last executing test programs: 5.460781592s ago: executing program 1 (id=282): unshare(0x40060480) r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) bpf$MAP_CREATE(0x600000000000000, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000001400010000000000000000000a00a100", @ANYRES32=r2, @ANYBLOB="14000100fff1ffffffffffffff0000000000000108000800020400"], 0x34}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="3400000014000b032bbd7000fcdbdf250a281000", @ANYRES32=r4, @ANYBLOB="080008000604000014000100ff"], 0x34}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x1}, 0x28) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/28, @ANYRES32, @ANYBLOB="0000000000000000950000000000000095"], &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x10}, 0x94) 4.969212752s ago: executing program 3 (id=284): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000efffffff850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) link(0x0, 0x0) 4.392341792s ago: executing program 3 (id=287): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000180)={[{@dioread_lock}, {@resgid}, {@mblk_io_submit}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resgid}, {@errors_remount}, {@grpid}, {@jqfmt_vfsv0}]}, 0xfc, 0x58f, &(0x7f0000002d00)="$eJzs3U1rXFUfAPD/nUzSNu3zNIVS1IUUurBSO2kSXyoI1pWIFgu6r0MyDSWTTslMShMLtgu7cSNFELEgfgD3LotfwE9R0EKREnQhQuRO7qTTZCavE2fS+f3gtufMuTfn/nPuOTln7gw3gL51Mv0nF/FiRHydRBxtKstHVnhyZb+lJ7cm0y2J5eVP/kgiyV5r7J9k/x/OMi9ExC9fRpzJra+3urA4UyyXS3NZfrQ2e320urB49upscbo0Xbo2PjFx/o2J8bfferNjsb566a/vPn7wwfmvTi19+9OjY/eSuBBHsrLmOHbhdnPmZPGfLDUYF9bsONaBynpJ0u0TYEcGsn4+GOkYcDQGsl4PPP++iIhloE8l+j/0qcY8oLG279A6eN94/N7KAqge+1Bz/PmV90biYH1tNLyUPLMySte7Ix2oP63j59/v30u32Ph9iEOb5AG25fadiDiXz68f/5Ns/Nu5c/U3jze2to5++/sD3fQgnf+81mr+l1ud/0SL+c/hFn13Jzbv/7lHHaimrXT+907L+e/q0DUykOX+V5/zDSZXrpZL5yLi/xFxOgYPpPmN7uecX3q43K6sef6Xbmn9jblgdh6P8geePWaqWCtGxNBu4m54fCfipXyr+JPV9k9atH/6+7i0xTpOlO6/3K5s8/j31vKPEa+0bP+nd7SSje9Pjtavh9HGVbHen3dP/Nqu/m7Hn7b/8MbxjyTN92ur26/jh4N/l9qVpfEP7+D6H0o+racbneBmsVabG4sYSj5a//r402Mb+cb+afynT63E/+xkJbfh9Z8uvj7bYvx3j99tu2svtP/Uttp/+4mHH37+fbv6tzb+vV5Pnc5eyca/1rJrZasnuNvfHwAAAAAAAPSSXEQciSRXWE3ncoXCyuc7jsdwrlyp1s5cqcxfm4r6d2VHYjDXuNN9tOnzEGPZ52Eb+fE1+YmIOBYR3wwcqucLk5XyVLeDBwAAAAAAAAAAAAAAAAAAgB5xuM33/1O/DXT77IA9V3+wwYFunwXQDZs+8r8TT3oCetKm/R94bun/0L/0f+hfa/t/R54sDOwL/v5D/9L/oX/p/9C/9H8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqEsXL6bb8tKTW5NpfurGwvxM5cbZqVJ1pjA7P1mYrMxdL0xXKtPlUmGyMrvZzytXKtfHxmP+5mitVK2NVhcWL89W5q/VLl+dLU6XLpcG/5OoAAAAAAAAAAAAAAAAAAAAYH+pLizOFMvl0txqIp+VzK0v6tPEu9ETp7GXAa7Y0eH5XolibxLvD/TEaewmcSdr3u0d1aUBCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABa+DcAAP//Rm0oPg==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000500)='kfree\x00', r2}, 0x18) bpf$MAP_CREATE(0x0, 0x0, 0x48) truncate(&(0x7f00000000c0)='./file1\x00', 0x8008) fallocate(r0, 0x10, 0x6, 0x10001) 4.168183215s ago: executing program 1 (id=288): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x589b}, 0x50) openat$nvram(0xffffffffffffff9c, &(0x7f0000000240), 0x4080, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@bsdgroups}, {@jqfmt_vfsv1}]}, 0xc1, 0x7e9, &(0x7f00000017c0)="$eJzs3c1rHG8dAPDvbF42SauJIGh7CggaKN2YGlsFDxEPIlgo6Nk2bLahZpMt2U1pQqDpQfAiqHgQ9NKzL/UgePXlqv+EeJAW0TRYT7oys7t53d0kbXa3/fXzgck8M/PMPPPN88yzz+4MuwF8sKbTP7mIKxHxwyRisrk+iYiRLDUcsdDI93p3u5hOSdTr3/pnkuX57aWDYyXN+aXmwqcj4o/fi7iWO17qeHNeLq03U7O11Yez1c2t6w9WF5dLy6W1m3Pz8zduffHWzZN7val//2Xr8ssfff1zv14Yjk89/8GfkliIy81te7vbxbc8/AnTMd38n4yk/8IjvnbRhQ1YMugT4I2kl+ZQ4yqPKzEZQ1mqg7e9AAGAd8KTiKgDAB+Y5LTX/yFDBAD4aGl9DrC3u11sTYP9RKK//vHViBhrxN+6v9nYMty8ZzeW3Qed2EuO3BlJImLqAsqfjoif/+47v0yn6NF9SIB2dp425nu7+WP9f5L2f6OnHyHfccvnu+1Wb+w3fWy1/g/65/fp+OdLJ8d/V/cf6BnL/h4b/4zl21y7b+L06z/3osOuZ+ibTpeO/75y6Nm2g/Hf/kNrU0PNpY9lY76R5P6Dcint2z4eETMxkk+X57Ks7Z+Cmnn131edyj88/vvXj7/7i7T8dH6QI/diOB/1xnN5/8vG60uLtcWLiD2L/2nE1eF28Sf749/kSP0v7Ed6p+NRj1bNN778/Z91ypnGn8bbmk7G31v1ZxGfbVv/B3WZdH0+cTZrDrOtRtHGb/7204lO5R/Ufz6bp+W33gv0Q1r/E93jn0pT1c2tlcVyubRePX8Zf342+YdO2w63//bxZ+3/iLT9jybfztKtlvZ4sVZbn4sYTb55cv2Ng31by638afwzn2l//bdv/42+IH1PeG9/qbvhl6O/ah6qbfyZnU7x91Ya/9K56r9Lot7c59im569XhjqVf7b6n89SM801Z+n/TjnTt2jNAAAAAAAAAAAAAAAAAAAAAAAAAHB+uYi4HEmusJ/O5QqFxm94fzImcuVKtXbtfmVjbSmy38qeipFc66suJw99H+pc8/vwW8s3ji1/ISI+ERE/yY9ny4Vipbw06OABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOnS0d//f5LOCoXGtr/nB312AEDPjA36BACAvvP6DwAfnvO9/o/37DwAgP459/v/etKbEwEA+ubMr//3enseAED/uP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAj925fTud6v/Z3S6my0uPNjdWKo+uL5WqK4XVjWKhWFl/WFiuVJbLpUKxstrxQDuNWblSeTgfaxuPZ2ulam22url1d7WysVa7+2B1cbl0tzTSt8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Oyqm1sri+VyaV2iS2K8NN45TxIRAz/D0xJpXV/kAYff0ZB3/jqSteuumWPqvWn8o13yJBdZ1vjxNYd7ifFBdE0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA74X/BwAA///YTBJy") openat(0xffffffffffffff9c, 0x0, 0x40042, 0x84) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) gettid() futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9) 3.825163542s ago: executing program 4 (id=289): bind$rds(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r0}, &(0x7f00000008c0), &(0x7f0000000880)=r1}, 0x20) sendmsg$rds(0xffffffffffffffff, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xf39a678f4eded7c2}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x50}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4008050) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xa, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 3.365475511s ago: executing program 3 (id=292): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) r2 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) bind$inet6(r0, 0x0, 0x0) listen(r1, 0x0) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) accept(r1, 0x0, 0x0) 3.093459691s ago: executing program 4 (id=293): r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)={0x24, r0, 0x1, 0x70bd27, 0x25dfdbff, {}, [@TIPC_NLA_LINK={0x10, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004811}, 0x8000) 3.027234376s ago: executing program 2 (id=294): rt_tgsigqueueinfo(0xffffffffffffffff, 0xffffffffffffffff, 0x32, 0x0) 2.939092783s ago: executing program 1 (id=295): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x6a, 0x3, 0x0, &(0x7f0000000000)=0xfffffffffffffd68) 2.842490786s ago: executing program 0 (id=296): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x40090) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x7fff}, 0x18) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc580000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000002c0003800c0000800800034000000002100000800c000180060001"], 0xbc}}, 0x40) 2.621650996s ago: executing program 2 (id=297): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18) unshare(0x6020400) r1 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) 2.55484691s ago: executing program 4 (id=298): unshare(0x40060480) r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) bpf$MAP_CREATE(0x600000000000000, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000001400010000000000000000000a00a100", @ANYRES32=r2, @ANYBLOB="14000100fff1ffffffffffffff0000000000000108000800020400"], 0x34}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="3400000014000b032bbd7000fcdbdf250a281000", @ANYRES32=r4, @ANYBLOB="080008000604000014000100ff"], 0x34}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x1}, 0x28) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/28, @ANYRES32, @ANYBLOB="0000000000000000950000000000000095"], &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x10}, 0x94) 2.46839475s ago: executing program 1 (id=299): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) write$tun(r0, &(0x7f0000010540)=ANY=[@ANYBLOB="001c86dd0700100000004000000060ec06000fc83c00fe8000000000000000000000000000aaff02000000000000000000"], 0xffe) 2.375356008s ago: executing program 0 (id=300): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000005c0)='kfree_skb\x00', r1}, 0x18) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r2, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, 0x0}, 0x0) 1.946639173s ago: executing program 0 (id=301): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41001, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) pipe2$9p(0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==") write$binfmt_script(0xffffffffffffffff, &(0x7f00000004c0), 0x208e24b) 1.83203623s ago: executing program 3 (id=302): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf) syz_usb_connect(0x2, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x1b) 1.612758827s ago: executing program 2 (id=303): bind$rds(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r0}, &(0x7f00000008c0), &(0x7f0000000880)=r1}, 0x20) sendmsg$rds(0xffffffffffffffff, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xf39a678f4eded7c2}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x50}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4008050) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xa, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.514565517s ago: executing program 4 (id=304): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94) 1.33127774s ago: executing program 1 (id=305): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TCSETAF(r1, 0x5408, 0x0) write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e) r2 = syz_open_pts(r1, 0x0) r3 = dup3(r2, r1, 0x0) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x17) 1.251869646s ago: executing program 0 (id=306): bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61153c00000000006113340000000000bf5000000000000007000000ee0016055e030100000000002505ffffffb0000069163e0000000000bf0700000000000026050700c0ffffff6706000020000000140600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2474ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x4, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94) 1.149267675s ago: executing program 4 (id=307): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090240000000000000010100000008000600ac", @ANYRES32], 0x34}, 0x1, 0x0, 0x0, 0x4008080}, 0x10) 925.651332ms ago: executing program 2 (id=308): r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)={0x24, r0, 0x1, 0x70bd27, 0x25dfdbff, {}, [@TIPC_NLA_LINK={0x10, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004811}, 0x8000) 700.816991ms ago: executing program 3 (id=309): r0 = socket(0x1d, 0x2, 0x6) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x6a, 0x3, 0x0, 0x0) 562.765448ms ago: executing program 0 (id=310): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x40090) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc580000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000002c0003800c0000800800034000000002100000800c000180060001"], 0xbc}}, 0x40) 552.181243ms ago: executing program 2 (id=311): syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$nfc_llcp(r0, &(0x7f0000000080)={0x27, 0x0, 0x0, 0x7, 0x0, 0xa, "750538d1ee602ec4802a04ea7cdcd151bb2cd9893bc31f80718336d9bd3517076db9ad1f6a120d8be6d7f81cd81ec275000386e7d95f0669b740a5418d69d0", 0xffffffffffffe}, 0x60) r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$nfc_llcp(r1, &(0x7f0000000080)={0x27, 0x0, 0x0, 0x7, 0x0, 0x6, "750538d1ee602ec4802a04ea7cdcd151bb2cd9893bc31f80718336d9bd3517076db9ad1f6a120d8be6d7f81cd81ec275000386e7d95f0669b740a5418d69d0", 0x1000000000003f}, 0x60) 469.077607ms ago: executing program 4 (id=312): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) r2 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) bind$inet6(r0, 0x0, 0x0) listen(r1, 0x0) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) accept(r1, 0x0, 0x0) 200.014945ms ago: executing program 0 (id=313): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) keyctl$setperm(0x5, 0x0, 0x20400) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f0000000040)=0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001ac0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010023010000340200000200000008000100", @ANYRES32=r2], 0x1c}}, 0x0) write$nci(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="610304dd32604194f4617ffa080602060912c90e2fb26b3d4fd2be1e"], 0x1c) 86.654465ms ago: executing program 3 (id=314): bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18) sendmsg$NFT_MSG_GETCHAIN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x8000) r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f00000003c0)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', 0x0}}, 0x120) write$UHID_DESTROY(r0, &(0x7f0000000080), 0x4) 86.431582ms ago: executing program 1 (id=315): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) write$tun(r0, &(0x7f0000010540)=ANY=[@ANYBLOB="001c86dd0700100000004000000060ec06000fc83c00fe8000000000000000000000000000aaff02000000000000000000"], 0xffe) 0s ago: executing program 2 (id=316): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41001, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) pipe2$9p(0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==") write$binfmt_script(0xffffffffffffffff, &(0x7f00000004c0), 0x208e24b) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.12' (ED25519) to the list of known hosts. [ 193.467843][ T5783] cgroup: Unknown subsys name 'net' [ 193.601654][ T5783] cgroup: Unknown subsys name 'cpuset' [ 193.619435][ T5783] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 200.561461][ T5783] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 205.752019][ T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 205.854082][ T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 205.864013][ T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 205.879770][ T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 205.892132][ T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 206.128376][ T50] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 206.139397][ T50] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 206.149102][ T50] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 206.163178][ T50] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 206.175032][ T50] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 206.495910][ T5802] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 206.544820][ T50] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 206.563488][ T5812] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 206.617449][ T5812] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 206.627163][ T5812] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 206.639291][ T5812] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 206.692503][ T50] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 206.703338][ T5815] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 206.714933][ T50] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 206.772008][ T50] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 206.794113][ T50] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 206.813981][ T50] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 206.834308][ T5098] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 206.881776][ T50] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 206.897349][ T50] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 207.567883][ T5803] chnl_net:caif_netlink_parms(): no params data found [ 207.683351][ T5799] chnl_net:caif_netlink_parms(): no params data found [ 208.270378][ T5812] Bluetooth: hci1: command tx timeout [ 208.276061][ T5812] Bluetooth: hci0: command tx timeout [ 208.607479][ T5803] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.615393][ T5803] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.623395][ T5803] bridge_slave_0: entered allmulticast mode [ 208.633886][ T5803] bridge_slave_0: entered promiscuous mode [ 208.757441][ T5803] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.765248][ T5803] bridge0: port 2(bridge_slave_1) entered disabled state [ 208.773079][ T5803] bridge_slave_1: entered allmulticast mode [ 208.782077][ T5803] bridge_slave_1: entered promiscuous mode [ 208.830230][ T5812] Bluetooth: hci3: command tx timeout [ 208.919737][ T5812] Bluetooth: hci2: command tx timeout [ 209.000330][ T5812] Bluetooth: hci4: command tx timeout [ 209.009699][ T5810] chnl_net:caif_netlink_parms(): no params data found [ 209.037444][ T5799] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.048954][ T5799] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.057183][ T5799] bridge_slave_0: entered allmulticast mode [ 209.067035][ T5799] bridge_slave_0: entered promiscuous mode [ 209.114057][ T5799] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.126938][ T5799] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.134771][ T5799] bridge_slave_1: entered allmulticast mode [ 209.144639][ T5799] bridge_slave_1: entered promiscuous mode [ 209.166593][ T5803] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 209.244901][ T5814] chnl_net:caif_netlink_parms(): no params data found [ 209.274931][ T5803] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 209.395126][ T5807] chnl_net:caif_netlink_parms(): no params data found [ 209.474150][ T5799] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 209.637177][ T5799] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 209.735379][ T5803] team0: Port device team_slave_0 added [ 209.863417][ T5803] team0: Port device team_slave_1 added [ 210.069491][ T5810] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.077257][ T5810] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.085310][ T5810] bridge_slave_0: entered allmulticast mode [ 210.095167][ T5810] bridge_slave_0: entered promiscuous mode [ 210.119215][ T5799] team0: Port device team_slave_0 added [ 210.130484][ T5810] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.138035][ T5810] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.146074][ T5810] bridge_slave_1: entered allmulticast mode [ 210.156065][ T5810] bridge_slave_1: entered promiscuous mode [ 210.270701][ T5799] team0: Port device team_slave_1 added [ 210.296589][ T5803] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 210.304008][ T5803] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 210.330384][ T5803] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 210.382938][ T5812] Bluetooth: hci0: command tx timeout [ 210.386150][ T50] Bluetooth: hci1: command tx timeout [ 210.588570][ T5803] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 210.596059][ T5803] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 210.624374][ T5803] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 210.682478][ T5810] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 210.692399][ T5807] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.700289][ T5807] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.707960][ T5807] bridge_slave_0: entered allmulticast mode [ 210.717651][ T5807] bridge_slave_0: entered promiscuous mode [ 210.733729][ T5807] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.745181][ T5807] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.753186][ T5807] bridge_slave_1: entered allmulticast mode [ 210.763069][ T5807] bridge_slave_1: entered promiscuous mode [ 210.845213][ T5810] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 210.910115][ T50] Bluetooth: hci3: command tx timeout [ 210.985232][ T5799] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 210.993039][ T5799] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 211.000357][ T50] Bluetooth: hci2: command tx timeout [ 211.019607][ T5799] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 211.070343][ T50] Bluetooth: hci4: command tx timeout [ 211.186143][ T5799] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 211.193502][ T5799] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 211.220863][ T5799] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 211.273041][ T5810] team0: Port device team_slave_0 added [ 211.280737][ T5814] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.288285][ T5814] bridge0: port 1(bridge_slave_0) entered disabled state [ 211.296176][ T5814] bridge_slave_0: entered allmulticast mode [ 211.307386][ T5814] bridge_slave_0: entered promiscuous mode [ 211.332735][ T5807] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 211.370856][ T5807] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 211.400811][ T5803] hsr_slave_0: entered promiscuous mode [ 211.412007][ T5803] hsr_slave_1: entered promiscuous mode [ 211.478999][ T5810] team0: Port device team_slave_1 added [ 211.552630][ T5807] team0: Port device team_slave_0 added [ 211.564787][ T5814] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.574400][ T5814] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.582437][ T5814] bridge_slave_1: entered allmulticast mode [ 211.592647][ T5814] bridge_slave_1: entered promiscuous mode [ 211.715720][ T5807] team0: Port device team_slave_1 added [ 211.952154][ T5814] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 212.009708][ T5799] hsr_slave_0: entered promiscuous mode [ 212.018877][ T5799] hsr_slave_1: entered promiscuous mode [ 212.027500][ T5799] debugfs: 'hsr0' already exists in 'hsr' [ 212.033475][ T5799] Cannot create hsr debugfs directory [ 212.042490][ T5810] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 212.049633][ T5810] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 212.076287][ T5810] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 212.134489][ T5814] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 212.162342][ T5810] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 212.169499][ T5810] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 212.195938][ T5810] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 212.214646][ T5807] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 212.221948][ T5807] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 212.248306][ T5807] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 212.417569][ T5807] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 212.424891][ T5807] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 212.430372][ T50] Bluetooth: hci1: command tx timeout [ 212.451537][ T5807] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 212.456852][ T50] Bluetooth: hci0: command tx timeout [ 212.633232][ T5814] team0: Port device team_slave_0 added [ 212.653065][ T5814] team0: Port device team_slave_1 added [ 212.990697][ T50] Bluetooth: hci3: command tx timeout [ 213.012016][ T5810] hsr_slave_0: entered promiscuous mode [ 213.022812][ T5810] hsr_slave_1: entered promiscuous mode [ 213.031245][ T5810] debugfs: 'hsr0' already exists in 'hsr' [ 213.037267][ T5810] Cannot create hsr debugfs directory [ 213.046085][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 213.053390][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 213.079884][ T5814] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 213.080652][ T50] Bluetooth: hci2: command tx timeout [ 213.097723][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 213.105178][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 213.131652][ T5814] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 213.160429][ T50] Bluetooth: hci4: command tx timeout [ 213.268435][ T5807] hsr_slave_0: entered promiscuous mode [ 213.277797][ T5807] hsr_slave_1: entered promiscuous mode [ 213.286509][ T5807] debugfs: 'hsr0' already exists in 'hsr' [ 213.292495][ T5807] Cannot create hsr debugfs directory [ 213.697844][ T5814] hsr_slave_0: entered promiscuous mode [ 213.707938][ T5814] hsr_slave_1: entered promiscuous mode [ 213.716668][ T5814] debugfs: 'hsr0' already exists in 'hsr' [ 213.722698][ T5814] Cannot create hsr debugfs directory [ 214.268577][ T5803] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 214.291089][ T5803] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 214.421430][ T5803] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 214.509289][ T5803] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 214.516413][ T50] Bluetooth: hci0: command tx timeout [ 214.520524][ T50] Bluetooth: hci1: command tx timeout [ 214.895137][ T5799] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 214.925862][ T5799] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 214.948641][ T5799] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 214.991872][ T5799] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 215.090368][ T50] Bluetooth: hci3: command tx timeout [ 215.118212][ T5814] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 215.152273][ T50] Bluetooth: hci2: command tx timeout [ 215.227983][ T5814] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 215.237627][ T50] Bluetooth: hci4: command tx timeout [ 215.262080][ T5814] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 215.336958][ T5814] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 215.388567][ T5807] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 215.467809][ T5807] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 215.525558][ T5807] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 215.625231][ T5807] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 215.774747][ T5810] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 215.827025][ T5810] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 215.886977][ T5810] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 215.955309][ T5810] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 216.374349][ T5803] 8021q: adding VLAN 0 to HW filter on device bond0 [ 216.418115][ T5799] 8021q: adding VLAN 0 to HW filter on device bond0 [ 216.565947][ T5803] 8021q: adding VLAN 0 to HW filter on device team0 [ 216.612856][ T4413] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.620579][ T4413] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.719032][ T4413] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.726527][ T4413] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.757910][ T5799] 8021q: adding VLAN 0 to HW filter on device team0 [ 216.812998][ T5814] 8021q: adding VLAN 0 to HW filter on device bond0 [ 216.974812][ T4413] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.982514][ T4413] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.082653][ T5807] 8021q: adding VLAN 0 to HW filter on device bond0 [ 217.113798][ T4413] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.121484][ T4413] bridge0: port 2(bridge_slave_1) entered forwarding state [ 217.220699][ T5814] 8021q: adding VLAN 0 to HW filter on device team0 [ 217.304808][ T4413] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.312513][ T4413] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.343132][ T4413] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.350872][ T4413] bridge0: port 2(bridge_slave_1) entered forwarding state [ 217.429075][ T5807] 8021q: adding VLAN 0 to HW filter on device team0 [ 217.577676][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.585405][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.708575][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.716299][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 217.752758][ T5810] 8021q: adding VLAN 0 to HW filter on device bond0 [ 218.084863][ T5810] 8021q: adding VLAN 0 to HW filter on device team0 [ 218.222981][ T4160] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.230673][ T4160] bridge0: port 1(bridge_slave_0) entered forwarding state [ 218.412233][ T4160] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.420247][ T4160] bridge0: port 2(bridge_slave_1) entered forwarding state [ 219.848221][ T5803] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 219.942890][ T5799] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 220.102758][ T5814] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 220.542326][ T5799] veth0_vlan: entered promiscuous mode [ 220.611812][ T5803] veth0_vlan: entered promiscuous mode [ 220.645736][ T5807] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 220.751441][ T5799] veth1_vlan: entered promiscuous mode [ 220.791272][ T5803] veth1_vlan: entered promiscuous mode [ 220.836167][ T5814] veth0_vlan: entered promiscuous mode [ 220.919335][ T5810] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 221.016897][ T5814] veth1_vlan: entered promiscuous mode [ 221.141367][ T5799] veth0_macvtap: entered promiscuous mode [ 221.269675][ T5803] veth0_macvtap: entered promiscuous mode [ 221.296052][ T5799] veth1_macvtap: entered promiscuous mode [ 221.454060][ T5803] veth1_macvtap: entered promiscuous mode [ 221.502880][ T5810] veth0_vlan: entered promiscuous mode [ 221.512865][ T5814] veth0_macvtap: entered promiscuous mode [ 221.563197][ T5799] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 221.575677][ T5814] veth1_macvtap: entered promiscuous mode [ 221.701359][ T5799] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 221.718611][ T5810] veth1_vlan: entered promiscuous mode [ 221.757864][ T5803] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 221.845650][ T4413] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.897230][ T4413] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.908156][ T4413] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.940621][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 221.968874][ T5803] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 221.985187][ T4413] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.036620][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 222.121658][ T4413] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.165407][ T4032] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.274561][ T4032] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.297278][ T5810] veth0_macvtap: entered promiscuous mode [ 222.316539][ T4032] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.370662][ T59] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.399242][ T5810] veth1_macvtap: entered promiscuous mode [ 222.446130][ T59] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.478083][ T59] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.540584][ T59] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.584152][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 222.707211][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 222.809036][ T4346] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.890261][ T4346] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.960853][ T4346] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.988577][ T4346] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.506171][ T5807] veth0_vlan: entered promiscuous mode [ 223.619499][ T5807] veth1_vlan: entered promiscuous mode [ 223.992887][ T5807] veth0_macvtap: entered promiscuous mode [ 224.051447][ T5807] veth1_macvtap: entered promiscuous mode [ 224.286582][ T5807] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 224.380487][ T5807] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 224.469426][ T4413] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.533544][ T4413] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.581035][ T4160] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.613329][ T4346] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.843011][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.853265][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.214129][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.222290][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.266127][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.274403][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.332685][ T3897] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.341466][ T3897] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.640000][ T4346] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.648100][ T4346] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.665741][ T5799] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 229.865934][ T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.874170][ T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 230.199300][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.208047][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 230.331491][ T5983] loop3: detected capacity change from 0 to 512 [ 230.634811][ T4032] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.643176][ T4032] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 230.961230][ T5983] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 230.977560][ T5983] ext4 filesystem being mounted at /0/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 232.387156][ T30] audit: type=1800 audit(1763071820.700:2): pid=5983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 232.407923][ T30] audit: type=1800 audit(1763071820.700:3): pid=5993 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 232.530367][ T5991] mmap: syz.1.2 (5991) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 232.695489][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.182212][ T4032] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.195140][ T4032] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.471581][ T6000] ------------[ cut here ]------------ [ 233.477327][ T6000] verifier bug: REG INVARIANTS VIOLATION (true_reg1): range bounds violation u64=[0xffffdfcd, 0xffffffffffffdfcc] s64=[0x80000000ffffdfcd, 0x7fffffffffffdfcc] u32=[0xffffdfcd, 0xffffdfcc] s32=[0xffffdfcd, 0xffffdfcc] var_off=(0xffffdfcc, 0xffffffff00000000) [ 233.506617][ T6000] WARNING: CPU: 1 PID: 6000 at kernel/bpf/verifier.c:2721 reg_bounds_sanity_check+0xb26/0x14b0 [ 233.518629][ T6000] Modules linked in: [ 233.523051][ T6000] CPU: 1 UID: 0 PID: 6000 Comm: syz.0.1 Not tainted syzkaller #0 PREEMPT(none) [ 233.532661][ T6000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 233.543206][ T6000] RIP: 0010:reg_bounds_sanity_check+0xb26/0x14b0 [ 233.547221][ T4821] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.563997][ T6000] Code: ff ff ff b5 20 ff ff ff ff b5 18 ff ff ff ff b5 48 ff ff ff ff b5 10 ff ff ff ff b5 08 ff ff ff e8 bf 77 ff fe 48 83 c4 38 90 <0f> 0b 90 90 4c 8b bd 70 ff ff ff e9 83 f8 ff ff 8b 3a e8 83 ee 7b [ 233.564143][ T6000] RSP: 0018:ffff888051462f18 EFLAGS: 00010286 [ 233.564269][ T6000] RAX: ffffffff8120833e RBX: ffff8880251bc230 RCX: 0000000000080000 [ 233.564385][ T6000] RDX: ffffc90009c07000 RSI: 0000000000003a1b RDI: 0000000000003a1c [ 233.564502][ T6000] RBP: ffff888051463098 R08: ffffea000000000f R09: 0000000000000000 [ 233.564614][ T6000] R10: ffff888237aba028 R11: ffff88823f272d80 R12: 0000000000000000 [ 233.564723][ T6000] R13: ffff8880252faca0 R14: 0000000000000000 R15: 0000000000000000 [ 233.564829][ T6000] FS: 00007f4cd1a0d6c0(0000) GS:ffff8881aae51000(0000) knlGS:0000000000000000 [ 233.564957][ T6000] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.565056][ T6000] CR2: 000000110c57b2c7 CR3: 0000000050a6c000 CR4: 00000000003526f0 [ 233.565158][ T6000] Call Trace: [ 233.565221][ T6000] [ 233.565293][ T6000] ? kmsan_get_metadata+0xfb/0x160 [ 233.565561][ T6000] reg_set_min_max+0x267/0x440 [ 233.565763][ T6000] check_cond_jmp_op+0x3c34/0x5410 [ 233.566028][ T6000] do_check+0x233c/0x16a70 [ 233.566252][ T6000] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 233.566435][ T6000] ? kmsan_get_metadata+0xfb/0x160 [ 233.566729][ T6000] do_check_common+0x2021/0x31f0 [ 233.566952][ T6000] bpf_check+0x5d49/0x2a200 [ 233.567191][ T6000] ? pcpu_block_update_hint_alloc+0x12df/0x1390 [ 233.567433][ T6000] ? kmsan_get_metadata+0x150/0x160 [ 233.567606][ T6000] ? kmsan_get_metadata+0xfb/0x160 [ 233.567780][ T6000] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 233.568018][ T6000] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 233.568230][ T6000] ? kmsan_get_metadata+0xfb/0x160 [ 233.568405][ T6000] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 233.568601][ T6000] ? kmsan_get_metadata+0xfb/0x160 [ 233.568774][ T6000] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 233.568951][ T6000] ? strncpy_from_user+0x101/0x470 [ 233.569100][ T6000] ? filter_irq_stacks+0x49/0x190 [ 233.569327][ T6000] ? stack_depot_save_flags+0x35/0x7b0 [ 233.569513][ T6000] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 233.589346][ T4821] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.817539][ T6000] ? kmsan_get_metadata+0xfb/0x160 [ 233.824228][ T6000] ? kmsan_get_metadata+0xfb/0x160 [ 233.829676][ T6000] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 233.836526][ T6000] ? kmsan_get_metadata+0xfb/0x160 [ 233.842291][ T6000] ? kmsan_get_metadata+0xfb/0x160 [ 233.847702][ T6000] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 233.854054][ T6000] bpf_prog_load+0x2af2/0x3040 [ 233.857335][ T5157] udevd[5157]: worker [5977] terminated by signal 33 (Unknown signal 33) [ 233.859123][ T6000] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 233.875224][ T6000] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 233.881881][ T6000] ? security_bpf+0x88/0x620 [ 233.886740][ T6000] ? _copy_from_user+0xcb/0x100 [ 233.892140][ T6000] __sys_bpf+0x7df/0xeb0 [ 233.896711][ T6000] __x64_sys_bpf+0xa4/0xf0 [ 233.901787][ T6000] x64_sys_call+0x3550/0x3e30 [ 233.910181][ T6000] do_syscall_64+0xd9/0xfa0 [ 233.915024][ T6000] ? irqentry_exit+0x16/0x60 [ 233.921130][ T6000] ? clear_bhb_loop+0x40/0x90 [ 233.926112][ T6000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.932617][ T6000] RIP: 0033:0x7f4cd0b8f6c9 [ 233.937278][ T6000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 233.957535][ T6000] RSP: 002b:00007f4cd1a0d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 233.966666][ T6000] RAX: ffffffffffffffda RBX: 00007f4cd0de6090 RCX: 00007f4cd0b8f6c9 [ 233.975126][ T6000] RDX: 0000000000000049 RSI: 0000200000000140 RDI: 0000000000000005 [ 233.983630][ T6000] RBP: 00007f4cd0c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 233.986759][ T5157] udevd[5157]: worker [5977] failed while handling '/devices/virtual/block/loop3' [ 233.992043][ T6000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 233.992143][ T6000] R13: 00007f4cd0de6128 R14: 00007f4cd0de6090 R15: 00007ffe8bc1ae48 [ 233.992295][ T6000] [ 234.029603][ T6000] ---[ end trace 0000000000000000 ]--- [ 234.867435][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 234.874463][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 235.448425][ T6002] loop1: detected capacity change from 0 to 8192 [ 235.486827][ T6002] ======================================================= [ 235.486827][ T6002] WARNING: The mand mount option has been deprecated and [ 235.486827][ T6002] and is ignored by this kernel. Remove the mand [ 235.486827][ T6002] option from the mount to silence this warning. [ 235.486827][ T6002] ======================================================= [ 242.137116][ T6043] loop0: detected capacity change from 0 to 164 [ 242.501695][ T6043] process 'syz.0.24' launched '/dev/fd/6' with NULL argv: empty string added [ 242.537178][ T6043] syz.0.24: attempt to access beyond end of device [ 242.537178][ T6043] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 242.551792][ T6043] syz.0.24: attempt to access beyond end of device [ 242.551792][ T6043] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 244.443368][ T30] audit: type=1326 audit(1763071832.680:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.3.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 244.472987][ T30] audit: type=1326 audit(1763071832.710:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.3.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 244.497463][ T30] audit: type=1326 audit(1763071832.710:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.3.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 244.520397][ T30] audit: type=1326 audit(1763071832.750:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.3.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 244.542967][ T30] audit: type=1326 audit(1763071832.750:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.3.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 244.957173][ T30] audit: type=1326 audit(1763071832.900:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.3.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 244.998396][ T30] audit: type=1326 audit(1763071832.910:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.3.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 245.031636][ T30] audit: type=1326 audit(1763071832.960:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.3.30" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 245.781196][ T6059] netlink: 'syz.0.29': attribute type 29 has an invalid length. [ 245.866541][ T6059] netlink: 'syz.0.29': attribute type 29 has an invalid length. [ 245.896972][ T6059] netlink: 500 bytes leftover after parsing attributes in process `syz.0.29'. [ 245.898267][ T6059] unsupported nla_type 58 [ 247.676950][ T6066] loop3: detected capacity change from 0 to 2048 [ 247.880617][ T6066] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 248.503989][ T6077] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 248.563195][ T6077] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 324 with error 28 [ 248.576704][ T6077] EXT4-fs (loop3): This should not happen!! Data will be lost [ 248.576704][ T6077] [ 248.586936][ T6077] EXT4-fs (loop3): Total free blocks count 0 [ 248.593558][ T6077] EXT4-fs (loop3): Free/Dirty block details [ 248.599682][ T6077] EXT4-fs (loop3): free_blocks=2415919104 [ 248.605947][ T6077] EXT4-fs (loop3): dirty_blocks=336 [ 248.612171][ T6077] EXT4-fs (loop3): Block reservation details [ 248.618373][ T6077] EXT4-fs (loop3): i_reserved_data_blocks=21 [ 248.984856][ T6090] program syz.1.41 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 249.477478][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 250.091001][ T6095] tipc: Enabling of bearer rejected, failed to enable media [ 252.620702][ T6107] netlink: 'syz.4.45': attribute type 29 has an invalid length. [ 252.690967][ T6114] netlink: 'syz.4.45': attribute type 29 has an invalid length. [ 252.733849][ T6107] netlink: 500 bytes leftover after parsing attributes in process `syz.4.45'. [ 252.900265][ T6116] syz.0.48 uses obsolete (PF_INET,SOCK_PACKET) [ 253.597703][ T6125] loop4: detected capacity change from 0 to 512 [ 253.642963][ T6125] EXT4-fs: Ignoring removed i_version option [ 253.649250][ T6125] EXT4-fs: Ignoring removed bh option [ 253.841760][ T6125] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 253.992391][ T6125] ext4 filesystem being mounted at /7/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 254.045214][ T6137] program syz.0.54 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 254.089468][ T6130] loop2: detected capacity change from 0 to 512 [ 254.187626][ T6130] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 254.271597][ T6133] loop3: detected capacity change from 0 to 2048 [ 254.317660][ T6130] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 254.394383][ T6130] EXT4-fs (loop2): orphan cleanup on readonly fs [ 254.560834][ T6133] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 254.640965][ T6130] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.55: corrupted inode contents [ 254.715507][ T6130] EXT4-fs (loop2): Remounting filesystem read-only [ 254.766727][ T6130] EXT4-fs (loop2): 1 truncate cleaned up [ 254.776198][ T14] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 254.787115][ T14] Quota error (device loop2): write_blk: dquota write failed [ 254.802014][ T14] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries [ 254.815536][ T14] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 254.826514][ T14] Quota error (device loop2): write_blk: dquota write failed [ 254.834231][ T14] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list [ 254.845304][ T14] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started [ 254.855705][ T14] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 254.865272][ T14] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 255.054396][ T6130] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 255.067448][ T6146] tipc: Started in network mode [ 255.072892][ T6146] tipc: Node identity 3edb77771a5a, cluster identity 4711 [ 255.081843][ T6146] tipc: Enabled bearer , priority 0 [ 255.091740][ T6145] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 255.147416][ T6149] syzkaller0: entered promiscuous mode [ 255.153625][ T6149] syzkaller0: entered allmulticast mode [ 255.170918][ T6145] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 262 with error 28 [ 255.183725][ T6145] EXT4-fs (loop3): This should not happen!! Data will be lost [ 255.183725][ T6145] [ 255.193793][ T6145] EXT4-fs (loop3): Total free blocks count 0 [ 255.200303][ T6145] EXT4-fs (loop3): Free/Dirty block details [ 255.213642][ T6145] EXT4-fs (loop3): free_blocks=2415919104 [ 255.219616][ T6145] EXT4-fs (loop3): dirty_blocks=272 [ 255.227627][ T6145] EXT4-fs (loop3): Block reservation details [ 255.234070][ T6145] EXT4-fs (loop3): i_reserved_data_blocks=17 [ 255.277884][ T6146] tipc: Resetting bearer [ 255.362929][ T5803] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.441568][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.455216][ T6144] tipc: Resetting bearer [ 255.492334][ T6144] tipc: Disabling bearer [ 255.507156][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 256.751885][ T6167] netlink: 20 bytes leftover after parsing attributes in process `syz.0.64'. [ 257.098590][ T30] audit: type=1326 audit(1763071845.400:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6170 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5b78f6c9 code=0x7ffc0000 [ 257.121591][ T30] audit: type=1326 audit(1763071845.410:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6170 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7f3d5b78f6c9 code=0x7ffc0000 [ 257.144211][ T30] audit: type=1326 audit(1763071845.410:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6170 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5b78f6c9 code=0x7ffc0000 [ 257.172661][ T30] audit: type=1326 audit(1763071845.470:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6170 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5b78f6c9 code=0x7ffc0000 [ 257.742480][ T6177] program syz.0.68 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 258.124561][ T6181] loop1: detected capacity change from 0 to 512 [ 258.248922][ T6181] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 258.333737][ T6181] EXT4-fs (loop1): orphan cleanup on readonly fs [ 258.449491][ T6181] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.70: corrupted inode contents [ 258.463922][ T6181] EXT4-fs (loop1): Remounting filesystem read-only [ 258.471740][ T6181] EXT4-fs (loop1): 1 truncate cleaned up [ 258.487119][ T4032] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 258.500755][ T4032] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 258.515490][ T4032] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started [ 258.552472][ T6181] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 259.037661][ T5814] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.767565][ T6200] loop2: detected capacity change from 0 to 2048 [ 260.006617][ T6206] loop0: detected capacity change from 0 to 1024 [ 260.042525][ T6200] Alternate GPT is invalid, using primary GPT. [ 260.050762][ T6200] loop2: p2 p3 p7 [ 260.203907][ T6206] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 260.216782][ T6206] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 260.447960][ T30] kauditd_printk_skb: 7 callbacks suppressed [ 260.448039][ T30] audit: type=1800 audit(1763071848.760:17): pid=6206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.80" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 260.779545][ T4346] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:25: bg 0: block 112: padding at end of block bitmap is not set [ 260.882512][ T4346] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28 [ 260.895793][ T4346] EXT4-fs (loop0): This should not happen!! Data will be lost [ 260.895793][ T4346] [ 260.906463][ T4346] EXT4-fs (loop0): Total free blocks count 0 [ 260.912972][ T4346] EXT4-fs (loop0): Free/Dirty block details [ 260.919080][ T4346] EXT4-fs (loop0): free_blocks=0 [ 260.924450][ T4346] EXT4-fs (loop0): dirty_blocks=16 [ 260.929994][ T4346] EXT4-fs (loop0): Block reservation details [ 260.936169][ T4346] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 260.965557][ T6060] udevd[6060]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 261.010180][ T6217] loop4: detected capacity change from 0 to 512 [ 261.028433][ T6017] udevd[6017]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 261.101037][ T6218] udevd[6218]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory [ 261.130903][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 261.198246][ T6217] EXT4-fs (loop4): orphan cleanup on readonly fs [ 261.241309][ T6217] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.83: bad orphan inode 13 [ 261.297837][ T6217] ext4_test_bit(bit=12, block=18) = 1 [ 261.303729][ T6217] is_bad_inode(inode)=0 [ 261.308291][ T6217] NEXT_ORPHAN(inode)=2130706432 [ 261.313665][ T6217] max_ino=32 [ 261.317040][ T6217] i_nlink=1 [ 261.323119][ T6217] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 261.366060][ T6217] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 261.504460][ T6217] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.83: bg 0: block 248: padding at end of block bitmap is not set [ 261.538093][ T6217] Quota error (device loop4): write_blk: dquota write failed [ 261.546362][ T6217] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 261.560626][ T6217] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.83: Failed to acquire dquot type 1 [ 261.659018][ T6217] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 261.823501][ T6226] loop3: detected capacity change from 0 to 512 [ 261.960497][ T6226] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 262.051439][ T6226] EXT4-fs (loop3): orphan cleanup on readonly fs [ 262.208012][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.252743][ T6226] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.87: corrupted inode contents [ 262.324672][ T6226] EXT4-fs (loop3): Remounting filesystem read-only [ 262.327445][ T6227] loop0: detected capacity change from 0 to 2048 [ 262.368446][ T6226] EXT4-fs (loop3): 1 truncate cleaned up [ 262.393650][ T3897] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 262.404594][ T3897] Quota error (device loop3): write_blk: dquota write failed [ 262.413047][ T3897] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries [ 262.423376][ T3897] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 262.434367][ T3897] Quota error (device loop3): write_blk: dquota write failed [ 262.442066][ T3897] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list [ 262.452556][ T3897] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started [ 262.463378][ T3897] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 262.479613][ T3897] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 262.669454][ T6226] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 262.752924][ T6227] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 263.097156][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 263.423370][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 264.382729][ T6245] loop4: detected capacity change from 0 to 1024 [ 266.183317][ T6245] Quota error (device loop4): do_check_range: Getting block 64 out of range 1-5 [ 266.193670][ T6245] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 266.203937][ T6245] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.92: Failed to acquire dquot type 0 [ 266.483522][ T6245] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 266.499126][ T6245] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #13: comm syz.4.92: corrupted inode contents [ 266.664191][ T6254] loop2: detected capacity change from 0 to 1024 [ 266.750888][ T6245] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #13: comm syz.4.92: mark_inode_dirty error [ 266.912058][ T6245] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #13: comm syz.4.92: corrupted inode contents [ 267.061131][ T6245] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #13: comm syz.4.92: mark_inode_dirty error [ 267.123382][ T6245] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #13: comm syz.4.92: corrupted inode contents [ 267.211156][ T6245] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 267.228189][ T6254] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 267.242242][ T6254] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 267.310962][ T6245] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #13: comm syz.4.92: corrupted inode contents [ 267.387557][ T6245] EXT4-fs error (device loop4): ext4_truncate:4637: inode #13: comm syz.4.92: mark_inode_dirty error [ 267.461705][ T6245] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 267.511053][ T30] audit: type=1800 audit(1763071855.820:18): pid=6254 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.95" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 267.561892][ T6245] EXT4-fs (loop4): 1 truncate cleaned up [ 267.570534][ T6245] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 267.972462][ T1125] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:7: bg 0: block 112: padding at end of block bitmap is not set [ 268.039202][ T1125] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28 [ 268.054726][ T1125] EXT4-fs (loop2): This should not happen!! Data will be lost [ 268.054726][ T1125] [ 268.065015][ T1125] EXT4-fs (loop2): Total free blocks count 0 [ 268.071369][ T1125] EXT4-fs (loop2): Free/Dirty block details [ 268.077469][ T1125] EXT4-fs (loop2): free_blocks=0 [ 268.083183][ T1125] EXT4-fs (loop2): dirty_blocks=16 [ 268.088524][ T1125] EXT4-fs (loop2): Block reservation details [ 268.095002][ T1125] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 268.131438][ T6263] sd 0:0:1:0: device reset [ 268.252401][ T5803] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 268.278975][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.555161][ T6268] loop3: detected capacity change from 0 to 512 [ 268.678788][ T6268] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 268.706410][ T6268] EXT4-fs (loop3): orphan cleanup on readonly fs [ 269.001512][ T6268] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.101: corrupted inode contents [ 269.057773][ T6268] EXT4-fs (loop3): Remounting filesystem read-only [ 269.110625][ T6268] EXT4-fs (loop3): 1 truncate cleaned up [ 269.132162][ T14] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 269.144122][ T14] Quota error (device loop3): write_blk: dquota write failed [ 269.151994][ T14] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries [ 269.162487][ T14] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 269.173675][ T14] Quota error (device loop3): write_blk: dquota write failed [ 269.181528][ T14] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list [ 269.194458][ T14] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started [ 269.205118][ T14] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 269.214768][ T14] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 269.417829][ T6279] capability: warning: `syz.1.105' uses deprecated v2 capabilities in a way that may be insecure [ 269.498219][ T6268] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 269.834495][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.095005][ T6282] syzkaller0: entered promiscuous mode [ 270.101071][ T6282] syzkaller0: entered allmulticast mode [ 270.399156][ T6289] loop1: detected capacity change from 0 to 128 [ 270.494830][ T6293] loop2: detected capacity change from 0 to 512 [ 270.585363][ T6293] EXT4-fs: Ignoring removed i_version option [ 270.592087][ T6293] EXT4-fs: Ignoring removed bh option [ 270.792344][ T6293] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 270.921424][ T6293] ext4 filesystem being mounted at /20/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 271.025479][ T6302] sd 0:0:1:0: device reset [ 272.189352][ T6311] loop1: detected capacity change from 0 to 2048 [ 272.224062][ T5803] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.335519][ T6311] Alternate GPT is invalid, using primary GPT. [ 272.343710][ T6311] loop1: p2 p3 p7 [ 272.617726][ T30] audit: type=1326 audit(1763071860.910:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6316 comm="syz.3.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 272.641043][ T30] audit: type=1326 audit(1763071860.920:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6316 comm="syz.3.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 272.663843][ T30] audit: type=1326 audit(1763071860.920:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6316 comm="syz.3.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 272.686670][ T30] audit: type=1326 audit(1763071860.930:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6316 comm="syz.3.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 272.709546][ T30] audit: type=1326 audit(1763071860.930:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6316 comm="syz.3.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 272.978765][ T30] audit: type=1326 audit(1763071861.090:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6316 comm="syz.3.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 273.001904][ T30] audit: type=1326 audit(1763071861.100:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6316 comm="syz.3.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 273.027494][ T30] audit: type=1326 audit(1763071861.140:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6316 comm="syz.3.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=316 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 273.051327][ T30] audit: type=1326 audit(1763071861.150:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6316 comm="syz.3.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 273.074162][ T30] audit: type=1326 audit(1763071861.150:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6316 comm="syz.3.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe0b938f6c9 code=0x7ffc0000 [ 273.181434][ T6317] loop3: detected capacity change from 0 to 1024 [ 273.415480][ T6329] loop1: detected capacity change from 0 to 128 [ 273.447416][ T6317] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 273.993005][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.019264][ T6218] udevd[6218]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 275.185293][ T6017] udevd[6017]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 275.198379][ T5992] udevd[5992]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory [ 275.515298][ T6357] loop3: detected capacity change from 0 to 512 [ 275.673185][ T6357] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 275.737276][ T6360] loop1: detected capacity change from 0 to 512 [ 275.841122][ T6357] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.129: invalid indirect mapped block 2683928664 (level 1) [ 275.868954][ T6360] EXT4-fs: Ignoring removed i_version option [ 275.875503][ T6360] EXT4-fs: Ignoring removed bh option [ 275.920298][ T6357] EXT4-fs (loop3): Remounting filesystem read-only [ 275.928551][ T6357] EXT4-fs (loop3): 1 truncate cleaned up [ 275.937490][ T6357] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 276.074045][ T6360] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 276.191931][ T6360] ext4 filesystem being mounted at /30/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 276.478534][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.549103][ T6368] loop4: detected capacity change from 0 to 2048 [ 276.697407][ T6368] Alternate GPT is invalid, using primary GPT. [ 276.709244][ T6368] loop4: p2 p3 p7 [ 277.060254][ T6370] loop2: detected capacity change from 0 to 2048 [ 277.387372][ T6370] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 277.556232][ T6373] netlink: 'syz.3.135': attribute type 29 has an invalid length. [ 277.621305][ T6373] netlink: 'syz.3.135': attribute type 29 has an invalid length. [ 277.764186][ T6373] netlink: 500 bytes leftover after parsing attributes in process `syz.3.135'. [ 277.803892][ T5814] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.168067][ T5803] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 278.235113][ T11] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 278.251190][ T11] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 278.258950][ T11] hid-generic 0000:0000:0000.0001: unknown main item tag 0x2 [ 278.269422][ T11] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 278.277468][ T11] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 278.285315][ T11] hid-generic 0000:0000:0000.0001: unknown main item tag 0x2 [ 278.293110][ T11] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 278.300925][ T11] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 278.308614][ T11] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 278.316430][ T11] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 278.429153][ T11] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz0] on syz0 [ 279.141013][ T6390] loop4: detected capacity change from 0 to 2048 [ 279.220792][ T6218] udevd[6218]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 279.238476][ T6018] udevd[6018]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory [ 279.264174][ T5992] udevd[5992]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 279.363528][ T6390] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 280.285909][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 280.439516][ T6404] fido_id[6404]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 280.556126][ T6414] loop1: detected capacity change from 0 to 2048 [ 280.751241][ T6414] Alternate GPT is invalid, using primary GPT. [ 280.759000][ T6414] loop1: p2 p3 p7 [ 280.813214][ T6416] loop0: detected capacity change from 0 to 512 [ 280.849729][ T6416] EXT4-fs: Ignoring removed i_version option [ 280.856376][ T6416] EXT4-fs: Ignoring removed bh option [ 281.084287][ T6416] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 281.144467][ T6416] ext4 filesystem being mounted at /32/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 281.160918][ T5157] Alternate GPT is invalid, using primary GPT. [ 281.168646][ T5157] loop1: p2 p3 p7 [ 281.362563][ T6420] netlink: 'syz.2.151': attribute type 29 has an invalid length. [ 281.451002][ T6427] netlink: 'syz.2.151': attribute type 29 has an invalid length. [ 281.483413][ T6420] netlink: 500 bytes leftover after parsing attributes in process `syz.2.151'. [ 281.711679][ T11] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz0] on syz0 [ 281.855459][ T6434] loop1: detected capacity change from 0 to 512 [ 281.897538][ T6434] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 281.991855][ T6434] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 282.090280][ T6434] EXT4-fs (loop1): 1 truncate cleaned up [ 282.098599][ T6434] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 282.302173][ T30] kauditd_printk_skb: 18 callbacks suppressed [ 282.302254][ T30] audit: type=1800 audit(1763071870.620:47): pid=6434 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.152" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 282.571403][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.703728][ T5814] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.148593][ T6444] loop4: detected capacity change from 0 to 2048 [ 283.345176][ T6444] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 283.593033][ T6218] udevd[6218]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 283.688187][ T6409] udevd[6409]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 283.721461][ T6017] udevd[6017]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory [ 284.086680][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 284.259161][ T5992] udevd[5992]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 284.317067][ T6409] udevd[6409]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 284.406348][ T6018] udevd[6018]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory [ 284.538956][ T6461] fido_id[6461]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 285.005803][ T6471] syzkaller0: entered promiscuous mode [ 285.015759][ T6471] syzkaller0: entered allmulticast mode [ 285.146008][ T6474] loop3: detected capacity change from 0 to 512 [ 285.241300][ T6474] EXT4-fs: Ignoring removed i_version option [ 285.247593][ T6474] EXT4-fs: Ignoring removed bh option [ 285.433039][ T6477] loop1: detected capacity change from 0 to 1024 [ 285.467844][ T6474] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 285.530387][ T6474] ext4 filesystem being mounted at /35/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 285.630977][ T6477] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 285.643776][ T6477] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 285.709085][ T6478] loop2: detected capacity change from 0 to 512 [ 285.799175][ T30] audit: type=1800 audit(1763071874.110:48): pid=6477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.170" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 285.907196][ T6478] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 285.916487][ T6478] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 286.185021][ T6478] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.168: Allocating blocks 41-42 which overlap fs metadata [ 286.287570][ T6478] Quota error (device loop2): write_blk: dquota write failed [ 286.301266][ T6478] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5 [ 286.340456][ T14] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 112: padding at end of block bitmap is not set [ 286.399327][ T14] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28 [ 286.416749][ T14] EXT4-fs (loop1): This should not happen!! Data will be lost [ 286.416749][ T14] [ 286.427070][ T14] EXT4-fs (loop1): Total free blocks count 0 [ 286.433808][ T14] EXT4-fs (loop1): Free/Dirty block details [ 286.443170][ T14] EXT4-fs (loop1): free_blocks=0 [ 286.448331][ T14] EXT4-fs (loop1): dirty_blocks=16 [ 286.454854][ T14] EXT4-fs (loop1): Block reservation details [ 286.461254][ T14] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 286.488639][ T6478] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 286.499279][ T6478] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.168: Failed to acquire dquot type 1 [ 286.559222][ T6478] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 286.575239][ T6478] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.168: corrupted inode contents [ 286.694000][ T6478] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #12: comm syz.2.168: mark_inode_dirty error [ 286.701375][ T5814] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 286.714228][ T6478] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.168: corrupted inode contents [ 286.731188][ T6478] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.168: mark_inode_dirty error [ 286.785027][ T6478] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.168: corrupted inode contents [ 286.826085][ T6478] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem [ 286.892251][ T6478] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.168: corrupted inode contents [ 286.939534][ T6478] EXT4-fs error (device loop2): ext4_truncate:4637: inode #12: comm syz.2.168: mark_inode_dirty error [ 286.982998][ T6478] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem [ 287.044853][ T6478] EXT4-fs (loop2): 1 truncate cleaned up [ 287.063031][ T6478] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 287.127222][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.192639][ T6478] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.375915][ T6478] netlink: 8 bytes leftover after parsing attributes in process `syz.2.168'. [ 287.385770][ T6478] openvswitch: netlink: Flow key attr not present in new flow. [ 287.817132][ T6504] loop3: detected capacity change from 0 to 128 [ 288.299127][ T6506] loop4: detected capacity change from 0 to 2048 [ 288.533420][ T6506] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 289.192342][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 289.556690][ T6524] loop0: detected capacity change from 0 to 164 [ 289.627147][ T6524] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 289.692882][ T6525] loop1: detected capacity change from 0 to 1024 [ 289.728984][ T6524] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 289.770563][ T6524] Symlink component flag not implemented [ 289.776500][ T6524] Symlink component flag not implemented [ 289.783463][ T6524] Symlink component flag not implemented (7) [ 289.789645][ T6524] Symlink component flag not implemented (116) [ 289.942098][ T6525] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 289.955277][ T6525] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 290.099480][ T6529] syzkaller0: entered promiscuous mode [ 290.105385][ T6529] syzkaller0: entered allmulticast mode [ 290.112886][ T30] audit: type=1800 audit(1763071878.430:49): pid=6525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.183" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 290.506018][ T59] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 112: padding at end of block bitmap is not set [ 290.587983][ T59] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28 [ 290.600945][ T59] EXT4-fs (loop1): This should not happen!! Data will be lost [ 290.600945][ T59] [ 290.612326][ T59] EXT4-fs (loop1): Total free blocks count 0 [ 290.618531][ T59] EXT4-fs (loop1): Free/Dirty block details [ 290.625826][ T59] EXT4-fs (loop1): free_blocks=0 [ 290.631157][ T59] EXT4-fs (loop1): dirty_blocks=16 [ 290.639509][ T59] EXT4-fs (loop1): Block reservation details [ 290.646837][ T59] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 290.710575][ T30] audit: type=1326 audit(1763071879.010:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6536 comm="syz.0.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0b8f6c9 code=0x7ffc0000 [ 290.733696][ T30] audit: type=1326 audit(1763071879.010:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6536 comm="syz.0.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0b8f6c9 code=0x7ffc0000 [ 290.762175][ T30] audit: type=1326 audit(1763071879.030:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6536 comm="syz.0.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4cd0b8f6c9 code=0x7ffc0000 [ 290.786880][ T30] audit: type=1326 audit(1763071879.030:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6536 comm="syz.0.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4cd0b8f703 code=0x7ffc0000 [ 290.810161][ T30] audit: type=1326 audit(1763071879.050:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6536 comm="syz.0.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4cd0b8e17f code=0x7ffc0000 [ 290.813807][ T6537] loop0: detected capacity change from 0 to 128 [ 290.832636][ T30] audit: type=1326 audit(1763071879.060:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6536 comm="syz.0.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f4cd0b8f757 code=0x7ffc0000 [ 290.832895][ T30] audit: type=1326 audit(1763071879.130:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6536 comm="syz.0.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4cd0b8df10 code=0x7ffc0000 [ 290.891707][ T30] audit: type=1326 audit(1763071879.130:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6536 comm="syz.0.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4cd0b8f2cb code=0x7ffc0000 [ 290.972716][ T6534] loop2: detected capacity change from 0 to 2048 [ 290.987284][ T30] audit: type=1326 audit(1763071879.300:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6536 comm="syz.0.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f4cd0b8e32a code=0x7ffc0000 [ 290.988426][ T5814] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 291.173036][ T6534] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 291.513863][ T6538] loop3: detected capacity change from 0 to 512 [ 291.774231][ T5803] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 291.787604][ T6549] loop1: detected capacity change from 0 to 128 [ 291.873540][ T6538] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 291.882721][ T6538] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 292.197700][ T6538] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.188: Allocating blocks 41-42 which overlap fs metadata [ 292.266875][ T6538] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.188: Failed to acquire dquot type 1 [ 292.324777][ T6538] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 292.341706][ T6538] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.188: corrupted inode contents [ 292.400219][ T6538] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #12: comm syz.3.188: mark_inode_dirty error [ 292.482100][ T6538] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.188: corrupted inode contents [ 292.545745][ T6538] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.188: mark_inode_dirty error [ 292.593608][ T6538] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.188: corrupted inode contents [ 292.656844][ T6538] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem [ 292.710694][ T6538] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.188: corrupted inode contents [ 292.778507][ T6538] EXT4-fs error (device loop3): ext4_truncate:4637: inode #12: comm syz.3.188: mark_inode_dirty error [ 292.839583][ T6555] loop2: detected capacity change from 0 to 2048 [ 292.859407][ T6538] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem [ 292.922373][ T6538] EXT4-fs (loop3): 1 truncate cleaned up [ 292.930804][ T6538] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 293.073667][ T6538] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 293.171512][ T6555] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 293.437632][ T6538] netlink: 8 bytes leftover after parsing attributes in process `syz.3.188'. [ 293.446908][ T6538] openvswitch: netlink: Flow key attr not present in new flow. [ 293.617644][ T6555] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 293.720800][ T6555] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28 [ 293.733678][ T6555] EXT4-fs (loop2): This should not happen!! Data will be lost [ 293.733678][ T6555] [ 293.744035][ T6555] EXT4-fs (loop2): Total free blocks count 0 [ 293.750483][ T6555] EXT4-fs (loop2): Free/Dirty block details [ 293.756604][ T6555] EXT4-fs (loop2): free_blocks=2415919104 [ 293.762701][ T6555] EXT4-fs (loop2): dirty_blocks=128 [ 293.768152][ T6555] EXT4-fs (loop2): Block reservation details [ 293.774513][ T6555] EXT4-fs (loop2): i_reserved_data_blocks=8 [ 294.367772][ T5803] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 294.606376][ T6570] loop3: detected capacity change from 0 to 512 [ 294.780740][ T6570] EXT4-fs warning (device loop3): ext4_xattr_inode_get:560: inode #11: comm syz.3.195: EA inode hash validation failed [ 294.795776][ T6570] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #15: comm syz.3.195: corrupted inode contents [ 294.856519][ T6570] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #15: comm syz.3.195: mark_inode_dirty error [ 294.920153][ T6570] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #15: comm syz.3.195: corrupted inode contents [ 294.932266][ T6577] loop1: detected capacity change from 0 to 1024 [ 295.023045][ T6570] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2996: inode #15: comm syz.3.195: mark_inode_dirty error [ 295.111717][ T6570] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2999: inode #15: comm syz.3.195: mark inode dirty (error -117) [ 295.130233][ T6577] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 295.146987][ T6577] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 295.200581][ T6570] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 295.210820][ T6570] EXT4-fs (loop3): 1 orphan inode deleted [ 295.219140][ T6570] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 295.355381][ T30] kauditd_printk_skb: 33 callbacks suppressed [ 295.355462][ T30] audit: type=1800 audit(1763071883.670:89): pid=6577 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.199" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 295.567637][ T6584] syzkaller0: entered promiscuous mode [ 295.573767][ T6584] syzkaller0: entered allmulticast mode [ 295.641451][ T59] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 112: padding at end of block bitmap is not set [ 295.691318][ T59] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 117 [ 295.704459][ T59] EXT4-fs (loop1): This should not happen!! Data will be lost [ 295.704459][ T59] [ 295.737448][ T5814] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 295.861762][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.938916][ T6585] loop2: detected capacity change from 0 to 2048 [ 296.149542][ T6585] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 296.305204][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 296.312007][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 296.395702][ T6585] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 296.496396][ T6587] netlink: 'syz.4.203': attribute type 10 has an invalid length. [ 296.546841][ T6590] netlink: 'syz.4.203': attribute type 10 has an invalid length. [ 296.556967][ T6585] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 222 with error 28 [ 296.570089][ T6585] EXT4-fs (loop2): This should not happen!! Data will be lost [ 296.570089][ T6585] [ 296.583531][ T6585] EXT4-fs (loop2): Total free blocks count 0 [ 296.590911][ T6585] EXT4-fs (loop2): Free/Dirty block details [ 296.597045][ T6585] EXT4-fs (loop2): free_blocks=2415919104 [ 296.603893][ T6585] EXT4-fs (loop2): dirty_blocks=224 [ 296.609532][ T6585] EXT4-fs (loop2): Block reservation details [ 296.616279][ T6585] EXT4-fs (loop2): i_reserved_data_blocks=14 [ 296.919138][ T6587] team0: Failed to send options change via netlink (err -105) [ 296.927531][ T6587] team0: Port device dummy0 added [ 296.972677][ T6590] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 297.215377][ T6590] team0: Port device dummy0 removed [ 297.240388][ T6590] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 297.366633][ T6599] loop0: detected capacity change from 0 to 512 [ 297.488546][ T5803] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 297.572634][ T6599] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 297.581819][ T6599] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 297.765237][ T6599] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.205: Allocating blocks 41-42 which overlap fs metadata [ 297.873933][ T6599] Quota error (device loop0): write_blk: dquota write failed [ 297.882250][ T6599] Quota error (device loop0): find_free_dqentry: Can't write quota data block 5 [ 298.021298][ T6599] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 298.032928][ T6599] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.205: Failed to acquire dquot type 1 [ 298.288100][ T6599] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 298.303811][ T6599] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #12: comm syz.0.205: corrupted inode contents [ 298.633040][ T6599] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #12: comm syz.0.205: mark_inode_dirty error [ 298.665491][ T6599] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #12: comm syz.0.205: corrupted inode contents [ 299.107583][ T6599] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #12: comm syz.0.205: mark_inode_dirty error [ 299.180819][ T6599] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #12: comm syz.0.205: corrupted inode contents [ 299.228899][ T6610] loop2: detected capacity change from 0 to 2048 [ 299.289383][ T6599] EXT4-fs error (device loop0) in ext4_orphan_del:301: Corrupt filesystem [ 299.328073][ T6599] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #12: comm syz.0.205: corrupted inode contents [ 299.478576][ T6599] EXT4-fs error (device loop0): ext4_truncate:4637: inode #12: comm syz.0.205: mark_inode_dirty error [ 299.494087][ T6610] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 299.591655][ T6599] EXT4-fs error (device loop0) in ext4_process_orphan:343: Corrupt filesystem [ 299.614567][ T6599] EXT4-fs (loop0): 1 truncate cleaned up [ 299.623471][ T6599] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 299.867895][ T6599] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.971106][ T6610] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 300.136826][ T6610] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 128 with error 28 [ 300.150002][ T6610] EXT4-fs (loop2): This should not happen!! Data will be lost [ 300.150002][ T6610] [ 300.167275][ T6610] EXT4-fs (loop2): Total free blocks count 0 [ 300.176082][ T6610] EXT4-fs (loop2): Free/Dirty block details [ 300.182330][ T6610] EXT4-fs (loop2): free_blocks=2415919104 [ 300.188257][ T6610] EXT4-fs (loop2): dirty_blocks=160 [ 300.193785][ T6610] EXT4-fs (loop2): Block reservation details [ 300.200079][ T6610] EXT4-fs (loop2): i_reserved_data_blocks=10 [ 301.358501][ T6627] loop3: detected capacity change from 0 to 128 [ 301.496407][ T5803] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 302.122672][ T6631] syzkaller0: entered promiscuous mode [ 302.128390][ T6631] syzkaller0: entered allmulticast mode [ 302.610659][ T6638] loop1: detected capacity change from 0 to 512 [ 302.686863][ T6638] EXT4-fs: Ignoring removed i_version option [ 302.693583][ T6638] EXT4-fs: Ignoring removed bh option [ 302.941685][ T6638] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 303.032370][ T6638] ext4 filesystem being mounted at /46/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 303.093385][ T6640] loop0: detected capacity change from 0 to 2048 [ 303.315870][ T6647] netlink: 'syz.2.219': attribute type 10 has an invalid length. [ 303.374693][ T6640] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 303.392980][ T6649] netlink: 8 bytes leftover after parsing attributes in process `syz.4.221'. [ 303.460524][ T6647] team0: Port device dummy0 added [ 303.466973][ T6653] netlink: 'syz.2.219': attribute type 10 has an invalid length. [ 303.482103][ T6653] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 303.693561][ T6653] team0: Failed to send options change via netlink (err -105) [ 303.703613][ T6653] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 303.714435][ T6653] team0: Port device dummy0 removed [ 303.737682][ T6653] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 303.777900][ T6640] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 303.893321][ T6640] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 128 with error 28 [ 303.906729][ T6640] EXT4-fs (loop0): This should not happen!! Data will be lost [ 303.906729][ T6640] [ 303.916901][ T6640] EXT4-fs (loop0): Total free blocks count 0 [ 303.923241][ T6640] EXT4-fs (loop0): Free/Dirty block details [ 303.929358][ T6640] EXT4-fs (loop0): free_blocks=2415919104 [ 303.935548][ T6640] EXT4-fs (loop0): dirty_blocks=160 [ 303.941127][ T6640] EXT4-fs (loop0): Block reservation details [ 303.957645][ T6640] EXT4-fs (loop0): i_reserved_data_blocks=10 [ 305.213043][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 305.282993][ T5814] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 307.185624][ T6665] loop2: detected capacity change from 0 to 2048 [ 307.405582][ T6672] loop4: detected capacity change from 0 to 512 [ 308.176563][ T6672] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 308.185694][ T6672] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 308.336351][ T6665] EXT4-fs: error -4 creating inode table initialization thread [ 308.460554][ T6665] EXT4-fs (loop2): mount failed [ 308.473145][ T6672] EXT4-fs warning (device loop4): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop4. [ 309.342767][ T6685] program syz.0.229 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 309.543856][ T6686] loop0: detected capacity change from 0 to 1024 [ 309.555217][ T6686] EXT4-fs: Ignoring removed nomblk_io_submit option [ 309.865368][ T6686] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 310.571366][ T6695] syzkaller0: entered promiscuous mode [ 310.577213][ T6695] syzkaller0: entered allmulticast mode [ 311.201738][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 311.738197][ T6700] loop4: detected capacity change from 0 to 2048 [ 311.793592][ T6705] loop0: detected capacity change from 0 to 512 [ 311.854027][ T6705] EXT4-fs: Ignoring removed i_version option [ 311.860901][ T6705] EXT4-fs: Ignoring removed bh option [ 311.912000][ T6700] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 312.071158][ T6711] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 312.113114][ T6705] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 312.230412][ T6705] ext4 filesystem being mounted at /47/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 312.639580][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 313.254194][ T6722] loop3: detected capacity change from 0 to 512 [ 313.308189][ T6720] loop2: detected capacity change from 0 to 2048 [ 313.507086][ T6722] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 313.520741][ T6722] ext4 filesystem being mounted at /51/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 313.574994][ T6720] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 313.951709][ T6732] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 314.036401][ T6732] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 128 with error 28 [ 314.049488][ T6732] EXT4-fs (loop2): This should not happen!! Data will be lost [ 314.049488][ T6732] [ 314.059525][ T6732] EXT4-fs (loop2): Total free blocks count 0 [ 314.065871][ T6732] EXT4-fs (loop2): Free/Dirty block details [ 314.073428][ T6732] EXT4-fs (loop2): free_blocks=2415919104 [ 314.079406][ T6732] EXT4-fs (loop2): dirty_blocks=160 [ 314.092464][ T6732] EXT4-fs (loop2): Block reservation details [ 314.098699][ T6732] EXT4-fs (loop2): i_reserved_data_blocks=10 [ 314.265160][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.321416][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.837292][ T6737] loop4: detected capacity change from 0 to 512 [ 315.253602][ T5803] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 315.449578][ T6737] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 315.541562][ T6737] EXT4-fs (loop4): orphan cleanup on readonly fs [ 315.748442][ T6737] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.246: corrupted inode contents [ 315.860447][ T6737] EXT4-fs (loop4): Remounting filesystem read-only [ 315.868065][ T6737] EXT4-fs (loop4): 1 truncate cleaned up [ 315.900548][ T4160] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 315.911730][ T4160] Quota error (device loop4): write_blk: dquota write failed [ 315.919317][ T4160] Quota error (device loop4): remove_free_dqentry: Can't write block (5) with free entries [ 315.933053][ T4160] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 315.945006][ T4160] Quota error (device loop4): write_blk: dquota write failed [ 315.952935][ T4160] Quota error (device loop4): free_dqentry: Can't move quota data block (5) to free list [ 315.963785][ T4160] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started [ 315.974231][ T4160] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 315.983841][ T4160] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 316.091901][ T6746] syzkaller0: entered promiscuous mode [ 316.097636][ T6746] syzkaller0: entered allmulticast mode [ 316.126050][ T6737] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 316.166492][ T5853] kernel write not supported for file /snd/seq (pid: 5853 comm: kworker/1:3) [ 316.631225][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 317.521401][ T6751] netlink: 464 bytes leftover after parsing attributes in process `syz.3.251'. [ 319.187250][ T6776] netlink: 12 bytes leftover after parsing attributes in process `syz.2.259'. [ 319.457686][ T6776] Zero length message leads to an empty skb [ 319.881409][ T6782] 9p: Unknown Cache mode or invalid value r [ 319.890864][ T6781] syzkaller0: entered promiscuous mode [ 319.896566][ T6781] syzkaller0: entered allmulticast mode [ 320.001925][ T4896] Bluetooth: hci5: Frame reassembly failed (-84) [ 320.316708][ T6787] netlink: 464 bytes leftover after parsing attributes in process `syz.2.265'. [ 321.619198][ T6806] netlink: 16 bytes leftover after parsing attributes in process `syz.3.270'. [ 321.949513][ T6805] loop0: detected capacity change from 0 to 2048 [ 322.030557][ T50] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 322.128645][ T6805] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 322.403447][ T6815] netlink: 12 bytes leftover after parsing attributes in process `syz.1.275'. [ 322.472712][ T6812] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 322.535377][ T6812] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 198 with error 28 [ 322.535547][ T6812] EXT4-fs (loop0): This should not happen!! Data will be lost [ 322.535547][ T6812] [ 322.535742][ T6812] EXT4-fs (loop0): Total free blocks count 0 [ 322.535837][ T6812] EXT4-fs (loop0): Free/Dirty block details [ 322.535927][ T6812] EXT4-fs (loop0): free_blocks=2415919104 [ 322.536028][ T6812] EXT4-fs (loop0): dirty_blocks=208 [ 322.536121][ T6812] EXT4-fs (loop0): Block reservation details [ 322.536206][ T6812] EXT4-fs (loop0): i_reserved_data_blocks=13 [ 323.073803][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 324.261316][ T6826] loop0: detected capacity change from 0 to 2048 [ 324.653432][ T6826] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 324.679283][ T30] audit: type=1326 audit(1763071912.990:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.0.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0b8f6c9 code=0x7ffc0000 [ 324.717007][ T30] audit: type=1326 audit(1763071913.020:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.0.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f4cd0b8f6c9 code=0x7ffc0000 [ 324.746962][ T30] audit: type=1326 audit(1763071913.020:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.0.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0b8f6c9 code=0x7ffc0000 [ 324.772391][ T30] audit: type=1326 audit(1763071913.020:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.0.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f4cd0b8f6c9 code=0x7ffc0000 [ 324.795073][ T30] audit: type=1326 audit(1763071913.020:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.0.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0b8f6c9 code=0x7ffc0000 [ 324.817981][ T30] audit: type=1326 audit(1763071913.020:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.0.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f4cd0b8f6c9 code=0x7ffc0000 [ 324.848587][ T30] audit: type=1326 audit(1763071913.020:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.0.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4cd0b86567 code=0x7ffc0000 [ 324.871273][ T30] audit: type=1326 audit(1763071913.020:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.0.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4cd0b2b779 code=0x7ffc0000 [ 324.893884][ T30] audit: type=1326 audit(1763071913.020:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.0.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0b8f6c9 code=0x7ffc0000 [ 324.916726][ T30] audit: type=1326 audit(1763071913.030:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.0.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4cd0b86567 code=0x7ffc0000 [ 325.237605][ T6847] loop2: detected capacity change from 0 to 128 [ 325.317349][ T6850] loop3: detected capacity change from 0 to 1024 [ 325.338161][ T6850] EXT4-fs: Ignoring removed mblk_io_submit option [ 325.435129][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 325.493221][ T6849] loop1: detected capacity change from 0 to 2048 [ 325.503912][ T6850] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 325.516431][ T6852] netlink: 12 bytes leftover after parsing attributes in process `syz.4.289'. [ 325.619177][ T6849] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 325.803297][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.135512][ T5814] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 327.529002][ T6887] loop0: detected capacity change from 0 to 128 [ 327.757261][ T6893] netlink: 12 bytes leftover after parsing attributes in process `syz.2.303'. [ 328.144562][ T6899] netlink: 24 bytes leftover after parsing attributes in process `syz.4.307'. [ 329.071282][ T6883] Bluetooth: hci3: command 0x0406 tx timeout [ 329.080198][ T6883] Bluetooth: hci4: command 0x0406 tx timeout [ 329.086460][ T6883] Bluetooth: hci0: command 0x0406 tx timeout [ 329.093572][ T6883] Bluetooth: hci1: command 0x0406 tx timeout [ 329.102314][ T6883] Bluetooth: hci2: command 0x0406 tx timeout [ 329.284566][ T6921] loop2: detected capacity change from 0 to 128 [ 329.333306][ T12] nci: nci_rf_discover_ntf_packet: unsupported rf_tech_and_mode 0x60 [ 329.347802][ T12] ===================================================== [ 329.357913][ T12] BUG: KMSAN: uninit-value in nci_ntf_packet+0x26b2/0x46c0 [ 329.365562][ T12] nci_ntf_packet+0x26b2/0x46c0 [ 329.370835][ T12] nci_rx_work+0x403/0x750 [ 329.375551][ T12] process_scheduled_works+0xb91/0x1d80 [ 329.381547][ T12] worker_thread+0xedf/0x1590 [ 329.386513][ T12] kthread+0xd5c/0xf00 [ 329.391237][ T12] ret_from_fork+0x1f5/0x4c0 [ 329.396101][ T12] ret_from_fork_asm+0x1a/0x30 [ 329.401318][ T12] [ 329.403762][ T12] Uninit was created at: [ 329.408336][ T12] kmem_cache_alloc_node_noprof+0x989/0x16b0 [ 329.415825][ T12] kmalloc_reserve+0x13c/0x4b0 [ 329.420966][ T12] __alloc_skb+0x347/0x7d0 [ 329.425618][ T12] virtual_ncidev_write+0x6b/0x430 [ 329.431152][ T12] vfs_write+0x48a/0x15d0 [ 329.435684][ T12] __x64_sys_write+0x1fb/0x4d0 [ 329.440871][ T12] x64_sys_call+0x3014/0x3e30 [ 329.452312][ T12] do_syscall_64+0xd9/0xfa0 [ 329.457140][ T12] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.465449][ T12] [ 329.468020][ T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Tainted: G W syzkaller #0 PREEMPT(none) [ 329.481527][ T12] Tainted: [W]=WARN [ 329.485484][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 329.496145][ T12] Workqueue: nfc2_nci_rx_wq nci_rx_work [ 329.502215][ T12] ===================================================== [ 329.509307][ T12] Disabling lock debugging due to kernel taint [ 329.515715][ T12] Kernel panic - not syncing: kmsan.panic set ... [ 329.522332][ T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Tainted: G B W syzkaller #0 PREEMPT(none) [ 329.533559][ T12] Tainted: [B]=BAD_PAGE, [W]=WARN [ 329.538725][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 329.548967][ T12] Workqueue: nfc2_nci_rx_wq nci_rx_work [ 329.554831][ T12] Call Trace: [ 329.558243][ T12] [ 329.561306][ T12] __dump_stack+0x26/0x30 [ 329.565899][ T12] dump_stack_lvl+0x53/0x270 [ 329.570773][ T12] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 329.576878][ T12] dump_stack+0x1e/0x25 [ 329.581280][ T12] vpanic+0x435/0xd30 [ 329.585560][ T12] panic+0x15d/0x160 [ 329.589801][ T12] kmsan_report+0x31c/0x320 [ 329.594551][ T12] ? __msan_warning+0x1b/0x30 [ 329.599460][ T12] ? nci_ntf_packet+0x26b2/0x46c0 [ 329.604723][ T12] ? nci_rx_work+0x403/0x750 [ 329.609604][ T12] ? process_scheduled_works+0xb91/0x1d80 [ 329.615623][ T12] ? worker_thread+0xedf/0x1590 [ 329.620801][ T12] ? kthread+0xd5c/0xf00 [ 329.625256][ T12] ? ret_from_fork+0x1f5/0x4c0 [ 329.630308][ T12] ? ret_from_fork_asm+0x1a/0x30 [ 329.635555][ T12] ? ret_from_fork_asm+0x1a/0x30 [ 329.640810][ T12] ? vprintk_emit+0xb51/0xb60 [ 329.645746][ T12] ? vprintk_default+0x3f/0x50 [ 329.650748][ T12] ? vprintk+0x36/0x50 [ 329.655060][ T12] ? _printk+0x17e/0x1b0 [ 329.659643][ T12] ? kmsan_get_metadata+0xfb/0x160 [ 329.665046][ T12] __msan_warning+0x1b/0x30 [ 329.669773][ T12] nci_ntf_packet+0x26b2/0x46c0 [ 329.674852][ T12] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 329.681231][ T12] ? sk_skb_reason_drop+0x13f/0x440 [ 329.686765][ T12] nci_rx_work+0x403/0x750 [ 329.691485][ T12] ? __pfx_nci_rx_work+0x10/0x10 [ 329.696726][ T12] process_scheduled_works+0xb91/0x1d80 [ 329.702653][ T12] worker_thread+0xedf/0x1590 [ 329.707681][ T12] kthread+0xd5c/0xf00 [ 329.711960][ T12] ? __pfx_worker_thread+0x10/0x10 [ 329.717388][ T12] ? __pfx_kthread+0x10/0x10 [ 329.722288][ T12] ret_from_fork+0x1f5/0x4c0 [ 329.727169][ T12] ? __pfx_kthread+0x10/0x10 [ 329.731973][ T12] ret_from_fork_asm+0x1a/0x30 [ 329.737061][ T12] [ 329.740686][ T12] Kernel Offset: disabled [ 329.745106][ T12] Rebooting in 86400 seconds..