}}}) r0 = syz_io_uring_setup(0xd2, &(0x7f0000000080)={0x0, 0x6c76, 0x0, 0x1, 0x1b2}, &(0x7f0000000040)=0x0, &(0x7f0000000640)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffff8, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x0, 0x0}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0xda1a0b6210925d17, 0x0, @fd=r0, 0x0, 0x0, 0x1, 0x3}) io_uring_enter(r0, 0x22d0, 0x20, 0x0, 0x0, 0x0) 729.905238ms ago: executing program 1 (id=482): socket$inet6(0xa, 0x2, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) socket$inet_icmp(0x2, 0x2, 0x1) r0 = socket$inet_tcp(0x2, 0x1, 0x0) dup(r0) open(&(0x7f0000000280)='.\x00', 0x80, 0x122) socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) socket$inet6_sctp(0xa, 0x5, 0x84) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='status\x00') r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r2, &(0x7f0000000080)=ANY=[@ANYRES32=r1], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r2, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) bpf$LINK_DETACH(0x22, &(0x7f00000001c0)=r1, 0x4) ioctl$TIOCL_GETKMSGREDIRECT(r3, 0x541c, &(0x7f0000000000)) 317.510771ms ago: executing program 2 (id=483): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca, 0x0, 0xffffffffffffffff, 0x2e}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x1b, 0x0, &(0x7f0000000440)="b90103606908068c3c270040e72f839e0ff008001ffff2e1ffff81", 0x0, 0x8104, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 16.277733ms ago: executing program 4 (id=484): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10, &(0x7f00000002c0)={[{@resgid}, {@prjquota}, {@auto_da_alloc}, {@nobarrier}, {@noblock_validity}]}, 0xfe, 0x4bb, &(0x7f0000001180)="$eJzs3M1vVFUbAPDnTj/4pry8vLzvy4dU0dj40dKCysLEaHSniYkucGNS20KQgRpaEiFEqjG4NCTujStj9C9wpRuirkzc6t6QECUY0IWMuXPvHaal09JhPoD+fsnAOb1n5pxnzv0495yZCWDVGkz/SSI2RsTPETGQZecXGMz+u37l7MSfV85OJFGpvPZbUi137crZiaJo8bwNeWaoFFH6MMkrmW/m9Jlj4+Xy1Mk8PzJ7/J2RmdNnnjx6fPzI1JGpE2MHDx7YP/rM02NPtSTONK5rO96b3pX0vnHhlYlDF976/qveiNi+O9teH8cdKW2oJQfTwH+vVC0s9khLKrt7bKpLJ71dbAgr0hMRaXf1VY//geiJm503EC990Oh5fZ1qINA26bVpTePNczcqwP0riW63AOiO4kKf3v8Wjw4NPe4Kl5/PboDSuK/nj2xLb5TyMu281/lfRBya++vT9BF5P/y9sY0VAgCr3jfp+OeJxcZ/pdheV25zvoayJSL+FRFbI+LfEbEtIv4TUS3733w8sxLZ0lBPLX/r+LN0qengbkM6/ns2X9uaP/7LRn+VSuVGT57bVI2/Lzl8tDy1L39PhqJvTZofXaKOb1/86eNG2wbrxn/pI62/GAvm7bjUu2CCbnJ8drxVg9LL70fs6F0s/qS2EpBExP8jYsfKXnpzkTj62Be7GhVaPv4ltGCdqfJZxKNZ/8/FgvgLydLrkyNrozy1b6TYK271w4/nX21U/x3F3wJp/6+fv/8vKDFwNalfr51ZeR3nf/mo4T1ls/t/f/J6dc26P//bu+OzsydHI/qTl6v5/nN1fx+7+dwiX5RP4x/aW4t/Tf3xvzVLXEzj3xkR6U68OyIeiIg9edsfjIiHImJvowDXRXz3wsNvNxP/Hx24D0zjn1z0/Ffb/7fM7/+VJ3qOXfy6mfgzaf8fqKaG8vNw9fy3jMbNifJUelpvem8GAACAe096P70xktJwLV0qDQ9nn+HfFutL5emZ2ccPT586MZl9R2BL9JWKma6BfD40vdseTebyV8zmR8fyueJivnR/Pm/8Sc+6an54Yro82eXYYbXb0OD4T/3a0+3WAW3n+1qwei08/ktdagfQea7/sHo1c/w/14Z2AJ3n+g+rV93x/+Wp8zuriezz03tqGxZdC1jil0OAe0P99f9MF9sBdN7y4//77ecqgUJx/C+/7ne17W0BOqvZ+b/TLW4H0FF38r3+5hP90f66+lv3grG2k2/U533d6ZQVJqK0VJk3o+MNi7vibbmNRP7Tm+duq3Cy5I9ZtDHR7TMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAa/wTAAD//9QP9q0=") r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000000c0)={0xd270, 0x0, 0x1, 0xd05, 0xd4}) 0s ago: executing program 1 (id=485): syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000300)='./file0\x00', 0x2000000, &(0x7f0000000600)={[{@fat=@errors_continue}, {}, {@fat=@check_strict}, {@fat=@flush}]}, 0x1, 0x2a2, &(0x7f0000000340)="$eJzs3T9rFE0ABvDJvQkJeUlIJWrjoJXNkaS2SJAEggeK5gQVhA3Z6HHnXbi9Yi9YxNpGsPQbiKWdIJY2Kf0GdkEIV6UyEjf/wcaEi5Dfr7mHeW6HmV2YLXfz1psX9ZWsvJJ0QmlmIJRmQihtD4SJUAr71sPNt6/evX7w6PGd2Upl7n6M87OLU9MxxvFrn5+8/HD9S+f/hx/HPw2HjYmnm1vT3zcubVzZ/Ln4vJbFWhabrU5M4lKr1UmWGmlcrmX1coz3GmmSpbHWzNL2sX6l0Vpd7cakuTw2utpOsywmzW6sp93YacVOuxuTZ0mtGcvlchwbDZxG9f32zk7Y2imc92roP8//YjtyqI+E0FvPq3m1+C36+YXK3GT8bagYGQkh9PL829eDfqro4+GsvTyvDoXRvX76ZL//arlR9Lvd7buVE9cPh+U+7B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICLqRwPTByO9vK8+l/Rl//UF2l+oTI3ufeH4/1guDrYt20AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKlk3bV60mikbeHvw+6N/AeWIQhnF877ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID+O/4RewAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6qrLtWTxqNtH1W4cflYuIj1XnvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABO61cAAAD//3Raaek=") mkdir(&(0x7f0000000000)='./control\x00', 0x81) rmdir(0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.10' (ED25519) to the list of known hosts. [ 159.167608][ T5761] cgroup: Unknown subsys name 'net' [ 159.307148][ T5761] cgroup: Unknown subsys name 'cpuset' [ 159.320735][ T5761] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 163.042313][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 163.049063][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 164.666208][ T5761] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 170.130239][ T5784] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 170.139416][ T5784] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 170.149434][ T5784] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 170.162107][ T5784] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 170.172848][ T5784] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 170.212235][ T50] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 170.249519][ T5788] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 170.269678][ T5788] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 170.291669][ T5788] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 170.305223][ T5788] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 170.340026][ T5793] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 170.349187][ T5793] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 170.362181][ T5793] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 170.375400][ T5793] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 170.387262][ T5793] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 170.434806][ T5793] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 170.444135][ T5793] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 170.460216][ T5793] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 170.478917][ T5793] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 170.498111][ T5793] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 170.513131][ T50] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 170.522340][ T5788] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 170.533716][ T5788] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 170.552252][ T5788] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 170.563070][ T5788] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 171.657387][ T5782] chnl_net:caif_netlink_parms(): no params data found [ 171.851514][ T5789] chnl_net:caif_netlink_parms(): no params data found [ 172.024003][ T5786] chnl_net:caif_netlink_parms(): no params data found [ 172.059048][ T5791] chnl_net:caif_netlink_parms(): no params data found [ 172.229684][ T5788] Bluetooth: hci0: command tx timeout [ 172.281312][ T5795] chnl_net:caif_netlink_parms(): no params data found [ 172.389662][ T5788] Bluetooth: hci1: command tx timeout [ 172.468690][ T5788] Bluetooth: hci2: command tx timeout [ 172.549540][ T5788] Bluetooth: hci3: command tx timeout [ 172.632969][ T5788] Bluetooth: hci4: command tx timeout [ 172.829544][ T5782] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.837064][ T5782] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.851517][ T5782] bridge_slave_0: entered allmulticast mode [ 172.862280][ T5782] bridge_slave_0: entered promiscuous mode [ 172.951932][ T5782] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.959483][ T5782] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.972479][ T5782] bridge_slave_1: entered allmulticast mode [ 172.994040][ T5782] bridge_slave_1: entered promiscuous mode [ 173.010395][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.017840][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.026867][ T5789] bridge_slave_0: entered allmulticast mode [ 173.037749][ T5789] bridge_slave_0: entered promiscuous mode [ 173.126761][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.134322][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.142811][ T5789] bridge_slave_1: entered allmulticast mode [ 173.150915][ T5789] bridge_slave_1: entered promiscuous mode [ 173.183648][ T5791] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.191216][ T5791] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.199312][ T5791] bridge_slave_0: entered allmulticast mode [ 173.207360][ T5791] bridge_slave_0: entered promiscuous mode [ 173.306246][ T5791] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.313762][ T5791] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.322474][ T5791] bridge_slave_1: entered allmulticast mode [ 173.330858][ T5791] bridge_slave_1: entered promiscuous mode [ 173.341285][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.348924][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.356566][ T5786] bridge_slave_0: entered allmulticast mode [ 173.365363][ T5786] bridge_slave_0: entered promiscuous mode [ 173.383667][ T5782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 173.422828][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 173.455134][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.462994][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.471577][ T5786] bridge_slave_1: entered allmulticast mode [ 173.480293][ T5786] bridge_slave_1: entered promiscuous mode [ 173.497059][ T5782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 173.527639][ T5795] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.535254][ T5795] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.543217][ T5795] bridge_slave_0: entered allmulticast mode [ 173.551438][ T5795] bridge_slave_0: entered promiscuous mode [ 173.569858][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 173.646159][ T5795] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.653805][ T5795] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.662030][ T5795] bridge_slave_1: entered allmulticast mode [ 173.670673][ T5795] bridge_slave_1: entered promiscuous mode [ 173.713811][ T5791] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 173.753950][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 173.844463][ T5789] team0: Port device team_slave_0 added [ 173.871543][ T5791] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 173.897279][ T5789] team0: Port device team_slave_1 added [ 173.914497][ T5782] team0: Port device team_slave_0 added [ 173.955895][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 174.041554][ T5782] team0: Port device team_slave_1 added [ 174.069996][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 174.077088][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 174.103356][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 174.123367][ T5795] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 174.198693][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 174.205783][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 174.232055][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 174.250293][ T5795] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 174.265545][ T5791] team0: Port device team_slave_0 added [ 174.278804][ T5791] team0: Port device team_slave_1 added [ 174.309554][ T5788] Bluetooth: hci0: command tx timeout [ 174.320492][ T5786] team0: Port device team_slave_0 added [ 174.387599][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 174.394851][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 174.421215][ T5782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 174.440454][ T5786] team0: Port device team_slave_1 added [ 174.468689][ T5788] Bluetooth: hci1: command tx timeout [ 174.498640][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 174.505718][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 174.532517][ T5782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 174.548879][ T5078] Bluetooth: hci2: command tx timeout [ 174.610126][ T5795] team0: Port device team_slave_0 added [ 174.618278][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 174.625491][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 174.651926][ T5791] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 174.659233][ T5788] Bluetooth: hci3: command tx timeout [ 174.667910][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 174.667974][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 174.701239][ T5791] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 174.712253][ T5788] Bluetooth: hci4: command tx timeout [ 174.752761][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 174.760128][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 174.786330][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 174.806876][ T5795] team0: Port device team_slave_1 added [ 174.875087][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 174.882410][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 174.908712][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 175.003264][ T5789] hsr_slave_0: entered promiscuous mode [ 175.012072][ T5789] hsr_slave_1: entered promiscuous mode [ 175.061952][ T5795] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 175.069303][ T5795] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 175.095897][ T5795] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 175.165239][ T5795] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 175.172559][ T5795] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 175.198867][ T5795] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 175.223329][ T5782] hsr_slave_0: entered promiscuous mode [ 175.231736][ T5782] hsr_slave_1: entered promiscuous mode [ 175.239584][ T5782] debugfs: 'hsr0' already exists in 'hsr' [ 175.245458][ T5782] Cannot create hsr debugfs directory [ 175.292790][ T5791] hsr_slave_0: entered promiscuous mode [ 175.301279][ T5791] hsr_slave_1: entered promiscuous mode [ 175.309034][ T5791] debugfs: 'hsr0' already exists in 'hsr' [ 175.314975][ T5791] Cannot create hsr debugfs directory [ 175.516827][ T5786] hsr_slave_0: entered promiscuous mode [ 175.525231][ T5786] hsr_slave_1: entered promiscuous mode [ 175.533137][ T5786] debugfs: 'hsr0' already exists in 'hsr' [ 175.539093][ T5786] Cannot create hsr debugfs directory [ 175.754324][ T5795] hsr_slave_0: entered promiscuous mode [ 175.762692][ T5795] hsr_slave_1: entered promiscuous mode [ 175.770737][ T5795] debugfs: 'hsr0' already exists in 'hsr' [ 175.776549][ T5795] Cannot create hsr debugfs directory [ 176.389057][ T5788] Bluetooth: hci0: command tx timeout [ 176.548976][ T5788] Bluetooth: hci1: command tx timeout [ 176.628765][ T5788] Bluetooth: hci2: command tx timeout [ 176.703917][ T5789] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 176.711064][ T5788] Bluetooth: hci3: command tx timeout [ 176.736443][ T5789] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 176.754949][ T5789] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 176.786713][ T5789] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 176.794023][ T5788] Bluetooth: hci4: command tx timeout [ 176.902959][ T5791] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 176.957725][ T5791] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 176.980869][ T5791] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 177.000818][ T5791] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 177.173131][ T5782] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 177.233593][ T5782] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 177.289607][ T5782] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 177.340995][ T5782] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 177.491398][ T5795] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 177.526005][ T5795] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 177.575953][ T5795] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 177.598220][ T5795] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 177.825607][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 177.896462][ T5786] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 177.916035][ T5786] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 177.962309][ T5786] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 177.981467][ T5786] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 178.136602][ T5789] 8021q: adding VLAN 0 to HW filter on device team0 [ 178.236272][ T750] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.243777][ T750] bridge0: port 1(bridge_slave_0) entered forwarding state [ 178.271411][ T5791] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.321731][ T2952] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.329293][ T2952] bridge0: port 2(bridge_slave_1) entered forwarding state [ 178.471036][ T5788] Bluetooth: hci0: command tx timeout [ 178.594137][ T5791] 8021q: adding VLAN 0 to HW filter on device team0 [ 178.628670][ T5788] Bluetooth: hci1: command tx timeout [ 178.709596][ T5788] Bluetooth: hci2: command tx timeout [ 178.725223][ T5795] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.778127][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.785628][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 178.794191][ T5788] Bluetooth: hci3: command tx timeout [ 178.845751][ T5782] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.868786][ T5788] Bluetooth: hci4: command tx timeout [ 178.894425][ T750] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.901812][ T750] bridge0: port 2(bridge_slave_1) entered forwarding state [ 178.991085][ T5782] 8021q: adding VLAN 0 to HW filter on device team0 [ 179.048280][ T750] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.055683][ T750] bridge0: port 1(bridge_slave_0) entered forwarding state [ 179.100220][ T5795] 8021q: adding VLAN 0 to HW filter on device team0 [ 179.243621][ T750] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.251167][ T750] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.295916][ T750] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.303477][ T750] bridge0: port 1(bridge_slave_0) entered forwarding state [ 179.379129][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 179.407848][ T750] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.415437][ T750] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.597195][ T5786] 8021q: adding VLAN 0 to HW filter on device team0 [ 179.649696][ T750] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.657053][ T750] bridge0: port 1(bridge_slave_0) entered forwarding state [ 179.829441][ T1127] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.837025][ T1127] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.939312][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 180.554852][ T5791] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 180.881940][ T5789] veth0_vlan: entered promiscuous mode [ 181.222831][ T5789] veth1_vlan: entered promiscuous mode [ 181.403039][ T5791] veth0_vlan: entered promiscuous mode [ 181.430376][ T5782] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.527024][ T5791] veth1_vlan: entered promiscuous mode [ 181.559260][ T5795] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.713668][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.764947][ T5789] veth0_macvtap: entered promiscuous mode [ 181.887518][ T5789] veth1_macvtap: entered promiscuous mode [ 181.991024][ T5782] veth0_vlan: entered promiscuous mode [ 182.026923][ T5791] veth0_macvtap: entered promiscuous mode [ 182.090978][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 182.131822][ T5782] veth1_vlan: entered promiscuous mode [ 182.154625][ T5791] veth1_macvtap: entered promiscuous mode [ 182.184340][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 182.272715][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.356181][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.365654][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.409519][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.470499][ T5786] veth0_vlan: entered promiscuous mode [ 182.575954][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 182.629578][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 182.646083][ T5786] veth1_vlan: entered promiscuous mode [ 182.676496][ T5782] veth0_macvtap: entered promiscuous mode [ 182.790547][ T5782] veth1_macvtap: entered promiscuous mode [ 182.810338][ T59] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.844033][ T59] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.862912][ T59] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.884209][ T59] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.007727][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 183.093108][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 183.213689][ T750] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.248465][ T5795] veth0_vlan: entered promiscuous mode [ 183.302013][ T750] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.323693][ T5795] veth1_vlan: entered promiscuous mode [ 183.368700][ T750] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.377877][ T750] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.413899][ T5786] veth0_macvtap: entered promiscuous mode [ 183.499099][ T5786] veth1_macvtap: entered promiscuous mode [ 183.691641][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 183.785352][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 183.879410][ T59] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.981230][ T59] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.023961][ T59] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.043111][ T5795] veth0_macvtap: entered promiscuous mode [ 184.079376][ T1127] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.116518][ T5795] veth1_macvtap: entered promiscuous mode [ 184.356995][ T5795] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 184.444720][ T5795] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 184.524165][ T2952] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.569454][ T2952] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.620518][ T2952] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.685795][ T2952] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.572790][ T5894] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.581144][ T5894] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.824657][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.834569][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.284977][ T5789] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 188.487784][ T3458] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.496014][ T3458] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.770027][ T3458] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.778686][ T3458] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.041859][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.050965][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.263142][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.273986][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.719128][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.727149][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.864132][ T5969] loop3: detected capacity change from 0 to 2048 [ 189.989640][ T5969] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 190.039738][ T5969] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 190.127756][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 190.136512][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 190.621966][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 190.632828][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 190.690015][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.985802][ T3458] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 190.994656][ T3458] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 191.466425][ T5990] loop1: detected capacity change from 0 to 1024 [ 191.501807][ T5990] EXT4-fs: Ignoring removed nobh option [ 191.508255][ T5990] EXT4-fs: Ignoring removed nomblk_io_submit option [ 191.707420][ T5990] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 191.883208][ T5982] loop0: detected capacity change from 0 to 8192 [ 192.047112][ T5997] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11'. [ 192.073610][ T5982] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 192.211311][ T30] audit: type=1800 audit(1770588569.961:2): pid=5990 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.10" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 192.233175][ T30] audit: type=1800 audit(1770588569.971:3): pid=5982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.7" name="file2" dev="loop0" ino=1048605 res=0 errno=0 [ 192.305333][ T5982] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 192.319282][ T5982] FAT-fs (loop0): Filesystem has been set read-only [ 192.369585][ T5982] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 192.391980][ T5982] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 192.436192][ T5982] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 192.523688][ T5982] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 192.577631][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.602923][ T5982] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 192.668576][ T5982] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 192.677619][ T5982] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 192.707007][ T5982] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 192.794742][ T6005] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12'. [ 194.136558][ T6022] netlink: 52 bytes leftover after parsing attributes in process `syz.0.21'. [ 194.297645][ T6024] batadv_slave_1: entered promiscuous mode [ 194.357176][ T6023] batadv_slave_1: left promiscuous mode [ 195.063603][ T6034] syzkaller0: entered promiscuous mode [ 195.070006][ T6034] syzkaller0: entered allmulticast mode [ 195.085717][ T6035] loop4: detected capacity change from 0 to 512 [ 195.161046][ T6034] netlink: 24 bytes leftover after parsing attributes in process `syz.3.26'. [ 195.170239][ T6034] netlink: 24 bytes leftover after parsing attributes in process `syz.3.26'. [ 195.246683][ T6035] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 195.287140][ T6034] 0: reclassify loop, rule prio 0, protocol 800 [ 195.303428][ T6035] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 195.433505][ T6035] EXT4-fs error (device loop4): ext4_empty_dir:3075: inode #12: comm syz.4.27: invalid size [ 195.480900][ T6035] EXT4-fs (loop4): Remounting filesystem read-only [ 196.867883][ T6062] loop2: detected capacity change from 0 to 512 [ 197.373536][ T6062] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #11: comm syz.2.35: ea_inode with extended attributes [ 197.484908][ T6062] EXT4-fs (loop2): Remounting filesystem read-only [ 197.571072][ T6062] EXT4-fs warning (device loop2): ext4_evict_inode:273: xattr delete (err -30) [ 197.581354][ T6062] EXT4-fs (loop2): 1 orphan inode deleted [ 197.601694][ T6062] EXT4-fs (loop2): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 198.064828][ T5786] EXT4-fs (loop2): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 198.573271][ T5795] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.599833][ T13] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 198.610765][ T13] Quota error (device loop4): write_blk: dquota write failed [ 198.618300][ T13] Quota error (device loop4): free_dqentry: Can't write quota data block 5 [ 198.704461][ T13] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 198.717174][ T13] Quota error (device loop4): write_blk: dquota write failed [ 198.725582][ T13] Quota error (device loop4): free_dqentry: Can't write quota data block 5 [ 198.765660][ T6073] loop2: detected capacity change from 0 to 512 [ 198.821706][ T6073] ======================================================= [ 198.821706][ T6073] WARNING: The mand mount option has been deprecated and [ 198.821706][ T6073] and is ignored by this kernel. Remove the mand [ 198.821706][ T6073] option from the mount to silence this warning. [ 198.821706][ T6073] ======================================================= [ 199.001196][ T6073] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.39: inode has both inline data and extents flags [ 199.066642][ T6073] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.39: couldn't read orphan inode 15 (err -117) [ 199.180504][ T6073] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 199.285903][ T6083] capability: warning: `syz.3.44' uses 32-bit capabilities (legacy support in use) [ 199.593984][ T6041] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 199.762224][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.344119][ T6092] loop2: detected capacity change from 0 to 512 [ 200.419457][ T6092] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 200.526537][ T6092] EXT4-fs (loop2): orphan cleanup on readonly fs [ 200.560835][ T6092] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4215: comm syz.2.47: Allocating blocks 41-42 which overlap fs metadata [ 200.720319][ T6092] Quota error (device loop2): write_blk: dquota write failed [ 200.728129][ T6092] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5 [ 200.834040][ T6092] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 200.883686][ T6092] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.47: Failed to acquire dquot type 1 [ 200.952288][ T6092] EXT4-fs error (device loop2): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 201.061037][ T6092] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.47: corrupted inode contents [ 201.104071][ T6092] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #12: comm syz.2.47: mark_inode_dirty error [ 201.133264][ T6092] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.47: corrupted inode contents [ 201.187041][ T6092] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.47: mark_inode_dirty error [ 201.201737][ T6092] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.47: corrupted inode contents [ 201.222134][ T6092] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem [ 201.305999][ T6092] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.47: corrupted inode contents [ 201.381517][ T6092] EXT4-fs error (device loop2): ext4_truncate:4635: inode #12: comm syz.2.47: mark_inode_dirty error [ 201.424028][ T6092] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem [ 201.487233][ T6092] EXT4-fs (loop2): 1 truncate cleaned up [ 201.502465][ T6092] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 201.532846][ T6092] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 203.308069][ T6123] loop3: detected capacity change from 0 to 1764 [ 204.280273][ T6127] loop4: detected capacity change from 0 to 512 [ 204.443642][ T6127] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 204.551162][ T6127] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 205.170667][ T5795] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.339966][ T6142] Zero length message leads to an empty skb [ 206.432339][ T30] audit: type=1326 audit(1770588584.191:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.2.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa43079aeb9 code=0x7ffc0000 [ 206.539223][ T30] audit: type=1326 audit(1770588584.231:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.2.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa43079aeb9 code=0x7ffc0000 [ 206.564674][ T30] audit: type=1326 audit(1770588584.231:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.2.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa43079aeb9 code=0x7ffc0000 [ 206.590654][ T30] audit: type=1326 audit(1770588584.271:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.2.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=59 compat=0 ip=0x7fa43079aeb9 code=0x7ffc0000 [ 206.614140][ T30] audit: type=1326 audit(1770588584.271:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.2.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa43079aeb9 code=0x7ffc0000 [ 206.637615][ T30] audit: type=1326 audit(1770588584.271:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.2.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa43079aeb9 code=0x7ffc0000 [ 206.660393][ T30] audit: type=1326 audit(1770588584.291:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.2.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fa43079aeb9 code=0x7ffc0000 [ 206.686213][ T30] audit: type=1326 audit(1770588584.291:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.2.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fa43079aeb9 code=0x7ffc0000 [ 206.726511][ T6160] loop3: detected capacity change from 0 to 512 [ 206.730238][ T6154] loop4: detected capacity change from 0 to 1024 [ 206.785126][ T6154] EXT4-fs: Ignoring removed orlov option [ 206.791236][ T6154] EXT4-fs: Ignoring removed nomblk_io_submit option [ 206.820081][ T6154] ext4: Unknown parameter 'subj_role' [ 206.873190][ T6160] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 207.167127][ T6160] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 207.181697][ T6166] loop1: detected capacity change from 0 to 1024 [ 207.255599][ T6160] ext4 filesystem being mounted at /14/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 207.355797][ T6166] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none. [ 207.753692][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 207.780100][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.089575][ T6188] netlink: 4 bytes leftover after parsing attributes in process `syz.4.84'. [ 210.017640][ T6201] loop4: detected capacity change from 0 to 512 [ 210.208936][ T6200] syz.3.88 (6200) used greatest stack depth: 2376 bytes left [ 210.319252][ T6201] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.90: error while reading EA inode 32 err=-116 [ 210.431456][ T6201] EXT4-fs (loop4): Remounting filesystem read-only [ 210.438321][ T6201] EXT4-fs (loop4): 1 orphan inode deleted [ 210.517560][ T6201] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 211.074926][ T6215] loop1: detected capacity change from 0 to 1024 [ 211.224953][ T5795] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.298052][ T6215] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 211.337485][ T6221] capability: warning: `syz.2.96' uses deprecated v2 capabilities in a way that may be insecure [ 211.343154][ T6215] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #11: comm syz.1.94: missing EA_INODE flag [ 211.447777][ T6215] EXT4-fs (loop1): Remounting filesystem read-only [ 211.487367][ T6215] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 212.083815][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 213.507312][ T6247] loop2: detected capacity change from 0 to 512 [ 213.584354][ T6247] EXT4-fs: Ignoring removed orlov option [ 213.661845][ T6247] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 213.853006][ T6247] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 213.919202][ T6247] EXT4-fs error (device loop2): ext4_iget_extra_inode:5073: inode #15: comm syz.2.106: corrupted in-inode xattr: e_value size too large [ 213.972322][ T6247] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.106: couldn't read orphan inode 15 (err -117) [ 214.025339][ T6247] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 214.283131][ T6257] loop0: detected capacity change from 0 to 512 [ 214.389534][ T6257] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 214.439454][ T6257] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 214.654497][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 214.711603][ T6257] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.110: path /23/file1: bad entry in directory: directory entry overrun - offset=12, inode=514, rec_len=2048, size=2048 fake=0 [ 214.756363][ T6257] EXT4-fs (loop0): Remounting filesystem read-only [ 215.240364][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 216.531195][ T6285] loop0: detected capacity change from 0 to 2048 [ 216.861270][ T6285] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 217.502894][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.156143][ T6310] loop0: detected capacity change from 0 to 512 [ 218.254126][ T6310] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 218.268185][ T6310] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 218.277697][ T6310] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 218.331795][ T6290] loop4: detected capacity change from 0 to 8192 [ 218.369503][ T6310] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 218.389643][ T6310] System zones: 0-2, 18-18, 34-35 [ 218.540302][ T6310] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 218.697661][ T6310] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 218.780028][ T6310] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 218.811157][ T6310] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 218.852286][ T6286] FAT-fs (loop4): error, invalid access to FAT (entry 0x00002c0f) [ 218.861169][ T6286] FAT-fs (loop4): Filesystem has been set read-only [ 218.868579][ T6310] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.129: bg 0: block 353: padding at end of block bitmap is not set [ 218.870475][ T30] audit: type=1800 audit(1770588596.611:12): pid=6310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.129" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 219.246829][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.020854][ T6331] loop3: detected capacity change from 0 to 2048 [ 220.255392][ T6331] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 220.885457][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.352964][ T6352] loop0: detected capacity change from 0 to 512 [ 221.390280][ T6352] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 221.400080][ T6352] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 221.458963][ T6352] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 221.478924][ T6352] System zones: 0-2, 18-18, 34-35 [ 221.486738][ T6352] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 221.569616][ T6352] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 221.618573][ T6352] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 221.675926][ T6352] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 222.029530][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.981470][ T6377] loop2: detected capacity change from 0 to 2048 [ 222.987492][ T6381] netlink: 12 bytes leftover after parsing attributes in process `syz.0.158'. [ 223.042377][ T6381] netlink: 12 bytes leftover after parsing attributes in process `syz.0.158'. [ 223.102374][ T6377] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 223.154442][ T6360] loop1: detected capacity change from 0 to 8192 [ 223.176760][ T30] audit: type=1326 audit(1770588600.941:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6384 comm="syz.4.160" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8d4039aeb9 code=0x0 [ 223.912915][ T6393] loop0: detected capacity change from 0 to 512 [ 224.121786][ T6393] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 224.131372][ T6393] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 224.238602][ T6393] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 224.247186][ T6393] System zones: 0-2, 18-18, 34-35 [ 224.272684][ T6360] FAT-fs (loop1): error, invalid access to FAT (entry 0x00002c0f) [ 224.281211][ T6360] FAT-fs (loop1): Filesystem has been set read-only [ 224.347829][ T6393] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 224.376930][ T6393] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 224.424394][ T6393] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 224.441589][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.486457][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 224.496855][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 224.530714][ T6393] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 224.830771][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.308801][ T6402] syz.0.165 uses obsolete (PF_INET,SOCK_PACKET) [ 226.462569][ T6417] loop3: detected capacity change from 0 to 512 [ 226.654976][ T6417] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #11: comm syz.3.172: ea_inode with extended attributes [ 226.720150][ T6417] EXT4-fs (loop3): Remounting filesystem read-only [ 226.749543][ T6417] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -30) [ 226.809534][ T6417] EXT4-fs (loop3): 1 orphan inode deleted [ 226.817283][ T6417] EXT4-fs (loop3): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 227.052350][ T6424] loop0: detected capacity change from 0 to 512 [ 227.164856][ T6424] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 227.167679][ T5791] EXT4-fs (loop3): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 227.174287][ T6424] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 227.185750][ T6422] loop1: detected capacity change from 0 to 2048 [ 227.308831][ T6424] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 227.401043][ T6424] System zones: 0-2, 18-18, 34-35 [ 227.442491][ T6424] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 227.504627][ T6422] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 227.540365][ T6424] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 227.578011][ T6424] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 227.628767][ T6424] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 228.045796][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.150338][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.729523][ T6460] loop0: detected capacity change from 0 to 512 [ 229.972506][ T6460] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #11: comm syz.0.188: ea_inode with extended attributes [ 229.998753][ T6460] EXT4-fs (loop0): Remounting filesystem read-only [ 230.005849][ T6460] EXT4-fs warning (device loop0): ext4_evict_inode:273: xattr delete (err -30) [ 230.018851][ T6460] EXT4-fs (loop0): 1 orphan inode deleted [ 230.040741][ T6460] EXT4-fs (loop0): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 230.072418][ T6432] loop4: detected capacity change from 0 to 8192 [ 230.310377][ T6465] loop1: detected capacity change from 0 to 2048 [ 230.367988][ T5789] EXT4-fs (loop0): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 230.488993][ T6465] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 230.606184][ T6471] loop3: detected capacity change from 0 to 512 [ 230.691411][ T6471] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 230.805732][ T6471] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 230.851389][ T6471] ext4 filesystem being mounted at /46/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 231.224198][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 231.572321][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 231.913305][ T6486] loop4: detected capacity change from 0 to 512 [ 232.160859][ T6486] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 232.359407][ T6486] ext4 filesystem being mounted at /29/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 233.941200][ T6499] loop1: detected capacity change from 0 to 1024 [ 234.052905][ T6499] EXT4-fs: Ignoring removed bh option [ 234.179649][ T6499] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 234.934936][ T6506] loop2: detected capacity change from 0 to 512 [ 235.136336][ T6508] loop3: detected capacity change from 0 to 512 [ 235.258757][ T6506] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 235.429178][ T6508] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 235.447636][ T6499] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 235.489972][ T5795] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.519644][ T6508] EXT4-fs (loop3): orphan cleanup on readonly fs [ 235.576186][ T6506] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 48 vs 41 free clusters [ 235.599289][ T6508] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.206: Allocating blocks 41-42 which overlap fs metadata [ 235.740820][ T6508] Quota error (device loop3): write_blk: dquota write failed [ 235.748854][ T6508] Quota error (device loop3): find_free_dqentry: Can't write quota data block 5 [ 235.764993][ T6513] loop0: detected capacity change from 0 to 512 [ 235.795260][ T6506] EXT4-fs (loop2): Remounting filesystem read-only [ 235.802937][ T6506] Quota error (device loop2): write_blk: dquota write failed [ 235.811062][ T6506] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5 [ 235.921779][ T6506] Quota error (device loop2): write_blk: dquota write failed [ 235.958839][ T6508] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 236.009202][ T6506] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota [ 236.068966][ T6508] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.206: Failed to acquire dquot type 1 [ 236.081056][ T6506] EXT4-fs (loop2): 1 truncate cleaned up [ 236.109563][ T6506] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 236.126533][ T6508] EXT4-fs error (device loop3): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 236.245976][ T6508] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.206: corrupted inode contents [ 236.359262][ T6508] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #12: comm syz.3.206: mark_inode_dirty error [ 236.421280][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.462503][ T6508] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.206: corrupted inode contents [ 236.548322][ T6508] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.206: mark_inode_dirty error [ 236.617958][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.635209][ T6508] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.206: corrupted inode contents [ 236.719040][ T6508] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem [ 236.805592][ T6508] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.206: corrupted inode contents [ 236.939594][ T6508] EXT4-fs error (device loop3): ext4_truncate:4635: inode #12: comm syz.3.206: mark_inode_dirty error [ 236.991288][ T6520] loop1: detected capacity change from 0 to 512 [ 237.066912][ T6508] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem [ 237.143363][ T6520] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 237.143358][ T6508] EXT4-fs (loop3): 1 truncate cleaned up [ 237.145828][ T6508] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 237.322691][ T6520] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 237.337609][ T6523] loop2: detected capacity change from 0 to 2048 [ 237.452728][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.452992][ T6523] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 237.520237][ T6520] ext4 filesystem being mounted at /41/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 238.052667][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.167988][ T6536] loop3: detected capacity change from 0 to 2048 [ 238.201121][ T6513] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #11: comm syz.0.204: ea_inode with extended attributes [ 238.201305][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.298945][ T6513] EXT4-fs (loop0): Remounting filesystem read-only [ 238.333621][ T6513] EXT4-fs warning (device loop0): ext4_evict_inode:273: xattr delete (err -30) [ 238.378812][ T6513] EXT4-fs (loop0): 1 orphan inode deleted [ 238.400732][ T6513] EXT4-fs (loop0): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 238.826862][ T6542] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 238.840844][ T5789] EXT4-fs (loop0): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 238.949577][ T6542] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 239.096408][ T6545] loop3: detected capacity change from 0 to 512 [ 239.153523][ T6548] loop4: detected capacity change from 0 to 512 [ 239.222714][ T6548] ext2: Unknown parameter 'smackfsroot' [ 239.300521][ T6545] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 239.370719][ T6545] ext4 filesystem being mounted at /51/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 241.779826][ T6568] loop2: detected capacity change from 0 to 512 [ 242.150757][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 242.292931][ T6568] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 242.460686][ T6568] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 242.895014][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 242.953689][ T6576] loop1: detected capacity change from 0 to 2048 [ 243.136815][ T6576] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 243.600167][ T6587] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 243.722769][ T6586] loop3: detected capacity change from 0 to 512 [ 244.273996][ T6586] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #11: comm syz.3.229: ea_inode with extended attributes [ 244.387300][ T6594] sctp: [Deprecated]: syz.4.231 (pid 6594) Use of int in max_burst socket option deprecated. [ 244.387300][ T6594] Use struct sctp_assoc_value instead [ 244.506041][ T6586] EXT4-fs (loop3): Remounting filesystem read-only [ 244.599296][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.609345][ T6586] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -30) [ 244.663246][ T6586] EXT4-fs (loop3): 1 orphan inode deleted [ 244.828995][ T6586] EXT4-fs (loop3): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 245.773042][ T5791] EXT4-fs (loop3): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 245.908193][ T6610] loop2: detected capacity change from 0 to 512 [ 246.131010][ T6610] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 246.169365][ T6610] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 246.986072][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 247.343718][ T6626] loop1: detected capacity change from 0 to 2048 [ 247.581132][ T6626] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 247.865735][ T6639] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 248.239561][ T6642] program syz.2.246 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 248.549158][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.930050][ T6651] netlink: 8 bytes leftover after parsing attributes in process `syz.2.250'. [ 249.247994][ T6651] loop2: detected capacity change from 0 to 1024 [ 249.272737][ T6651] EXT4-fs: Ignoring removed orlov option [ 249.283030][ T6651] EXT4-fs: Ignoring removed nomblk_io_submit option [ 249.349662][ T6651] ext4: Unknown parameter 'subj_role' [ 250.167526][ T6658] loop1: detected capacity change from 0 to 512 [ 250.650217][ T6658] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #11: comm syz.1.249: ea_inode with extended attributes [ 250.764547][ T6667] loop4: detected capacity change from 0 to 1024 [ 250.855193][ T6658] EXT4-fs (loop1): Remounting filesystem read-only [ 250.896154][ T6658] EXT4-fs warning (device loop1): ext4_evict_inode:273: xattr delete (err -30) [ 250.965921][ T6667] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 251.013895][ T6658] EXT4-fs (loop1): 1 orphan inode deleted [ 251.040593][ T6658] EXT4-fs (loop1): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 251.265271][ T6673] loop2: detected capacity change from 0 to 512 [ 251.474424][ T6673] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 251.549227][ T6673] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 251.564366][ T5795] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.845766][ T5782] EXT4-fs (loop1): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 252.283813][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.726687][ T30] audit: type=1326 audit(1770588630.481:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.2.260" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa43079aeb9 code=0x0 [ 253.013266][ T6690] mmap: syz.3.261 (6690) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 253.204816][ T6692] netlink: 8 bytes leftover after parsing attributes in process `syz.1.263'. [ 253.811013][ T6698] loop3: detected capacity change from 0 to 512 [ 253.920642][ T6698] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 254.085106][ T6698] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 254.229096][ T6698] ext4 filesystem being mounted at /60/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 254.612082][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.039601][ T6700] loop0: detected capacity change from 0 to 512 [ 255.075000][ T6708] loop3: detected capacity change from 0 to 512 [ 255.163449][ T6708] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 255.226053][ T6700] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 255.276566][ T6708] EXT4-fs (loop3): 1 truncate cleaned up [ 255.291670][ T6692] loop1: detected capacity change from 0 to 1024 [ 255.394049][ T6708] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 255.442554][ T6692] EXT4-fs: Ignoring removed orlov option [ 255.448682][ T6692] EXT4-fs: Ignoring removed nomblk_io_submit option [ 255.503422][ T6692] ext4: Unknown parameter 'subj_role' [ 255.525501][ T6713] netlink: 'syz.4.271': attribute type 27 has an invalid length. [ 255.799622][ T6700] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 255.880899][ T6700] ext4 filesystem being mounted at /48/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 256.171158][ T6713] bridge0: port 2(bridge_slave_1) entered disabled state [ 256.180648][ T6713] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.187303][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.240564][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.290690][ T6713] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 257.436304][ T6713] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 258.497986][ T35] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 258.571744][ T35] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 258.599557][ T2952] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 258.625509][ T6736] loop2: detected capacity change from 0 to 512 [ 258.633960][ T2952] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 258.833766][ T6736] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.969337][ T6736] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 259.096982][ T6736] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.277: path /57/file1: bad entry in directory: directory entry overrun - offset=12, inode=514, rec_len=2048, size=2048 fake=0 [ 259.224002][ T6736] EXT4-fs (loop2): Remounting filesystem read-only [ 259.640160][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.926740][ T6752] –: renamed from vxcan1 (while UP) [ 260.001211][ T30] audit: type=1326 audit(1770588637.771:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6753 comm="syz.2.285" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa43079aeb9 code=0x0 [ 260.763537][ T6746] loop0: detected capacity change from 0 to 512 [ 260.880666][ T6746] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 261.269786][ T2952] kworker/u8:7 invoked oom-killer: gfp_mask=0x100c0a(GFP_NOIO|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_HARDWALL), order=0, oom_score_adj=0 [ 261.283938][ T2952] CPU: 1 UID: 0 PID: 2952 Comm: kworker/u8:7 Not tainted syzkaller #0 PREEMPT(voluntary) [ 261.284079][ T2952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 261.284202][ T2952] Workqueue: loop0 loop_rootcg_workfn [ 261.284392][ T2952] Call Trace: [ 261.284442][ T2952] [ 261.284490][ T2952] __dump_stack+0x26/0x30 [ 261.284641][ T2952] dump_stack_lvl+0x14c/0x1c0 [ 261.284791][ T2952] dump_stack+0x1e/0x25 [ 261.284925][ T2952] dump_header+0x161/0x580 [ 261.285062][ T2952] oom_kill_process+0x5bb/0x950 [ 261.285242][ T2952] out_of_memory+0x1a6f/0x1f30 [ 261.285398][ T2952] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 261.285575][ T2952] ? kmsan_get_metadata+0xf1/0x160 [ 261.285762][ T2952] try_charge_memcg+0xfe9/0x1c20 [ 261.285966][ T2952] mem_cgroup_swapin_charge_folio+0x423/0x900 [ 261.286143][ T2952] __read_swap_cache_async+0x3c9/0x770 [ 261.286328][ T2952] swap_cluster_readahead+0x6ab/0xb20 [ 261.286537][ T2952] shmem_swapin_folio+0x1fe5/0x3ee0 [ 261.286667][ T2952] ? filemap_get_entry+0x31/0x910 [ 261.286837][ T2952] ? kmsan_get_metadata+0xf1/0x160 [ 261.287011][ T2952] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 261.287224][ T2952] ? kmsan_get_metadata+0xf1/0x160 [ 261.287412][ T2952] ? __rcu_read_unlock+0x6c/0xd0 [ 261.287561][ T2952] ? filemap_get_entry+0x8cb/0x910 [ 261.287751][ T2952] shmem_get_folio_gfp+0x92a/0x1fc0 [ 261.287972][ T2952] shmem_file_read_iter+0x2a6/0x1140 [ 261.288153][ T2952] ? kmsan_get_metadata+0xf1/0x160 [ 261.288314][ T2952] ? __pfx_shmem_file_read_iter+0x10/0x10 [ 261.288470][ T2952] ? __pfx_shmem_file_read_iter+0x10/0x10 [ 261.288615][ T2952] lo_rw_aio+0x1164/0x14a0 [ 261.288829][ T2952] loop_process_work+0xf05/0x1ff0 [ 261.289000][ T2952] ? queue_delayed_work_on+0x1c1/0x2e0 [ 261.289141][ T2952] ? kmsan_get_metadata+0xf1/0x160 [ 261.289307][ T2952] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 261.289471][ T2952] ? kmsan_get_metadata+0xf1/0x160 [ 261.289702][ T2952] loop_rootcg_workfn+0x2b/0x40 [ 261.289846][ T2952] ? __pfx_loop_rootcg_workfn+0x10/0x10 [ 261.290000][ T2952] process_scheduled_works+0xae7/0x1d60 [ 261.290229][ T2952] worker_thread+0x1741/0x1de0 [ 261.290441][ T2952] kthread+0xd5a/0xf00 [ 261.290561][ T2952] ? __pfx_worker_thread+0x10/0x10 [ 261.290747][ T2952] ? __pfx_kthread+0x10/0x10 [ 261.290868][ T2952] ret_from_fork+0x207/0x6f0 [ 261.291037][ T2952] ? __switch_to+0x521/0x750 [ 261.291181][ T2952] ? __pfx_kthread+0x10/0x10 [ 261.291307][ T2952] ret_from_fork_asm+0x1a/0x30 [ 261.291495][ T2952] [ 261.542115][ T2952] memory: usage 307200kB, limit 307200kB, failcnt 1054 [ 261.550796][ T2952] memory+swap: usage 307268kB, limit 9007199254740988kB, failcnt 0 [ 261.559537][ T2952] kmem: usage 306868kB, limit 9007199254740988kB, failcnt 0 [ 261.571484][ T2952] Memory cgroup stats for /syz0: [ 261.572346][ T2952] cache 229376 [ 261.582383][ T2952] rss 77824 [ 261.585720][ T2952] rss_huge 0 [ 261.589312][ T2952] shmem 212992 [ 261.592809][ T2952] mapped_file 0 [ 261.596393][ T2952] dirty 0 [ 261.599590][ T2952] writeback 0 [ 261.602993][ T2952] workingset_refault_anon 220 [ 261.607800][ T2952] workingset_refault_file 302 [ 261.612724][ T2952] swap 69632 [ 261.616232][ T2952] swapcached 57344 [ 261.620270][ T2952] pgpgin 9131 [ 261.623686][ T2952] pgpgout 9048 [ 261.627184][ T2952] pgfault 12069 [ 261.630880][ T2952] pgmajfault 136 [ 261.634549][ T2952] inactive_anon 311296 [ 261.639083][ T2952] active_anon 4096 [ 261.642935][ T2952] inactive_file 0 [ 261.646728][ T2952] active_file 24576 [ 261.650824][ T2952] unevictable 0 [ 261.654399][ T2952] hierarchical_memory_limit 314572800 [ 261.660034][ T2952] hierarchical_memsw_limit 9223372036854771712 [ 261.670852][ T2952] total_cache 229376 [ 261.674895][ T2952] total_rss 77824 [ 261.680125][ T2952] total_rss_huge 0 [ 261.683984][ T2952] total_shmem 212992 [ 261.687995][ T2952] total_mapped_file 0 [ 261.692263][ T2952] total_dirty 0 [ 261.695841][ T2952] total_writeback 0 [ 261.699912][ T2952] total_workingset_refault_anon 220 [ 261.705242][ T2952] total_workingset_refault_file 302 [ 261.710759][ T2952] total_swap 69632 [ 261.714604][ T2952] total_swapcached 57344 [ 261.719121][ T2952] total_pgpgin 9131 [ 261.723053][ T2952] total_pgpgout 9048 [ 261.727069][ T2952] total_pgfault 12069 [ 261.731369][ T2952] total_pgmajfault 136 [ 261.735561][ T2952] total_inactive_anon 311296 [ 261.740411][ T2952] total_active_anon 4096 [ 261.744775][ T2952] total_inactive_file 0 [ 261.749188][ T2952] total_active_file 24576 [ 261.753645][ T2952] total_unevictable 0 [ 261.757761][ T2952] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.280,pid=6743,uid=0 [ 261.777950][ T2952] Memory cgroup out of memory: Killed process 6743 (syz.0.280) total-vm:102208kB, anon-rss:1344kB, file-rss:21640kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 262.184777][ T6746] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 262.307596][ T6746] ext4 filesystem being mounted at /50/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 262.758134][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 264.399250][ T6799] xt_CT: You must specify a L4 protocol and not use inversions on it [ 265.749581][ T30] audit: type=1326 audit(1770588643.511:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.1.309" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f15e6b9aeb9 code=0x0 [ 266.966806][ T6837] loop3: detected capacity change from 0 to 512 [ 267.030232][ T6837] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 267.211740][ T6837] EXT4-fs (loop3): 1 truncate cleaned up [ 267.252184][ T6837] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 267.411348][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.022330][ T6855] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN [ 268.071175][ T6860] loop3: detected capacity change from 0 to 128 [ 268.213017][ T6860] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 268.350291][ T6860] ext4 filesystem being mounted at /74/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 268.616366][ T6860] EXT4-fs error (device loop3): ext4_append:79: inode #2: comm syz.3.322: Logical block already allocated [ 268.943722][ T6869] xt_hashlimit: size too large, truncated to 1048576 [ 268.997148][ T5791] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 271.335173][ T6900] loop2: detected capacity change from 0 to 512 [ 271.521262][ T6900] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 271.558897][ T6900] ext4 filesystem being mounted at /69/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 271.650638][ T6902] loop4: detected capacity change from 0 to 512 [ 271.872166][ T6902] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.338: invalid indirect mapped block 256 (level 2) [ 271.971248][ T6902] EXT4-fs (loop4): 2 truncates cleaned up [ 271.995886][ T6902] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 272.219124][ T30] audit: type=1800 audit(1770588649.911:17): pid=6902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.338" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 273.389621][ T5795] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.463303][ T6898] loop0: detected capacity change from 0 to 8192 [ 274.461427][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.832901][ T6919] Illegal XDP return value 4294967262 on prog (id 4) dev N/A, expect packet loss! [ 276.081699][ T6943] loop2: detected capacity change from 0 to 512 [ 276.189975][ T6943] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 276.209433][ T6943] ext4 filesystem being mounted at /72/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 279.090762][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.686211][ T6982] af_packet: tpacket_rcv: packet too big, clamped from 2902 to 4294967280. macoff=96 [ 280.446218][ T6980] loop2: detected capacity change from 0 to 8192 [ 280.600745][ T6988] loop1: detected capacity change from 0 to 128 [ 280.760735][ T6988] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 280.869980][ T6988] ext4 filesystem being mounted at /74/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 281.434925][ T5782] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 281.951206][ T7007] loop1: detected capacity change from 0 to 512 [ 282.019309][ T7012] loop0: detected capacity change from 0 to 512 [ 282.077323][ T7012] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 282.120543][ T7007] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 282.156589][ T7007] ext4 filesystem being mounted at /75/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 282.224636][ T7012] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 282.306591][ T7012] ext4 filesystem being mounted at /67/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 282.955764][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.037097][ T7031] netlink: 268 bytes leftover after parsing attributes in process `syz.3.383'. [ 284.060486][ T7033] loop4: detected capacity change from 0 to 128 [ 284.095729][ T7029] netlink: 88 bytes leftover after parsing attributes in process `syz.0.382'. [ 284.122377][ T7031] tipc: Started in network mode [ 284.127440][ T7031] tipc: Node identity fffffc01, cluster identity 2048 [ 284.134702][ T7031] tipc: Node number set to 4294966273 [ 284.223464][ T7033] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 284.256163][ T7031] tipc: Cannot configure node identity twice [ 284.263909][ T7035] syzkaller1: entered promiscuous mode [ 284.270194][ T7035] syzkaller1: entered allmulticast mode [ 284.334437][ T7033] ext4 filesystem being mounted at /72/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 286.672281][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 286.679037][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 286.902126][ T5795] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 287.593634][ T7044] netlink: 24 bytes leftover after parsing attributes in process `syz.0.389'. [ 287.603141][ T7044] netlink: 24 bytes leftover after parsing attributes in process `syz.0.389'. [ 287.898890][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.145922][ T7072] netlink: 88 bytes leftover after parsing attributes in process `syz.0.399'. [ 289.208321][ T7072] syzkaller1: entered promiscuous mode [ 289.217683][ T7072] syzkaller1: entered allmulticast mode [ 290.083408][ T7083] loop4: detected capacity change from 0 to 512 [ 290.320099][ T7083] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 290.359721][ T7083] ext4 filesystem being mounted at /76/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 290.696203][ T7090] netlink: 24 bytes leftover after parsing attributes in process `syz.2.404'. [ 290.705606][ T7090] netlink: 24 bytes leftover after parsing attributes in process `syz.2.404'. [ 292.887570][ T7103] loop2: detected capacity change from 0 to 128 [ 293.123808][ T5078] Bluetooth: hci0: command 0x0406 tx timeout [ 293.132989][ T50] Bluetooth: hci1: command 0x0406 tx timeout [ 293.141384][ T5078] Bluetooth: hci2: command 0x0406 tx timeout [ 293.147659][ T5078] Bluetooth: hci3: command 0x0406 tx timeout [ 293.156897][ T50] Bluetooth: hci4: command 0x0406 tx timeout [ 293.214310][ T7064] syz.1.396 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 293.225558][ T7064] CPU: 1 UID: 0 PID: 7064 Comm: syz.1.396 Not tainted syzkaller #0 PREEMPT(voluntary) [ 293.225694][ T7064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 293.225770][ T7064] Call Trace: [ 293.225817][ T7064] [ 293.225863][ T7064] __dump_stack+0x26/0x30 [ 293.226018][ T7064] dump_stack_lvl+0x14c/0x1c0 [ 293.226171][ T7064] dump_stack+0x1e/0x25 [ 293.226313][ T7064] dump_header+0x161/0x580 [ 293.226449][ T7064] oom_kill_process+0x5bb/0x950 [ 293.226630][ T7064] out_of_memory+0x1a6f/0x1f30 [ 293.226792][ T7064] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 293.226976][ T7064] ? kmsan_get_metadata+0xf1/0x160 [ 293.227170][ T7064] try_charge_memcg+0xfe9/0x1c20 [ 293.227388][ T7064] __mem_cgroup_charge+0x114/0x5c0 [ 293.227545][ T7064] do_pte_missing+0x4017/0x7420 [ 293.227728][ T7064] ? stack_depot_save_flags+0x35/0x790 [ 293.227869][ T7064] ? kmsan_get_metadata+0xf1/0x160 [ 293.228044][ T7064] ? kmsan_get_metadata+0xf1/0x160 [ 293.228253][ T7064] handle_mm_fault+0x2d96/0x6e90 [ 293.228512][ T7064] __get_user_pages+0x2eff/0x5f00 [ 293.228759][ T7064] __mm_populate+0x626/0xab0 [ 293.228946][ T7064] do_mlock+0xbb2/0xdf0 [ 293.229076][ T7064] ? kmsan_get_metadata+0xf1/0x160 [ 293.229304][ T7064] __x64_sys_mlock+0x73/0xc0 [ 293.229432][ T7064] x64_sys_call+0x1c2e/0x3e70 [ 293.229593][ T7064] do_syscall_64+0xc9/0xf80 [ 293.229747][ T7064] ? clear_bhb_loop+0x40/0x90 [ 293.229888][ T7064] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.230040][ T7064] RIP: 0033:0x7f15e6b9aeb9 [ 293.230151][ T7064] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 293.230266][ T7064] RSP: 002b:00007f15e7974028 EFLAGS: 00000246 ORIG_RAX: 0000000000000095 [ 293.230391][ T7064] RAX: ffffffffffffffda RBX: 00007f15e6e15fa0 RCX: 00007f15e6b9aeb9 [ 293.230484][ T7064] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000000000 [ 293.230567][ T7064] RBP: 00007f15e6c08c1f R08: 0000000000000000 R09: 0000000000000000 [ 293.230647][ T7064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 293.230724][ T7064] R13: 00007f15e6e16038 R14: 00007f15e6e15fa0 R15: 00007ffdb6563078 [ 293.230849][ T7064] [ 293.456862][ T7064] memory: usage 307200kB, limit 307200kB, failcnt 4662 [ 293.465399][ T7064] memory+swap: usage 307388kB, limit 9007199254740988kB, failcnt 0 [ 293.473721][ T7064] kmem: usage 306100kB, limit 9007199254740988kB, failcnt 0 [ 293.481439][ T7064] Memory cgroup stats for /syz1: [ 293.482231][ T7064] cache 0 [ 293.490443][ T7064] rss 1118208 [ 293.493845][ T7064] rss_huge 0 [ 293.497160][ T7064] shmem 0 [ 293.500329][ T7064] mapped_file 0 [ 293.503909][ T7064] dirty 0 [ 293.506958][ T7064] writeback 0 [ 293.514622][ T7064] workingset_refault_anon 203 [ 293.521099][ T7064] workingset_refault_file 875 [ 293.525922][ T7064] swap 192512 [ 293.529479][ T7064] swapcached 4096 [ 293.533322][ T7064] pgpgin 15953 [ 293.536809][ T7064] pgpgout 15678 [ 293.540595][ T7064] pgfault 19264 [ 293.544180][ T7064] pgmajfault 159 [ 293.547845][ T7064] inactive_anon 4096 [ 293.552026][ T7064] active_anon 0 [ 293.555707][ T7064] inactive_file 0 [ 293.559635][ T7064] active_file 4096 [ 293.563560][ T7064] unevictable 1118208 [ 293.567655][ T7064] hierarchical_memory_limit 314572800 [ 293.573309][ T7064] hierarchical_memsw_limit 9223372036854771712 [ 293.579730][ T7064] total_cache 0 [ 293.583318][ T7064] total_rss 1118208 [ 293.587242][ T7064] total_rss_huge 0 [ 293.591248][ T7064] total_shmem 0 [ 293.594835][ T7064] total_mapped_file 0 [ 293.599123][ T7064] total_dirty 0 [ 293.602705][ T7064] total_writeback 0 [ 293.606634][ T7064] total_workingset_refault_anon 203 [ 293.612095][ T7064] total_workingset_refault_file 875 [ 293.621659][ T7064] total_swap 192512 [ 293.625599][ T7064] total_swapcached 4096 [ 293.631208][ T7064] total_pgpgin 15953 [ 293.635232][ T7064] total_pgpgout 15678 [ 293.639606][ T7064] total_pgfault 19264 [ 293.643729][ T7064] total_pgmajfault 159 [ 293.647926][ T7064] total_inactive_anon 4096 [ 293.652585][ T7064] total_active_anon 0 [ 293.656688][ T7064] total_inactive_file 0 [ 293.661212][ T7064] total_active_file 4096 [ 293.665578][ T7064] total_unevictable 1118208 [ 293.670401][ T7064] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.396,pid=7063,uid=0 [ 293.685905][ T7064] Memory cgroup out of memory: Killed process 7063 (syz.1.396) total-vm:104256kB, anon-rss:2244kB, file-rss:22152kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 293.793019][ T7103] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 293.793952][ T5795] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 293.912006][ T7103] ext4 filesystem being mounted at /82/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 294.449556][ T5786] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 295.055438][ T7126] netlink: 88 bytes leftover after parsing attributes in process `syz.2.413'. [ 295.130750][ T7119] syzkaller1: entered promiscuous mode [ 295.136519][ T7119] syzkaller1: entered allmulticast mode [ 295.730950][ T7131] netlink: 24 bytes leftover after parsing attributes in process `syz.4.417'. [ 295.741139][ T7131] netlink: 24 bytes leftover after parsing attributes in process `syz.4.417'. [ 296.133392][ T7138] loop0: detected capacity change from 0 to 128 [ 296.370492][ T7138] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 296.431985][ T7144] loop3: detected capacity change from 0 to 512 [ 296.474297][ T7137] loop1: detected capacity change from 0 to 1024 [ 296.529149][ T7138] ext4 filesystem being mounted at /76/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 296.592147][ T7137] EXT4-fs: Ignoring removed orlov option [ 296.598047][ T7137] EXT4-fs: Ignoring removed nomblk_io_submit option [ 296.694529][ T7144] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 296.784047][ T7144] ext4 filesystem being mounted at /98/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 296.803738][ T7137] ext4: Unknown parameter 'subj_role' [ 297.244505][ T7150] loop4: detected capacity change from 0 to 1024 [ 297.486462][ T7150] EXT4-fs: Ignoring removed nomblk_io_submit option [ 298.303281][ T5789] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 298.320872][ T7150] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 299.302145][ T5795] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.894321][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 300.158972][ T7163] loop4: detected capacity change from 0 to 1024 [ 300.342311][ T7163] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c018, mo2=0002] [ 300.420669][ T7163] System zones: 0-1, 3-8 [ 300.427723][ T7163] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 300.523194][ T7163] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 300.557455][ T7171] netlink: 88 bytes leftover after parsing attributes in process `syz.2.429'. [ 300.625691][ T7171] syzkaller1: entered promiscuous mode [ 300.631672][ T7171] syzkaller1: entered allmulticast mode [ 300.701630][ T7163] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.426: bg 0: block 112: padding at end of block bitmap is not set [ 300.766625][ T7163] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 17 with error 28 [ 300.782590][ T7163] EXT4-fs (loop4): This should not happen!! Data will be lost [ 300.782590][ T7163] [ 300.795186][ T7163] EXT4-fs (loop4): Total free blocks count 0 [ 300.802394][ T7163] EXT4-fs (loop4): Free/Dirty block details [ 300.808666][ T7163] EXT4-fs (loop4): free_blocks=0 [ 300.813765][ T7163] EXT4-fs (loop4): dirty_blocks=48 [ 300.819194][ T7163] EXT4-fs (loop4): Block reservation details [ 300.825331][ T7163] EXT4-fs (loop4): i_reserved_data_blocks=3 [ 301.353075][ T54] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: block 8: comm kworker/u8:3: lblock 40 mapped to illegal pblock 8 (length 8) [ 301.485077][ T54] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 40 with max blocks 8 with error 117 [ 301.946504][ T7190] loop4: detected capacity change from 0 to 128 [ 302.072836][ T7194] loop1: detected capacity change from 0 to 256 [ 302.101321][ T7194] vfat: Bad value for 'uni_xlate' [ 302.200654][ T7190] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 302.364073][ T7190] ext4 filesystem being mounted at /82/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 302.497342][ T7197] loop2: detected capacity change from 0 to 512 [ 302.953453][ T7197] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 302.999639][ T7197] ext4 filesystem being mounted at /89/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 303.004029][ T5795] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 303.566500][ T7211] netlink: 20 bytes leftover after parsing attributes in process `syz.3.441'. [ 304.102780][ T7200] loop0: detected capacity change from 0 to 1024 [ 304.529521][ T7216] netlink: 88 bytes leftover after parsing attributes in process `syz.1.442'. [ 304.601512][ T7217] syzkaller1: entered promiscuous mode [ 304.607166][ T7217] syzkaller1: entered allmulticast mode [ 304.872441][ T7221] loop4: detected capacity change from 0 to 1024 [ 305.807975][ T7221] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c018, mo2=0002] [ 305.818893][ T7221] System zones: 0-1, 3-8 [ 305.874746][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 305.992907][ T7221] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 306.109550][ T7221] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 306.130324][ T7224] syzkaller0: entered promiscuous mode [ 306.136111][ T7224] syzkaller0: entered allmulticast mode [ 306.787221][ T5795] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 307.315431][ T7246] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 308.696955][ T30] audit: type=1326 audit(1770588686.441:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7270 comm="syz.2.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa43079aeb9 code=0x7ffc0000 [ 308.818764][ T30] audit: type=1326 audit(1770588686.511:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7270 comm="syz.2.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7fa43079aeb9 code=0x7ffc0000 [ 308.841248][ T30] audit: type=1326 audit(1770588686.511:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7270 comm="syz.2.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa43079aeb9 code=0x7ffc0000 [ 308.956958][ T7275] loop1: detected capacity change from 0 to 512 [ 309.137475][ T7275] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 309.183234][ T7275] ext4 filesystem being mounted at /85/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 309.234636][ T7279] loop3: detected capacity change from 0 to 1024 [ 309.431972][ T7279] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 309.549167][ T7279] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 309.635909][ T7290] loop4: detected capacity change from 0 to 256 [ 309.671104][ T7279] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 310.266699][ T7292] syzkaller0: entered promiscuous mode [ 310.273592][ T7292] syzkaller0: entered allmulticast mode [ 312.065961][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 313.046049][ T7325] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 313.104239][ T7325] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 313.109152][ T7323] loop2: detected capacity change from 0 to 2048 [ 313.333265][ T7323] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 313.531604][ T30] audit: type=1800 audit(1770588691.291:21): pid=7323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.469" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 313.962103][ T7336] loop0: detected capacity change from 0 to 512 [ 313.999315][ T750] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 313.999833][ T750] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 313.999953][ T750] EXT4-fs (loop2): This should not happen!! Data will be lost [ 313.999953][ T750] [ 314.000030][ T750] EXT4-fs (loop2): Total free blocks count 0 [ 314.000107][ T750] EXT4-fs (loop2): Free/Dirty block details [ 314.000178][ T750] EXT4-fs (loop2): free_blocks=4096 [ 314.000255][ T750] EXT4-fs (loop2): dirty_blocks=32 [ 314.000329][ T750] EXT4-fs (loop2): Block reservation details [ 314.000398][ T750] EXT4-fs (loop2): i_reserved_data_blocks=2 [ 314.011977][ T13] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 20 with max blocks 1 with error 28 [ 314.310673][ T7336] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #11: comm syz.0.472: ea_inode with extended attributes [ 314.312809][ T7336] EXT4-fs (loop0): Remounting filesystem read-only [ 314.313106][ T7336] EXT4-fs warning (device loop0): ext4_evict_inode:273: xattr delete (err -30) [ 314.313231][ T7336] EXT4-fs (loop0): 1 orphan inode deleted [ 314.339336][ T7336] EXT4-fs (loop0): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 314.636270][ T7341] loop2: detected capacity change from 0 to 1024 [ 314.940713][ T7341] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 314.941058][ T7341] ext4 filesystem being mounted at /98/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 315.033687][ T7341] EXT4-fs error (device loop2): ext4_map_blocks:825: inode #15: block 3: comm syz.2.475: lblock 3 mapped to illegal pblock 3 (length 1) [ 315.038117][ T7341] EXT4-fs (loop2): Remounting filesystem read-only [ 315.492644][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 315.577670][ T7339] syzkaller0: entered promiscuous mode [ 315.583749][ T7339] syzkaller0: entered allmulticast mode [ 317.772661][ T7366] ===================================================== [ 317.780010][ T7366] BUG: KMSAN: uninit-value in batadv_get_vid+0x2ce/0x3b0 [ 317.787270][ T7366] batadv_get_vid+0x2ce/0x3b0 [ 317.792320][ T7366] batadv_interface_tx+0x2e8/0x1dd0 [ 317.797726][ T7366] dev_hard_start_xmit+0x22f/0xa30 [ 317.803230][ T7366] __dev_queue_xmit+0x350d/0x5890 [ 317.808567][ T7366] __bpf_redirect+0x162e/0x1760 [ 317.813547][ T7366] bpf_clone_redirect+0x4a6/0x6c0 [ 317.818910][ T7366] ___bpf_prog_run+0x12af/0xeb60 [ 317.824095][ T7366] __bpf_prog_run512+0xc5/0x100 [ 317.829257][ T7366] bpf_test_run+0x493/0xdf0 [ 317.833931][ T7366] bpf_prog_test_run_skb+0x2376/0x3200 [ 317.839747][ T7366] bpf_prog_test_run+0x5bb/0x9f0 [ 317.844859][ T7366] __sys_bpf+0x873/0xeb0 [ 317.849420][ T7366] __x64_sys_bpf+0xa4/0xf0 [ 317.854061][ T7366] x64_sys_call+0x31c3/0x3e70 [ 317.859057][ T7366] do_syscall_64+0xc9/0xf80 [ 317.863733][ T7366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.869958][ T7366] [ 317.872371][ T7366] Uninit was created at: [ 317.876833][ T7366] kmem_cache_alloc_node_noprof+0x9de/0x1780 [ 317.883144][ T7366] kmalloc_reserve+0x13c/0x4b0 [ 317.888139][ T7366] pskb_expand_head+0x205/0x1900 [ 317.893361][ T7366] skb_ensure_writable+0x44e/0x510 [ 317.898783][ T7366] bpf_clone_redirect+0x301/0x6c0 [ 317.904085][ T7366] ___bpf_prog_run+0x12af/0xeb60 [ 317.909348][ T7366] __bpf_prog_run512+0xc5/0x100 [ 317.914378][ T7366] bpf_test_run+0x493/0xdf0 [ 317.919221][ T7366] bpf_prog_test_run_skb+0x2376/0x3200 [ 317.924932][ T7366] bpf_prog_test_run+0x5bb/0x9f0 [ 317.930202][ T7366] __sys_bpf+0x873/0xeb0 [ 317.934605][ T7366] __x64_sys_bpf+0xa4/0xf0 [ 317.939363][ T7366] x64_sys_call+0x31c3/0x3e70 [ 317.944215][ T7366] do_syscall_64+0xc9/0xf80 [ 317.949030][ T7366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.955202][ T7366] [ 317.957641][ T7366] CPU: 1 UID: 0 PID: 7366 Comm: syz.2.483 Not tainted syzkaller #0 PREEMPT(voluntary) [ 317.967570][ T7366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 317.977913][ T7366] ===================================================== [ 317.985090][ T7366] Disabling lock debugging due to kernel taint [ 317.991532][ T7366] Kernel panic - not syncing: kmsan.panic set ... [ 317.998058][ T7366] CPU: 1 UID: 0 PID: 7366 Comm: syz.2.483 Tainted: G B syzkaller #0 PREEMPT(voluntary) [ 318.009410][ T7366] Tainted: [B]=BAD_PAGE [ 318.013630][ T7366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 318.023793][ T7366] Call Trace: [ 318.027141][ T7366] [ 318.030162][ T7366] __dump_stack+0x26/0x30 [ 318.034674][ T7366] dump_stack_lvl+0x50/0x1c0 [ 318.039428][ T7366] ? dump_stack+0x12/0x25 [ 318.043905][ T7366] dump_stack+0x1e/0x25 [ 318.048203][ T7366] vpanic+0x435/0xd40 [ 318.052345][ T7366] panic+0x15d/0x160 [ 318.056426][ T7366] kmsan_report+0x31a/0x320 [ 318.061120][ T7366] ? __msan_warning+0x1b/0x30 [ 318.065953][ T7366] ? batadv_get_vid+0x2ce/0x3b0 [ 318.071132][ T7366] ? batadv_interface_tx+0x2e8/0x1dd0 [ 318.076652][ T7366] ? dev_hard_start_xmit+0x22f/0xa30 [ 318.082105][ T7366] ? __dev_queue_xmit+0x350d/0x5890 [ 318.087472][ T7366] ? __bpf_redirect+0x162e/0x1760 [ 318.092624][ T7366] ? bpf_clone_redirect+0x4a6/0x6c0 [ 318.097998][ T7366] ? ___bpf_prog_run+0x12af/0xeb60 [ 318.103265][ T7366] ? __bpf_prog_run512+0xc5/0x100 [ 318.108454][ T7366] ? bpf_test_run+0x493/0xdf0 [ 318.113298][ T7366] ? bpf_prog_test_run_skb+0x2376/0x3200 [ 318.119102][ T7366] ? bpf_prog_test_run+0x5bb/0x9f0 [ 318.124378][ T7366] ? __sys_bpf+0x873/0xeb0 [ 318.128933][ T7366] ? __x64_sys_bpf+0xa4/0xf0 [ 318.133661][ T7366] ? x64_sys_call+0x31c3/0x3e70 [ 318.138666][ T7366] ? do_syscall_64+0xc9/0xf80 [ 318.143505][ T7366] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.149716][ T7366] ? kmsan_get_metadata+0xf1/0x160 [ 318.155027][ T7366] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 318.161031][ T7366] ? kmsan_get_metadata+0xf1/0x160 [ 318.166336][ T7366] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 318.172324][ T7366] ? batadv_interface_tx+0x61/0x1dd0 [ 318.177769][ T7366] ? filter_irq_stacks+0x49/0x190 [ 318.182950][ T7366] ? stack_depot_save_flags+0x35/0x790 [ 318.188547][ T7366] ? kmsan_get_metadata+0xf1/0x160 [ 318.193851][ T7366] __msan_warning+0x1b/0x30 [ 318.198513][ T7366] batadv_get_vid+0x2ce/0x3b0 [ 318.203352][ T7366] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 318.209349][ T7366] batadv_interface_tx+0x2e8/0x1dd0 [ 318.214714][ T7366] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 318.221226][ T7366] ? __pfx_batadv_interface_tx+0x10/0x10 [ 318.227034][ T7366] dev_hard_start_xmit+0x22f/0xa30 [ 318.232352][ T7366] __dev_queue_xmit+0x350d/0x5890 [ 318.237633][ T7366] ? skb_release_data+0xc1f/0xdf0 [ 318.242828][ T7366] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 318.249260][ T7366] ? kmsan_get_metadata+0xf1/0x160 [ 318.254556][ T7366] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 318.260577][ T7366] ? __dev_queue_xmit+0x27d/0x5890 [ 318.265899][ T7366] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 318.272422][ T7366] __bpf_redirect+0x162e/0x1760 [ 318.277409][ T7366] ? kmsan_get_metadata+0xf1/0x160 [ 318.282709][ T7366] bpf_clone_redirect+0x4a6/0x6c0 [ 318.287938][ T7366] ___bpf_prog_run+0x12af/0xeb60 [ 318.293093][ T7366] __bpf_prog_run512+0xc5/0x100 [ 318.298154][ T7366] ? kmsan_internal_poison_memory+0x78/0x90 [ 318.304224][ T7366] ? kmsan_internal_poison_memory+0x4a/0x90 [ 318.310377][ T7366] ? kmsan_slab_alloc+0xdc/0x160 [ 318.315492][ T7366] ? kmem_cache_alloc_noprof+0x967/0x1730 [ 318.321454][ T7366] ? slab_build_skb+0x5c/0x5a0 [ 318.326484][ T7366] ? bpf_prog_test_run_skb+0x750/0x3200 [ 318.332206][ T7366] ? bpf_prog_test_run+0x5bb/0x9f0 [ 318.337483][ T7366] ? __sys_bpf+0x873/0xeb0 [ 318.342078][ T7366] ? kmsan_get_metadata+0xf1/0x160 [ 318.347371][ T7366] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 318.353874][ T7366] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 318.360137][ T7366] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 318.366146][ T7366] ? kmsan_get_metadata+0xf1/0x160 [ 318.371442][ T7366] ? kmsan_get_metadata+0xf1/0x160 [ 318.376729][ T7366] ? kmsan_get_metadata+0xf1/0x160 [ 318.382028][ T7366] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 318.388533][ T7366] ? kmsan_get_metadata+0x146/0x160 [ 318.393912][ T7366] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 318.400011][ T7366] ? __pfx___bpf_prog_run512+0x10/0x10 [ 318.405691][ T7366] ? __pfx___bpf_prog_run512+0x10/0x10 [ 318.411311][ T7366] bpf_test_run+0x493/0xdf0 [ 318.415982][ T7366] ? kmsan_get_metadata+0xf1/0x160 [ 318.421298][ T7366] ? kmsan_get_metadata+0xf1/0x160 [ 318.426658][ T7366] ? bpf_test_run+0x2f4/0xdf0 [ 318.431541][ T7366] ? kmsan_get_metadata+0xf1/0x160 [ 318.436844][ T7366] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 318.442950][ T7366] bpf_prog_test_run_skb+0x2376/0x3200 [ 318.448617][ T7366] ? kmsan_get_metadata+0xf1/0x160 [ 318.453930][ T7366] ? __rcu_read_unlock+0x6c/0xd0 [ 318.459061][ T7366] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 318.465045][ T7366] bpf_prog_test_run+0x5bb/0x9f0 [ 318.470179][ T7366] __sys_bpf+0x873/0xeb0 [ 318.474638][ T7366] __x64_sys_bpf+0xa4/0xf0 [ 318.479217][ T7366] x64_sys_call+0x31c3/0x3e70 [ 318.484069][ T7366] do_syscall_64+0xc9/0xf80 [ 318.488729][ T7366] ? clear_bhb_loop+0x40/0x90 [ 318.493552][ T7366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.499603][ T7366] RIP: 0033:0x7fa43079aeb9 [ 318.504121][ T7366] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 318.523865][ T7366] RSP: 002b:00007fa4315da028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 318.532415][ T7366] RAX: ffffffffffffffda RBX: 00007fa430a15fa0 RCX: 00007fa43079aeb9 [ 318.540581][ T7366] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a [ 318.548645][ T7366] RBP: 00007fa430808c1f R08: 0000000000000000 R09: 0000000000000000 [ 318.556710][ T7366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 318.564779][ T7366] R13: 00007fa430a16038 R14: 00007fa430a15fa0 R15: 00007ffccfdd2d88 [ 318.572888][ T7366] [ 318.576393][ T7366] Kernel Offset: disabled [ 318.580776][ T7366] Rebooting in 86400 seconds..