last executing test programs: 4.062968004s ago: executing program 1 (id=232): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98,\xc8\x18E/\x8c\x1a\xe3\xbd') r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611) listen(r0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5a}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) 3.922511058s ago: executing program 1 (id=235): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0x90, 0x0, &(0x7f00000004c0)=[@increfs_done={0x40106308, 0x2}, @request_death={0x400c630e, 0x1}, @release={0x40046306, 0x2}, @request_death={0x400c630e, 0x3}, @exit_looper, @dead_binder_done, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x58, 0x0, &(0x7f0000000400)={@fd, @fd, @ptr={0x70742a85, 0x1, &(0x7f0000000300), 0x0, 0x0, 0x1e}}, 0x0}}], 0x0, 0x0, 0x0}) 3.437586495s ago: executing program 1 (id=239): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee1, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000240)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x7) 3.18063162s ago: executing program 0 (id=242): bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000004000000040000000100000000000000", @ANYRES32=0x0, @ANYBLOB="1800000001"], 0x50) 3.08179916s ago: executing program 3 (id=243): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x103341) socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) openat2(0xffffffffffffff9c, 0x0, &(0x7f0000000440)={0x529643, 0xac, 0x8}, 0x18) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, 0x0, 0x0) bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) fcntl$setstatus(r1, 0x4, 0x2800) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0) ftruncate(r5, 0x2000009) sendfile(r1, r5, 0x0, 0x7ffff004) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) tkill(0x0, 0x1) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, 0x0) 2.918859905s ago: executing program 0 (id=244): socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @loopback}, 0xc) syz_emit_ethernet(0x0, 0x0, 0x0) syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2, 0x21, 0x6}}}}}, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r3}, 0x10) socket$nl_route(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x5e, 0xa, 0xa, 0x0, 0x0, 0x71, 0x10, 0x1b}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) 1.967288798s ago: executing program 0 (id=245): mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xc, &(0x7f0000000300)=0xffffff50, 0x4) 1.95155038s ago: executing program 2 (id=246): ioctl$TUNGETIFF(0xffffffffffffffff, 0x800454d2, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000c40)={'filter\x00', 0x104, 0x4, 0x3c8, 0x110, 0x110, 0x110, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@arp={@empty, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac}, {@empty, {[0x0, 0x0, 0x0, 0xff]}}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 'dvmrp0\x00', 'netdevsim0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @empty, @dev={0xac, 0x14, 0x14, 0x41}, @rand_addr=0x64010101, 0x8, 0x1}}}, {{@arp={@loopback, @local, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pim6reg0\x00', 'veth0\x00', {}, {}, 0x0, 0x20}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x80ca, 0x8}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418) 1.73883211s ago: executing program 1 (id=247): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, 0x0, 0x0) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000100)={0x90, 0x0, &(0x7f00000004c0)=[@increfs_done={0x40106308, 0x2}, @request_death={0x400c630e, 0x1}, @release={0x40046306, 0x2}, @request_death={0x400c630e, 0x3}, @exit_looper, @dead_binder_done, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x58, 0x0, &(0x7f0000000400)={@fd, @fd, @ptr={0x70742a85, 0x1, &(0x7f0000000300), 0x0, 0x0, 0x1e}}, 0x0}}], 0x0, 0x0, 0x0}) 1.73870171s ago: executing program 3 (id=248): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50) fallocate(r0, 0x0, 0xfffffffffffffc07, 0x8b) 1.688335565s ago: executing program 0 (id=249): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) timerfd_gettime(0xffffffffffffffff, 0x0) 1.681250556s ago: executing program 2 (id=250): bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) readv(r3, &(0x7f00000004c0)=[{&(0x7f0000000580)=""/152, 0x98}], 0x1) readv(r3, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/215, 0xd7}], 0x1) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) 1.402247253s ago: executing program 0 (id=251): r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x121201, 0x0) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000600)=0x14) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) close(r0) 1.340000919s ago: executing program 3 (id=252): gettid() socket(0x10, 0x3, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18) syz_emit_ethernet(0x2a, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x18) clock_getres(0x1, 0x0) 1.12292968s ago: executing program 3 (id=253): r0 = socket(0x10, 0x3, 0x0) r1 = epoll_create1(0x0) ioctl$SIOCGETLINKNAME(r0, 0x89e0, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000080)={0xe000202b}) epoll_pwait(r2, &(0x7f00008c9fc4)=[{}], 0x1, 0xfffffffffffffff7, 0x0, 0x0) r3 = dup3(r0, r2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000300)={0x200f}) 898.285642ms ago: executing program 0 (id=254): socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @loopback}, 0xc) syz_emit_ethernet(0x0, 0x0, 0x0) syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2, 0x21, 0x6}}}}}, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r4}, 0x10) socket$nl_route(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x5e, 0xa, 0xa, 0x0, 0x0, 0x71, 0x10, 0x1b}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) 691.128222ms ago: executing program 1 (id=255): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r1}, 0x18) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000003"], 0x118}}, 0x0) 633.356928ms ago: executing program 2 (id=256): r0 = socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000011c0)={&(0x7f0000001180)='kfree\x00', r1, 0x0, 0x4}, 0x18) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{0x60, 0x0, 0x1}, {}, {0x3}, {}, {}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0) 462.896935ms ago: executing program 3 (id=257): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e00000000eb15000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_tables_targets\x00') preadv(r1, 0x0, 0x0, 0x80000001, 0x8) 354.960885ms ago: executing program 2 (id=258): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x100) readv(r0, 0x0, 0x0) 228.086958ms ago: executing program 3 (id=259): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000ddff00850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) listxattr(&(0x7f0000006440)='./file0\x00', 0x0, 0x0) 65.145373ms ago: executing program 2 (id=260): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket(0x400000000010, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) 34.903596ms ago: executing program 2 (id=261): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) getpgrp(0x0) 0s ago: executing program 1 (id=262): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f00000031c0)=0x9, 0x4) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.135' (ED25519) to the list of known hosts. [ 75.223461][ T5756] cgroup: Unknown subsys name 'net' [ 75.356624][ T5756] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 77.058303][ T5756] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 78.844073][ T5769] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 78.859369][ T5772] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 78.879328][ T5772] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 78.899156][ T5772] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 78.931782][ T5773] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 78.934249][ T5778] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 78.944301][ T5773] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 78.954673][ T5773] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 78.957135][ T5778] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 78.962821][ T5773] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 78.972805][ T5778] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 78.986370][ T5778] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 78.995299][ T5782] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 78.998516][ T5773] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 79.007222][ T5782] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 79.017391][ T5782] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 79.025239][ T5773] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 79.025862][ T5782] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 79.051877][ T5773] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 79.056255][ T5782] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 79.066928][ T5782] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 79.077395][ T5083] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 79.087712][ T5781] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 79.095170][ T5781] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 79.658800][ T5770] chnl_net:caif_netlink_parms(): no params data found [ 79.688799][ T5766] chnl_net:caif_netlink_parms(): no params data found [ 79.749299][ T5775] chnl_net:caif_netlink_parms(): no params data found [ 79.897653][ T5776] chnl_net:caif_netlink_parms(): no params data found [ 79.927753][ T5766] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.935377][ T5766] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.943109][ T5766] bridge_slave_0: entered allmulticast mode [ 79.950890][ T5766] bridge_slave_0: entered promiscuous mode [ 79.972184][ T5770] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.980249][ T5770] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.987461][ T5770] bridge_slave_0: entered allmulticast mode [ 79.995627][ T5770] bridge_slave_0: entered promiscuous mode [ 80.003776][ T5766] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.011358][ T5766] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.018672][ T5766] bridge_slave_1: entered allmulticast mode [ 80.026125][ T5766] bridge_slave_1: entered promiscuous mode [ 80.061715][ T5770] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.068956][ T5770] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.076150][ T5770] bridge_slave_1: entered allmulticast mode [ 80.084557][ T5770] bridge_slave_1: entered promiscuous mode [ 80.150508][ T5775] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.157693][ T5775] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.165293][ T5775] bridge_slave_0: entered allmulticast mode [ 80.173476][ T5775] bridge_slave_0: entered promiscuous mode [ 80.201999][ T5766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.214746][ T5770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.226229][ T5775] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.233551][ T5775] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.240907][ T5775] bridge_slave_1: entered allmulticast mode [ 80.247962][ T5775] bridge_slave_1: entered promiscuous mode [ 80.286815][ T5766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.311393][ T5770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.374682][ T5775] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.385057][ T5776] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.392917][ T5776] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.400466][ T5776] bridge_slave_0: entered allmulticast mode [ 80.407563][ T5776] bridge_slave_0: entered promiscuous mode [ 80.420200][ T5766] team0: Port device team_slave_0 added [ 80.439180][ T5775] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.462053][ T5776] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.469321][ T5776] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.476487][ T5776] bridge_slave_1: entered allmulticast mode [ 80.484636][ T5776] bridge_slave_1: entered promiscuous mode [ 80.493080][ T5766] team0: Port device team_slave_1 added [ 80.514525][ T5770] team0: Port device team_slave_0 added [ 80.578630][ T5770] team0: Port device team_slave_1 added [ 80.587264][ T5775] team0: Port device team_slave_0 added [ 80.596962][ T5775] team0: Port device team_slave_1 added [ 80.605368][ T5776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.615563][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.622909][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.648922][ T5766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.662719][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.669930][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.695994][ T5766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.733145][ T5776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.804293][ T5776] team0: Port device team_slave_0 added [ 80.811519][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.820062][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.846092][ T5770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.860974][ T5776] team0: Port device team_slave_1 added [ 80.867958][ T5775] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.875079][ T5775] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.901569][ T5775] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.914148][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.921539][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.947894][ T5770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.984203][ T5775] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.991340][ T5775] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.017672][ T5775] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.049519][ T5782] Bluetooth: hci2: command tx timeout [ 81.067438][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.074706][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.101465][ T5776] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.128359][ T5782] Bluetooth: hci1: command tx timeout [ 81.128386][ T51] Bluetooth: hci0: command tx timeout [ 81.128849][ T5781] Bluetooth: hci3: command tx timeout [ 81.170025][ T5766] hsr_slave_0: entered promiscuous mode [ 81.176657][ T5766] hsr_slave_1: entered promiscuous mode [ 81.185560][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.192891][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.220145][ T5776] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.256843][ T5775] hsr_slave_0: entered promiscuous mode [ 81.263449][ T5775] hsr_slave_1: entered promiscuous mode [ 81.270101][ T5775] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 81.277982][ T5775] Cannot create hsr debugfs directory [ 81.315822][ T5776] hsr_slave_0: entered promiscuous mode [ 81.322347][ T5776] hsr_slave_1: entered promiscuous mode [ 81.328922][ T5776] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 81.336540][ T5776] Cannot create hsr debugfs directory [ 81.379936][ T5770] hsr_slave_0: entered promiscuous mode [ 81.386762][ T5770] hsr_slave_1: entered promiscuous mode [ 81.393475][ T5770] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 81.401328][ T5770] Cannot create hsr debugfs directory [ 81.832107][ T5776] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 81.847546][ T5776] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 81.860454][ T5776] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 81.884100][ T5776] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 81.947306][ T5775] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 81.959759][ T5775] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 81.970501][ T5775] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 81.980846][ T5775] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 82.069109][ T5770] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 82.095512][ T5770] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 82.106552][ T5770] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 82.120208][ T5770] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 82.205577][ T5766] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 82.216580][ T5766] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 82.243851][ T5766] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 82.256753][ T5766] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 82.379315][ T5776] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.403376][ T5775] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.440455][ T5775] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.457462][ T5770] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.486236][ T5770] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.497685][ T5776] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.516794][ T146] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.524173][ T146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.535807][ T146] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.543040][ T146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.584533][ T146] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.592258][ T146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.603281][ T146] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.610578][ T146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.635421][ T146] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.642735][ T146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.663408][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.670688][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.692756][ T5766] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.782008][ T5770] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 82.792690][ T5770] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 82.822097][ T5766] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.862573][ T146] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.869803][ T146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.926254][ T146] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.933497][ T146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.129962][ T5781] Bluetooth: hci2: command tx timeout [ 83.210012][ T5781] Bluetooth: hci1: command tx timeout [ 83.220631][ T5781] Bluetooth: hci3: command tx timeout [ 83.226090][ T5781] Bluetooth: hci0: command tx timeout [ 83.361098][ T5775] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.433991][ T5776] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.462514][ T5770] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.536444][ T5775] veth0_vlan: entered promiscuous mode [ 83.580333][ T5775] veth1_vlan: entered promiscuous mode [ 83.587165][ T5776] veth0_vlan: entered promiscuous mode [ 83.627415][ T5766] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.660868][ T5770] veth0_vlan: entered promiscuous mode [ 83.674956][ T5776] veth1_vlan: entered promiscuous mode [ 83.704026][ T5770] veth1_vlan: entered promiscuous mode [ 83.716335][ T5775] veth0_macvtap: entered promiscuous mode [ 83.736574][ T5775] veth1_macvtap: entered promiscuous mode [ 83.801385][ T5766] veth0_vlan: entered promiscuous mode [ 83.812138][ T5775] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.835295][ T5766] veth1_vlan: entered promiscuous mode [ 83.842947][ T5770] veth0_macvtap: entered promiscuous mode [ 83.854157][ T5770] veth1_macvtap: entered promiscuous mode [ 83.872066][ T5775] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.885751][ T5775] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.895251][ T5775] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.905324][ T5775] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.914385][ T5775] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.947522][ T5776] veth0_macvtap: entered promiscuous mode [ 83.991753][ T5776] veth1_macvtap: entered promiscuous mode [ 84.000233][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.011531][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.029982][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.046075][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.057911][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.070778][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.095561][ T5766] veth0_macvtap: entered promiscuous mode [ 84.123381][ T5770] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.132719][ T5770] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.142345][ T5770] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.151263][ T5770] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.175590][ T5766] veth1_macvtap: entered promiscuous mode [ 84.222376][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.233379][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.243374][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.254808][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.267771][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.281984][ T2919] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.296460][ T2919] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.323911][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.337362][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.347517][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.358025][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.370208][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.394140][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.407759][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.419456][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.429987][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.440553][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.451342][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.463920][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.477940][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.489052][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.500339][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.511453][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.521339][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.533962][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.545517][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.573957][ T2919] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.582289][ T2919] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.599246][ T5776] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.610100][ T5776] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.620462][ T5776] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.629636][ T5776] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.656603][ T5766] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.666053][ T5766] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.680533][ T5766] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.689436][ T5766] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.786836][ T2919] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.806576][ T2919] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.936427][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.954563][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.064033][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.089450][ T5861] syz.1.5[5861]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 85.108348][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.162396][ T5861] loop1: detected capacity change from 0 to 1024 [ 85.176292][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.201081][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.209985][ T5781] Bluetooth: hci2: command tx timeout [ 85.248043][ T5861] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.296762][ T5781] Bluetooth: hci3: command tx timeout [ 85.303090][ T5781] Bluetooth: hci0: command tx timeout [ 85.310013][ T5782] Bluetooth: hci1: command tx timeout [ 85.338051][ T5861] ext4 filesystem being mounted at /1/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.371369][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.417418][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.525765][ T5861] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 85.553860][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.946362][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.414349][ T5775] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.673748][ T5875] loop1: detected capacity change from 0 to 164 [ 86.695962][ T5875] ======================================================= [ 86.695962][ T5875] WARNING: The mand mount option has been deprecated and [ 86.695962][ T5875] and is ignored by this kernel. Remove the mand [ 86.695962][ T5875] option from the mount to silence this warning. [ 86.695962][ T5875] ======================================================= [ 87.008662][ T28] audit: type=1326 audit(1768016656.027:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 87.035311][ T28] audit: type=1326 audit(1768016656.057:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 87.115080][ T28] audit: type=1326 audit(1768016656.057:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 87.191756][ T28] audit: type=1326 audit(1768016656.057:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 87.261658][ T5886] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 87.283966][ T28] audit: type=1326 audit(1768016656.057:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 87.308554][ T5781] Bluetooth: hci2: command tx timeout [ 87.380251][ T5781] Bluetooth: hci0: command tx timeout [ 87.385813][ T51] Bluetooth: hci1: command tx timeout [ 87.391972][ T51] Bluetooth: hci3: command tx timeout [ 87.408507][ T28] audit: type=1326 audit(1768016656.057:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 87.431748][ T28] audit: type=1326 audit(1768016656.057:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 87.457147][ T28] audit: type=1326 audit(1768016656.117:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 87.479530][ T28] audit: type=1326 audit(1768016656.117:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 87.513011][ T28] audit: type=1326 audit(1768016656.117:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 89.695357][ T5922] xt_hashlimit: max too large, truncated to 1048576 [ 89.776791][ T5922] xt_CT: You must specify a L4 protocol and not use inversions on it [ 90.292880][ T5936] netlink: 8 bytes leftover after parsing attributes in process `syz.2.22'. [ 90.507391][ T5941] loop1: detected capacity change from 0 to 128 [ 90.585941][ T5941] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 90.626351][ T5941] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.664296][ T5948] usb usb7: usbfs: process 5948 (syz.2.25) did not claim interface 0 before use [ 90.704642][ T5949] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO [ 91.835305][ T5775] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 92.180193][ T8] cfg80211: failed to load regulatory.db [ 92.257959][ T5974] loop2: detected capacity change from 0 to 128 [ 92.300110][ T5974] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 92.382444][ T5974] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 92.453429][ T28] kauditd_printk_skb: 45 callbacks suppressed [ 92.453445][ T28] audit: type=1326 audit(1768016661.477:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.2.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 92.568285][ T28] audit: type=1326 audit(1768016661.507:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.2.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 92.620562][ T28] audit: type=1326 audit(1768016661.517:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.2.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 92.656716][ T28] audit: type=1326 audit(1768016661.517:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.2.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5ff8d8f783 code=0x7ffc0000 [ 92.749960][ T28] audit: type=1326 audit(1768016661.527:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.2.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5ff8d8e1ff code=0x7ffc0000 [ 92.787423][ T28] audit: type=1326 audit(1768016661.537:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.2.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f5ff8d8f7d7 code=0x7ffc0000 [ 92.809842][ T28] audit: type=1326 audit(1768016661.567:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.2.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5ff8d8df90 code=0x7ffc0000 [ 92.833859][ T28] audit: type=1326 audit(1768016661.567:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.2.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5ff8d8f34b code=0x7ffc0000 [ 92.860085][ T28] audit: type=1326 audit(1768016661.567:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.2.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5ff8d8f34b code=0x7ffc0000 [ 92.911601][ T28] audit: type=1326 audit(1768016661.567:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.2.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5ff8dc2005 code=0x7ffc0000 [ 93.220347][ T1104] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 93.530901][ T5995] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 93.740415][ T5998] program syz.0.41 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 95.025823][ T6006] veth0: entered promiscuous mode [ 95.046437][ T6006] netlink: 4 bytes leftover after parsing attributes in process `syz.0.44'. [ 95.495152][ T6017] loop2: detected capacity change from 0 to 2048 [ 95.521211][ T6017] EXT4-fs: Ignoring removed bh option [ 95.542127][ T6019] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2 [ 95.576616][ T6017] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.590570][ T6019] netdevsim netdevsim1: Falling back to sysfs fallback for: ./file0 [ 95.721712][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.397379][ T6052] loop2: detected capacity change from 0 to 128 [ 97.466075][ T6052] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 97.522123][ T6052] ext4 filesystem being mounted at /21/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 97.604294][ T6052] mmap: syz.2.62 (6052) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 97.749783][ T5776] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 97.945053][ T6061] loop3: detected capacity change from 0 to 128 [ 97.953521][ T6060] 9pnet_fd: Insufficient options for proto=fd [ 98.074418][ T6063] syz.3.63: attempt to access beyond end of device [ 98.074418][ T6063] loop3: rw=2049, sector=145, nr_sectors = 256 limit=128 [ 99.366296][ T6075] loop1: detected capacity change from 0 to 512 [ 99.374071][ T6075] EXT4-fs: Ignoring removed nomblk_io_submit option [ 99.415534][ T6075] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 99.428842][ T6075] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 99.446573][ T6075] EXT4-fs (loop1): 1 truncate cleaned up [ 99.455669][ T6075] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.548041][ T28] kauditd_printk_skb: 23 callbacks suppressed [ 99.584565][ T28] audit: type=1800 audit(1768016668.567:90): pid=6075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.71" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 99.638889][ T5775] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.041181][ T6092] netlink: 28 bytes leftover after parsing attributes in process `syz.0.77'. [ 100.201913][ T6098] netlink: 16 bytes leftover after parsing attributes in process `syz.0.81'. [ 100.232386][ T6099] loop2: detected capacity change from 0 to 128 [ 101.837622][ T6110] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 104.057847][ T28] audit: type=1326 audit(1768016673.077:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 104.136779][ T28] audit: type=1326 audit(1768016673.077:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 104.178218][ T28] audit: type=1326 audit(1768016673.077:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 104.220874][ T28] audit: type=1326 audit(1768016673.077:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 104.358583][ T6137] pim6reg: entered allmulticast mode [ 104.383663][ T6137] pim6reg: left allmulticast mode [ 104.418231][ T28] audit: type=1326 audit(1768016673.077:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 104.464037][ T28] audit: type=1326 audit(1768016673.077:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 104.486978][ T28] audit: type=1326 audit(1768016673.077:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 104.509376][ T28] audit: type=1326 audit(1768016673.077:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 104.532227][ T28] audit: type=1326 audit(1768016673.077:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 104.554485][ T28] audit: type=1326 audit(1768016673.077:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 104.577180][ T28] audit: type=1326 audit(1768016673.077:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 104.599707][ T28] audit: type=1326 audit(1768016673.077:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 104.640832][ T28] audit: type=1326 audit(1768016673.077:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 104.812020][ T28] audit: type=1326 audit(1768016673.077:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 105.150680][ T28] audit: type=1326 audit(1768016673.077:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 105.240661][ T28] audit: type=1326 audit(1768016673.077:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 105.338823][ T28] audit: type=1326 audit(1768016673.077:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 105.401389][ T28] audit: type=1326 audit(1768016673.077:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 105.404604][ T6141] tmpfs: Bad value for 'mpol' [ 105.429566][ T28] audit: type=1326 audit(1768016673.077:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.92" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 105.673254][ T6145] loop1: detected capacity change from 0 to 1024 [ 105.746020][ T6145] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 105.908046][ T5775] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.120835][ T6157] can0: slcan on ttyS3. [ 106.179229][ T6159] loop1: detected capacity change from 0 to 1024 [ 106.239981][ T6159] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 106.256686][ T6161] loop0: detected capacity change from 0 to 1024 [ 106.275932][ T6165] syz.3.106[6165] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 106.276169][ T6165] syz.3.106[6165] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 106.288647][ T6156] can0 (unregistered): slcan off ttyS3. [ 106.308418][ T6159] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 106.345702][ T6161] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.392707][ T6159] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: comm syz.1.103: lblock 0 mapped to illegal pblock 0 (length 6) [ 106.575190][ T5775] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 106.769280][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.047141][ T6190] program syz.0.111 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 107.140615][ T6194] loop1: detected capacity change from 0 to 164 [ 107.157983][ T6194] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 107.206938][ T6194] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 107.256066][ T6194] Symlink component flag not implemented [ 107.262321][ T6194] Symlink component flag not implemented [ 107.274218][ T6194] Symlink component flag not implemented (7) [ 107.298260][ T6194] Symlink component flag not implemented (116) [ 107.617166][ T6204] loop1: detected capacity change from 0 to 512 [ 107.632585][ T6202] netlink: 4 bytes leftover after parsing attributes in process `syz.0.118'. [ 107.655809][ T6204] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 107.696073][ T6204] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.739662][ T6204] ext4 filesystem being mounted at /27/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 108.430952][ T6222] netlink: 8 bytes leftover after parsing attributes in process `syz.3.123'. [ 108.672250][ T5775] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.898318][ T6235] netlink: 44 bytes leftover after parsing attributes in process `syz.3.125'. [ 108.907533][ T6235] netlink: 8 bytes leftover after parsing attributes in process `syz.3.125'. [ 108.976580][ T6239] netlink: 12 bytes leftover after parsing attributes in process `syz.0.127'. [ 109.409519][ T6255] netlink: 300 bytes leftover after parsing attributes in process `syz.2.132'. [ 109.765970][ T6265] loop1: detected capacity change from 0 to 1024 [ 109.785389][ T6265] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 109.805918][ T6265] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 109.824241][ T6265] JBD2: no valid journal superblock found [ 109.831355][ T6265] EXT4-fs (loop1): Could not load journal inode [ 109.831674][ T6261] loop3: detected capacity change from 0 to 4096 [ 109.891099][ T6261] netlink: 4 bytes leftover after parsing attributes in process `syz.3.135'. [ 110.259821][ T6271] process 'syz.1.139' launched './file1' with NULL argv: empty string added [ 110.391283][ T28] kauditd_printk_skb: 87 callbacks suppressed [ 110.391300][ T28] audit: type=1326 audit(1768016679.417:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 110.492938][ T28] audit: type=1326 audit(1768016679.417:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 110.558372][ T28] audit: type=1326 audit(1768016679.457:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 110.625733][ T28] audit: type=1326 audit(1768016679.457:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 110.662179][ T28] audit: type=1326 audit(1768016679.457:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 110.691056][ T28] audit: type=1326 audit(1768016679.477:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 110.736002][ T28] audit: type=1326 audit(1768016679.477:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 110.763240][ T28] audit: type=1326 audit(1768016679.477:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 110.819699][ T28] audit: type=1326 audit(1768016679.477:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 110.851916][ T28] audit: type=1326 audit(1768016679.477:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f5ff8d8f749 code=0x7ffc0000 [ 111.989195][ T6286] bridge0: entered promiscuous mode [ 112.002925][ T6286] bridge0: left promiscuous mode [ 112.371673][ T6296] loop2: detected capacity change from 0 to 512 [ 112.398775][ T6296] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 112.495927][ T6296] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.525948][ T6296] ext4 filesystem being mounted at /47/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 112.769943][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.911273][ T6313] loop2: detected capacity change from 0 to 1024 [ 113.937449][ T6313] EXT4-fs: Ignoring removed mblk_io_submit option [ 114.034895][ T6313] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 114.131536][ T6313] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #11: comm syz.2.153: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 114.168187][ T6313] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.153: couldn't read orphan inode 11 (err -117) [ 114.190715][ T6313] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.276541][ T6313] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:478: comm syz.2.153: Invalid block bitmap block 0 in block_group 0 [ 114.366571][ T6313] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.153: Failed to acquire dquot type 0 [ 114.517433][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.875219][ T6322] netlink: 8 bytes leftover after parsing attributes in process `syz.2.158'. [ 114.884698][ T6322] netlink: 4 bytes leftover after parsing attributes in process `syz.2.158'. [ 115.090257][ T6328] loop0: detected capacity change from 0 to 128 [ 115.124720][ T6328] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 115.170108][ T6328] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 116.244127][ T5766] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 116.485210][ T6350] tipc: Started in network mode [ 116.514812][ T6350] tipc: Node identity 061189a0a005, cluster identity 4711 [ 116.544037][ T6350] tipc: Enabled bearer , priority 0 [ 116.599677][ T6355] tipc: Disabling bearer [ 116.756670][ T6360] loop1: detected capacity change from 0 to 128 [ 116.844472][ T6363] syz.3.173[6363] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 116.844614][ T6363] syz.3.173[6363] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 117.731111][ T28] kauditd_printk_skb: 48 callbacks suppressed [ 117.731126][ T28] audit: type=1326 audit(1768016686.757:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.0.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e19b8f749 code=0x7ffc0000 [ 117.828459][ T28] audit: type=1326 audit(1768016686.797:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.0.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e19b8f749 code=0x7ffc0000 [ 117.888194][ T28] audit: type=1326 audit(1768016686.797:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.0.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e19b8f749 code=0x7ffc0000 [ 117.960092][ T28] audit: type=1326 audit(1768016686.807:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.0.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e19b8f749 code=0x7ffc0000 [ 117.962355][ T6383] netlink: 20 bytes leftover after parsing attributes in process `syz.0.180'. [ 118.028397][ T28] audit: type=1326 audit(1768016686.807:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.0.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e19b8f749 code=0x7ffc0000 [ 118.088343][ T28] audit: type=1326 audit(1768016686.807:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.0.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e19b8f749 code=0x7ffc0000 [ 118.158338][ T28] audit: type=1326 audit(1768016686.807:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.0.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e19b8f749 code=0x7ffc0000 [ 118.208156][ T28] audit: type=1326 audit(1768016686.807:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.0.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e19b8f749 code=0x7ffc0000 [ 118.271549][ T28] audit: type=1326 audit(1768016686.807:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.0.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e19b8f749 code=0x7ffc0000 [ 118.418219][ T28] audit: type=1326 audit(1768016686.807:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.0.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e19b8f749 code=0x7ffc0000 [ 118.879068][ T6403] syz.0.187[6403] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 118.879208][ T6403] syz.0.187[6403] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 119.010585][ T6405] loop2: detected capacity change from 0 to 512 [ 119.057798][ T6405] EXT4-fs (loop2): Test dummy encryption mode enabled [ 119.069345][ T6405] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 119.123187][ T6405] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.188: bad orphan inode 131083 [ 119.160223][ T6412] loop0: detected capacity change from 0 to 1024 [ 119.184328][ T6405] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.209209][ T6412] EXT4-fs: Ignoring removed orlov option [ 119.359887][ T6412] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 119.498673][ T6412] 9pnet_fd: Insufficient options for proto=fd [ 120.101403][ T6423] netlink: 28 bytes leftover after parsing attributes in process `syz.0.189'. [ 120.143972][ T6423] netlink: 28 bytes leftover after parsing attributes in process `syz.0.189'. [ 120.186019][ T6423] team0: entered promiscuous mode [ 120.201380][ T6423] team_slave_0: entered promiscuous mode [ 120.215317][ T6423] team_slave_1: entered promiscuous mode [ 120.239171][ T6423] bond0: entered promiscuous mode [ 120.246717][ T6423] bond_slave_0: entered promiscuous mode [ 120.273074][ T6423] bond_slave_1: entered promiscuous mode [ 120.343877][ T6423] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 120.491165][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.595186][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.650772][ T6425] loop1: detected capacity change from 0 to 512 [ 120.661689][ T6425] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1) [ 120.677220][ T6425] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 120.822539][ T6425] FAT-fs (loop1): FAT read failed (blocknr 128) [ 122.945899][ T28] kauditd_printk_skb: 13 callbacks suppressed [ 122.945913][ T28] audit: type=1326 audit(1768016691.967:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6455 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 123.015445][ T28] audit: type=1326 audit(1768016691.967:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6455 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 123.043946][ T6456] loop1: detected capacity change from 0 to 1024 [ 123.076775][ T28] audit: type=1326 audit(1768016692.017:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6455 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 123.109886][ T6456] EXT4-fs: inline encryption not supported [ 123.148358][ T6456] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 123.168135][ T28] audit: type=1326 audit(1768016692.017:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6455 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 123.208187][ T28] audit: type=1326 audit(1768016692.017:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6455 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 123.260373][ T28] audit: type=1326 audit(1768016692.017:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6455 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 123.262782][ T6456] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 123.297272][ T28] audit: type=1326 audit(1768016692.017:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6455 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 123.319817][ T28] audit: type=1326 audit(1768016692.017:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6455 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 123.342118][ T28] audit: type=1326 audit(1768016692.017:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6455 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 123.364614][ T28] audit: type=1326 audit(1768016692.017:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6455 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efee3b8f749 code=0x7ffc0000 [ 123.977771][ T5775] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.173399][ T6475] netlink: 36 bytes leftover after parsing attributes in process `syz.1.209'. [ 124.420542][ T6480] batman_adv: batadv0: Adding interface: dummy0 [ 124.427180][ T6480] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 124.465981][ T6480] batman_adv: batadv0: Interface activated: dummy0 [ 124.525247][ T6482] batadv0: mtu less than device minimum [ 124.540908][ T6482] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 124.553832][ T6482] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 124.566549][ T6482] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 124.579209][ T6482] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 124.591840][ T6482] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 124.604319][ T6482] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 124.616999][ T6482] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 124.629637][ T6482] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 124.642247][ T6482] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 125.991681][ T6517] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 126.021315][ T6517] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 126.549908][ T6527] netlink: 4 bytes leftover after parsing attributes in process `syz.1.229'. [ 126.611472][ T6524] serio: Serial port ptm0 [ 126.777590][ T6524] serio: Serial port ptm0 [ 126.967275][ T6531] netlink: 68 bytes leftover after parsing attributes in process `syz.1.230'. [ 127.230008][ T6539] loop2: detected capacity change from 0 to 128 [ 127.262674][ T6539] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 127.296905][ T6543] loop0: detected capacity change from 0 to 128 [ 127.322020][ T6539] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 127.347218][ T6543] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 127.395062][ T6539] EXT4-fs (loop2): shut down requested (2) [ 127.529689][ T5776] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 128.508506][ T6564] infiniband syb2: RDMA CMA: cma_listen_on_dev, error -98 [ 129.517102][ T28] kauditd_printk_skb: 151 callbacks suppressed [ 129.517117][ T28] audit: type=1326 audit(1768016698.537:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6575 comm="syz.0.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e19b8f749 code=0x7ffc0000 [ 129.637833][ T28] audit: type=1326 audit(1768016698.567:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6575 comm="syz.0.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e19b8f749 code=0x7ffc0000 [ 129.693285][ T28] audit: type=1326 audit(1768016698.577:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6575 comm="syz.0.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7f6e19b8f749 code=0x7ffc0000 [ 129.716319][ T28] audit: type=1326 audit(1768016698.577:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6575 comm="syz.0.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e19b8f749 code=0x7ffc0000 [ 129.746715][ T28] audit: type=1326 audit(1768016698.577:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6575 comm="syz.0.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e19b8f749 code=0x7ffc0000 [ 129.850463][ T28] audit: type=1326 audit(1768016698.877:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6583 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d458f749 code=0x7ffc0000 [ 129.947799][ T28] audit: type=1326 audit(1768016698.897:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6583 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68d458f749 code=0x7ffc0000 [ 130.097884][ T28] audit: type=1326 audit(1768016698.897:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6583 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d458f749 code=0x7ffc0000 [ 130.194296][ T28] audit: type=1326 audit(1768016698.897:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6583 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d458f749 code=0x7ffc0000 [ 130.216995][ T28] audit: type=1326 audit(1768016698.897:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6583 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f68d458f749 code=0x7ffc0000 [ 130.727483][ T6600] syz.3.257[6600] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 130.732100][ T6600] syz.3.257[6600] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 130.981642][ T6604] loop3: detected capacity change from 0 to 512 [ 131.042576][ T6608] syz.2.260[6608] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 131.042721][ T6608] syz.2.260[6608] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 131.149776][ T6604] [ 131.163410][ T6604] ====================================================== [ 131.170469][ T6604] WARNING: possible circular locking dependency detected [ 131.177627][ T6604] syzkaller #0 Not tainted [ 131.182066][ T6604] ------------------------------------------------------ [ 131.189115][ T6604] syz.3.259/6604 is trying to acquire lock: [ 131.195117][ T6604] ffff88805e3f4bd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x170/0x2f0 [ 131.205221][ T6604] [ 131.205221][ T6604] but task is already holding lock: [ 131.212612][ T6604] ffff88805d35e4c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0 [ 131.222504][ T6604] [ 131.222504][ T6604] which lock already depends on the new lock. [ 131.222504][ T6604] [ 131.232978][ T6604] [ 131.232978][ T6604] the existing dependency chain (in reverse order) is: [ 131.242025][ T6604] [ 131.242025][ T6604] -> #1 (&ei->xattr_sem){++++}-{3:3}: [ 131.249636][ T6604] down_read+0x46/0x2e0 [ 131.254349][ T6604] ext4_xattr_get+0x10b/0x6a0 [ 131.259681][ T6604] ext4_get_acl+0x84/0x670 [ 131.264666][ T6604] __get_acl+0x26d/0x3f0 [ 131.269488][ T6604] posix_acl_create+0x131/0x440 [ 131.274938][ T6604] ext4_init_acl+0xb4/0x320 [ 131.280007][ T6604] __ext4_new_inode+0x2e49/0x3a00 [ 131.285591][ T6604] ext4_ext_migrate+0x66b/0xff0 [ 131.291008][ T6604] ext4_ioctl+0x1c4b/0x3820 [ 131.296107][ T6604] __se_sys_ioctl+0xfd/0x170 [ 131.301264][ T6604] do_syscall_64+0x55/0xb0 [ 131.306236][ T6604] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 131.312690][ T6604] [ 131.312690][ T6604] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 131.321166][ T6604] __lock_acquire+0x2ddb/0x7c80 [ 131.326589][ T6604] lock_acquire+0x197/0x410 [ 131.331644][ T6604] percpu_down_read+0x44/0x1a0 [ 131.337050][ T6604] ext4_writepages+0x170/0x2f0 [ 131.342371][ T6604] do_writepages+0x3a2/0x600 [ 131.347516][ T6604] __writeback_single_inode+0x153/0xee0 [ 131.353614][ T6604] writeback_single_inode+0x211/0x720 [ 131.359636][ T6604] write_inode_now+0x161/0x1e0 [ 131.364948][ T6604] iput+0x5b2/0x920 [ 131.369306][ T6604] ext4_xattr_block_set+0x273a/0x32a0 [ 131.375232][ T6604] ext4_expand_extra_isize_ea+0x10ea/0x19e0 [ 131.381673][ T6604] __ext4_expand_extra_isize+0x306/0x400 [ 131.387856][ T6604] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 131.393866][ T6604] ext4_evict_inode+0x7ed/0xea0 [ 131.399262][ T6604] evict+0x486/0x870 [ 131.403700][ T6604] ext4_orphan_cleanup+0xbd4/0x1400 [ 131.409456][ T6604] ext4_fill_super+0x5de4/0x66c0 [ 131.414939][ T6604] get_tree_bdev+0x3e4/0x510 [ 131.420075][ T6604] vfs_get_tree+0x8c/0x280 [ 131.425122][ T6604] do_new_mount+0x24b/0xa40 [ 131.430174][ T6604] __se_sys_mount+0x2da/0x3c0 [ 131.435402][ T6604] do_syscall_64+0x55/0xb0 [ 131.440390][ T6604] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 131.446831][ T6604] [ 131.446831][ T6604] other info that might help us debug this: [ 131.446831][ T6604] [ 131.457077][ T6604] Possible unsafe locking scenario: [ 131.457077][ T6604] [ 131.464547][ T6604] CPU0 CPU1 [ 131.469931][ T6604] ---- ---- [ 131.475315][ T6604] lock(&ei->xattr_sem); [ 131.479669][ T6604] lock(&sbi->s_writepages_rwsem); [ 131.487414][ T6604] lock(&ei->xattr_sem); [ 131.494284][ T6604] rlock(&sbi->s_writepages_rwsem); [ 131.499676][ T6604] [ 131.499676][ T6604] *** DEADLOCK *** [ 131.499676][ T6604] [ 131.507845][ T6604] 3 locks held by syz.3.259/6604: [ 131.512881][ T6604] #0: ffff88805e3f20e0 (&type->s_umount_key#31){++++}-{3:3}, at: get_tree_bdev+0x344/0x510 [ 131.523101][ T6604] #1: ffff88805e3f2608 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2b9/0xea0 [ 131.532544][ T6604] #2: ffff88805d35e4c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0 [ 131.542852][ T6604] [ 131.542852][ T6604] stack backtrace: [ 131.548770][ T6604] CPU: 0 PID: 6604 Comm: syz.3.259 Not tainted syzkaller #0 [ 131.556124][ T6604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 131.566240][ T6604] Call Trace: [ 131.569551][ T6604] [ 131.572688][ T6604] dump_stack_lvl+0x16c/0x230 [ 131.577396][ T6604] ? load_image+0x3b0/0x3b0 [ 131.581934][ T6604] ? show_regs_print_info+0x20/0x20 [ 131.587172][ T6604] ? print_circular_bug+0x12b/0x1a0 [ 131.592400][ T6604] check_noncircular+0x2bd/0x3c0 [ 131.597455][ T6604] ? look_up_lock_class+0x75/0x140 [ 131.602592][ T6604] ? print_deadlock_bug+0x5d0/0x5d0 [ 131.607816][ T6604] ? lockdep_lock+0xe0/0x220 [ 131.612440][ T6604] ? _find_first_zero_bit+0xd3/0x100 [ 131.617763][ T6604] __lock_acquire+0x2ddb/0x7c80 [ 131.622643][ T6604] ? mark_lock+0x94/0x320 [ 131.626991][ T6604] ? verify_lock_unused+0x140/0x140 [ 131.632254][ T6604] ? __lock_acquire+0x1334/0x7c80 [ 131.637303][ T6604] ? verify_lock_unused+0x140/0x140 [ 131.642533][ T6604] lock_acquire+0x197/0x410 [ 131.647065][ T6604] ? ext4_writepages+0x170/0x2f0 [ 131.652034][ T6604] ? __might_sleep+0xe0/0xe0 [ 131.656650][ T6604] ? mark_lock+0x94/0x320 [ 131.661004][ T6604] ? read_lock_is_recursive+0x20/0x20 [ 131.666407][ T6604] ? __lock_acquire+0x1334/0x7c80 [ 131.671458][ T6604] percpu_down_read+0x44/0x1a0 [ 131.676252][ T6604] ? ext4_writepages+0x170/0x2f0 [ 131.681222][ T6604] ext4_writepages+0x170/0x2f0 [ 131.686014][ T6604] ? ext4_read_folio+0x2f0/0x2f0 [ 131.690989][ T6604] ? __rwlock_init+0x150/0x150 [ 131.695789][ T6604] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 131.701708][ T6604] ? do_raw_spin_unlock+0x121/0x230 [ 131.706927][ T6604] ? ext4_read_folio+0x2f0/0x2f0 [ 131.711896][ T6604] do_writepages+0x3a2/0x600 [ 131.716522][ T6604] ? folio_clear_dirty_for_io+0xc30/0xc30 [ 131.722274][ T6604] ? writeback_single_inode+0x206/0x720 [ 131.727931][ T6604] ? __lock_acquire+0x7c80/0x7c80 [ 131.732981][ T6604] ? do_raw_spin_lock+0x121/0x2c0 [ 131.738031][ T6604] ? get_tree_bdev+0x3e4/0x510 [ 131.742825][ T6604] __writeback_single_inode+0x153/0xee0 [ 131.748405][ T6604] writeback_single_inode+0x211/0x720 [ 131.753805][ T6604] ? write_inode_now+0x1e0/0x1e0 [ 131.758771][ T6604] write_inode_now+0x161/0x1e0 [ 131.763560][ T6604] ? bdi_split_work_to_wbs+0x890/0x890 [ 131.769051][ T6604] ? do_raw_spin_unlock+0x121/0x230 [ 131.774292][ T6604] iput+0x5b2/0x920 [ 131.778130][ T6604] ext4_xattr_block_set+0x273a/0x32a0 [ 131.783529][ T6604] ? __might_sleep+0xe0/0xe0 [ 131.788154][ T6604] ? xattr_find_entry+0x12b/0x2f0 [ 131.793208][ T6604] ? ext4_xattr_block_find+0x350/0x350 [ 131.798696][ T6604] ? ext4_xattr_block_find+0x2d4/0x350 [ 131.804184][ T6604] ext4_expand_extra_isize_ea+0x10ea/0x19e0 [ 131.810138][ T6604] __ext4_expand_extra_isize+0x306/0x400 [ 131.815827][ T6604] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 131.821331][ T6604] ext4_evict_inode+0x7ed/0xea0 [ 131.826294][ T6604] ? _raw_spin_unlock+0x28/0x40 [ 131.831175][ T6604] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 131.837096][ T6604] ? do_raw_spin_unlock+0x121/0x230 [ 131.842324][ T6604] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 131.848242][ T6604] evict+0x486/0x870 [ 131.852157][ T6604] ? __lock_acquire+0x7c80/0x7c80 [ 131.857210][ T6604] ? proc_nr_inodes+0x230/0x230 [ 131.862089][ T6604] ? do_raw_spin_unlock+0x121/0x230 [ 131.867309][ T6604] ? _raw_spin_unlock+0x28/0x40 [ 131.872179][ T6604] ? iput+0x70a/0x920 [ 131.876183][ T6604] ext4_orphan_cleanup+0xbd4/0x1400 [ 131.881420][ T6604] ? ext4_orphan_del+0xba0/0xba0 [ 131.886391][ T6604] ? ext4_register_li_request+0x183/0x940 [ 131.892175][ T6604] ? errseq_check_and_advance+0x66/0x120 [ 131.897837][ T6604] ext4_fill_super+0x5de4/0x66c0 [ 131.902814][ T6604] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 131.909167][ T6604] ? __might_sleep+0xe0/0xe0 [ 131.913784][ T6604] ? read_lock_is_recursive+0x20/0x20 [ 131.919175][ T6604] ? snprintf+0xdb/0x120 [ 131.923448][ T6604] ? vscnprintf+0x80/0x80 [ 131.927801][ T6604] ? down_write+0x162/0x1f0 [ 131.932323][ T6604] ? down_read_killable+0x340/0x340 [ 131.937552][ T6604] ? setup_bdev_super+0x56b/0x660 [ 131.942599][ T6604] get_tree_bdev+0x3e4/0x510 [ 131.947226][ T6604] ? vfs_parse_fs_string+0x160/0x160 [ 131.952567][ T6604] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 131.958935][ T6604] ? setup_bdev_super+0x660/0x660 [ 131.963988][ T6604] ? apparmor_capable+0x137/0x1a0 [ 131.969038][ T6604] ? bpf_lsm_capable+0x9/0x10 [ 131.973748][ T6604] ? security_capable+0x89/0xb0 [ 131.978628][ T6604] vfs_get_tree+0x8c/0x280 [ 131.983065][ T6604] do_new_mount+0x24b/0xa40 [ 131.987600][ T6604] __se_sys_mount+0x2da/0x3c0 [ 131.992301][ T6604] ? __x64_sys_mount+0xc0/0xc0 [ 131.997089][ T6604] ? lockdep_hardirqs_on+0x98/0x150 [ 132.002318][ T6604] ? __x64_sys_mount+0x20/0xc0 [ 132.007101][ T6604] do_syscall_64+0x55/0xb0 [ 132.011548][ T6604] ? clear_bhb_loop+0x40/0x90 [ 132.016348][ T6604] ? clear_bhb_loop+0x40/0x90 [ 132.021049][ T6604] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 132.026962][ T6604] RIP: 0033:0x7f68d4590eea [ 132.031409][ T6604] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.051069][ T6604] RSP: 002b:00007f68d54cae68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 132.059518][ T6604] RAX: ffffffffffffffda RBX: 00007f68d54caef0 RCX: 00007f68d4590eea [ 132.067508][ T6604] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f68d54caeb0 [ 132.075663][ T6604] RBP: 0000200000000180 R08: 00007f68d54caef0 R09: 0000000000800700 [ 132.083677][ T6604] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 132.091672][ T6604] R13: 00007f68d54caeb0 R14: 000000000000046f R15: 000000000000002c [ 132.099683][ T6604] [ 132.141023][ T6604] ------------[ cut here ]------------ [ 132.146568][ T6604] EA inode 11 i_nlink=2 [ 132.146886][ T6604] WARNING: CPU: 1 PID: 6604 at fs/ext4/xattr.c:1075 ext4_xattr_inode_update_ref+0x4fb/0x550 [ 132.162056][ T6604] Modules linked in: [ 132.166006][ T6604] CPU: 1 PID: 6604 Comm: syz.3.259 Not tainted syzkaller #0 [ 132.173751][ T6604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 132.184241][ T6604] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 132.191312][ T6604] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 a0 c6 be 8a 89 da e8 35 3a 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 7f a3 24 08 [ 132.211367][ T6604] RSP: 0018:ffffc90019b9f1c0 EFLAGS: 00010246 [ 132.217875][ T6604] RAX: 881818710146a000 RBX: 0000000000000002 RCX: 0000000000080000 [ 132.226303][ T6604] RDX: ffffc9000da7d000 RSI: 000000000007ffff RDI: 0000000000080000 [ 132.234668][ T6604] RBP: ffffc90019b9f2b8 R08: ffffc90019b9edc7 R09: 1ffff92003373db8 [ 132.243147][ T6604] R10: dffffc0000000000 R11: fffff52003373db9 R12: dffffc0000000000 [ 132.251554][ T6604] R13: ffff88805d345ea8 R14: ffff88805d345cb0 R15: ffff88805d345d00 [ 132.259914][ T6604] FS: 00007f68d54cb6c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 132.269067][ T6604] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.275698][ T6604] CR2: 00007f5ff9b84d58 CR3: 0000000074abe000 CR4: 00000000003506e0 [ 132.283852][ T6604] Call Trace: [ 132.287180][ T6604] [ 132.290215][ T6604] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 132.295912][ T6604] ? ext4_xattr_inode_iget+0x3df/0x600 [ 132.301478][ T6604] ext4_xattr_set_entry+0xcda/0x1e90 [ 132.306839][ T6604] ext4_xattr_ibody_set+0x254/0x6a0 [ 132.312162][ T6604] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 132.318180][ T6604] __ext4_expand_extra_isize+0x306/0x400 [ 132.323883][ T6604] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 132.329711][ T6604] ext4_evict_inode+0x7ed/0xea0 [ 132.334635][ T6604] ? _raw_spin_unlock+0x28/0x40 [ 132.339587][ T6604] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 132.345529][ T6604] ? do_raw_spin_unlock+0x121/0x230 [ 132.350838][ T6604] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 132.356820][ T6604] evict+0x486/0x870 [ 132.360810][ T6604] ? __lock_acquire+0x7c80/0x7c80 [ 132.365905][ T6604] ? proc_nr_inodes+0x230/0x230 [ 132.370975][ T6604] ? do_raw_spin_unlock+0x121/0x230 [ 132.376246][ T6604] ? _raw_spin_unlock+0x28/0x40 [ 132.381214][ T6604] ? iput+0x70a/0x920 [ 132.385253][ T6604] ext4_orphan_cleanup+0xbd4/0x1400 [ 132.390561][ T6604] ? ext4_orphan_del+0xba0/0xba0 [ 132.395563][ T6604] ? ext4_register_li_request+0x183/0x940 [ 132.401406][ T6604] ? errseq_check_and_advance+0x66/0x120 [ 132.407104][ T6604] ext4_fill_super+0x5de4/0x66c0 [ 132.412231][ T6604] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 132.418608][ T6604] ? __might_sleep+0xe0/0xe0 [ 132.423262][ T6604] ? read_lock_is_recursive+0x20/0x20 [ 132.428777][ T6604] ? snprintf+0xdb/0x120 [ 132.433085][ T6604] ? vscnprintf+0x80/0x80 [ 132.437519][ T6604] ? down_write+0x162/0x1f0 [ 132.442125][ T6604] ? down_read_killable+0x340/0x340 [ 132.447472][ T6604] ? setup_bdev_super+0x56b/0x660 [ 132.452620][ T6604] get_tree_bdev+0x3e4/0x510 [ 132.457276][ T6604] ? vfs_parse_fs_string+0x160/0x160 [ 132.462702][ T6604] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 132.469603][ T6604] ? setup_bdev_super+0x660/0x660 [ 132.474692][ T6604] ? apparmor_capable+0x137/0x1a0 [ 132.479922][ T6604] ? bpf_lsm_capable+0x9/0x10 [ 132.484685][ T6604] ? security_capable+0x89/0xb0 [ 132.489975][ T6604] vfs_get_tree+0x8c/0x280 [ 132.494452][ T6604] do_new_mount+0x24b/0xa40 [ 132.499075][ T6604] __se_sys_mount+0x2da/0x3c0 [ 132.503817][ T6604] ? __x64_sys_mount+0xc0/0xc0 [ 132.508697][ T6604] ? lockdep_hardirqs_on+0x98/0x150 [ 132.513977][ T6604] ? __x64_sys_mount+0x20/0xc0 [ 132.518858][ T6604] do_syscall_64+0x55/0xb0 [ 132.523327][ T6604] ? clear_bhb_loop+0x40/0x90 [ 132.528130][ T6604] ? clear_bhb_loop+0x40/0x90 [ 132.532872][ T6604] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 132.538970][ T6604] RIP: 0033:0x7f68d4590eea [ 132.543442][ T6604] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.563213][ T6604] RSP: 002b:00007f68d54cae68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 132.571764][ T6604] RAX: ffffffffffffffda RBX: 00007f68d54caef0 RCX: 00007f68d4590eea [ 132.579941][ T6604] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f68d54caeb0 [ 132.587970][ T6604] RBP: 0000200000000180 R08: 00007f68d54caef0 R09: 0000000000800700 [ 132.596091][ T6604] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 132.604236][ T6604] R13: 00007f68d54caeb0 R14: 000000000000046f R15: 000000000000002c [ 132.612438][ T6604] [ 132.615518][ T6604] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 132.622849][ T6604] CPU: 1 PID: 6604 Comm: syz.3.259 Not tainted syzkaller #0 [ 132.630332][ T6604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 132.640407][ T6604] Call Trace: [ 132.643710][ T6604] [ 132.646667][ T6604] dump_stack_lvl+0x16c/0x230 [ 132.651387][ T6604] ? show_regs_print_info+0x20/0x20 [ 132.656610][ T6604] ? load_image+0x3b0/0x3b0 [ 132.661201][ T6604] panic+0x2c0/0x710 [ 132.665132][ T6604] ? bpf_jit_dump+0xd0/0xd0 [ 132.669676][ T6604] __warn+0x2e0/0x470 [ 132.673703][ T6604] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 132.679730][ T6604] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 132.685732][ T6604] report_bug+0x2be/0x4f0 [ 132.690075][ T6604] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 132.696066][ T6604] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 132.702066][ T6604] ? ext4_xattr_inode_update_ref+0x4fd/0x550 [ 132.708079][ T6604] handle_bug+0xcf/0x120 [ 132.712346][ T6604] exc_invalid_op+0x1a/0x50 [ 132.716899][ T6604] asm_exc_invalid_op+0x1a/0x20 [ 132.721798][ T6604] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 132.728440][ T6604] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 a0 c6 be 8a 89 da e8 35 3a 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 7f a3 24 08 [ 132.748073][ T6604] RSP: 0018:ffffc90019b9f1c0 EFLAGS: 00010246 [ 132.754181][ T6604] RAX: 881818710146a000 RBX: 0000000000000002 RCX: 0000000000080000 [ 132.762173][ T6604] RDX: ffffc9000da7d000 RSI: 000000000007ffff RDI: 0000000000080000 [ 132.770172][ T6604] RBP: ffffc90019b9f2b8 R08: ffffc90019b9edc7 R09: 1ffff92003373db8 [ 132.778276][ T6604] R10: dffffc0000000000 R11: fffff52003373db9 R12: dffffc0000000000 [ 132.786476][ T6604] R13: ffff88805d345ea8 R14: ffff88805d345cb0 R15: ffff88805d345d00 [ 132.794498][ T6604] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 132.800205][ T6604] ? ext4_xattr_inode_iget+0x3df/0x600 [ 132.805750][ T6604] ext4_xattr_set_entry+0xcda/0x1e90 [ 132.811086][ T6604] ext4_xattr_ibody_set+0x254/0x6a0 [ 132.816321][ T6604] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 132.822354][ T6604] __ext4_expand_extra_isize+0x306/0x400 [ 132.828065][ T6604] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 132.833573][ T6604] ext4_evict_inode+0x7ed/0xea0 [ 132.838457][ T6604] ? _raw_spin_unlock+0x28/0x40 [ 132.843341][ T6604] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 132.849278][ T6604] ? do_raw_spin_unlock+0x121/0x230 [ 132.854514][ T6604] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 132.860429][ T6604] evict+0x486/0x870 [ 132.864346][ T6604] ? __lock_acquire+0x7c80/0x7c80 [ 132.869401][ T6604] ? proc_nr_inodes+0x230/0x230 [ 132.874300][ T6604] ? do_raw_spin_unlock+0x121/0x230 [ 132.879525][ T6604] ? _raw_spin_unlock+0x28/0x40 [ 132.884398][ T6604] ? iput+0x70a/0x920 [ 132.888409][ T6604] ext4_orphan_cleanup+0xbd4/0x1400 [ 132.893661][ T6604] ? ext4_orphan_del+0xba0/0xba0 [ 132.898631][ T6604] ? ext4_register_li_request+0x183/0x940 [ 132.904491][ T6604] ? errseq_check_and_advance+0x66/0x120 [ 132.910305][ T6604] ext4_fill_super+0x5de4/0x66c0 [ 132.915298][ T6604] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 132.921657][ T6604] ? __might_sleep+0xe0/0xe0 [ 132.926367][ T6604] ? read_lock_is_recursive+0x20/0x20 [ 132.931763][ T6604] ? snprintf+0xdb/0x120 [ 132.936043][ T6604] ? vscnprintf+0x80/0x80 [ 132.940402][ T6604] ? down_write+0x162/0x1f0 [ 132.944927][ T6604] ? down_read_killable+0x340/0x340 [ 132.950149][ T6604] ? setup_bdev_super+0x56b/0x660 [ 132.955191][ T6604] get_tree_bdev+0x3e4/0x510 [ 132.959838][ T6604] ? vfs_parse_fs_string+0x160/0x160 [ 132.965182][ T6604] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 132.971469][ T6604] ? setup_bdev_super+0x660/0x660 [ 132.976519][ T6604] ? apparmor_capable+0x137/0x1a0 [ 132.981570][ T6604] ? bpf_lsm_capable+0x9/0x10 [ 132.986377][ T6604] ? security_capable+0x89/0xb0 [ 132.991363][ T6604] vfs_get_tree+0x8c/0x280 [ 132.995832][ T6604] do_new_mount+0x24b/0xa40 [ 133.000366][ T6604] __se_sys_mount+0x2da/0x3c0 [ 133.005069][ T6604] ? __x64_sys_mount+0xc0/0xc0 [ 133.009855][ T6604] ? lockdep_hardirqs_on+0x98/0x150 [ 133.015081][ T6604] ? __x64_sys_mount+0x20/0xc0 [ 133.019884][ T6604] do_syscall_64+0x55/0xb0 [ 133.024340][ T6604] ? clear_bhb_loop+0x40/0x90 [ 133.029057][ T6604] ? clear_bhb_loop+0x40/0x90 [ 133.033773][ T6604] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 133.039697][ T6604] RIP: 0033:0x7f68d4590eea [ 133.044134][ T6604] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.063775][ T6604] RSP: 002b:00007f68d54cae68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 133.072404][ T6604] RAX: ffffffffffffffda RBX: 00007f68d54caef0 RCX: 00007f68d4590eea [ 133.080400][ T6604] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f68d54caeb0 [ 133.088395][ T6604] RBP: 0000200000000180 R08: 00007f68d54caef0 R09: 0000000000800700 [ 133.096392][ T6604] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 133.104411][ T6604] R13: 00007f68d54caeb0 R14: 000000000000046f R15: 000000000000002c [ 133.112434][ T6604] [ 133.116058][ T6604] Kernel Offset: disabled [ 133.120398][ T6604] Rebooting in 86400 seconds..