last executing test programs: 4.959200566s ago: executing program 3 (id=105): syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x2010410, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ftruncate(r0, 0x5) clock_gettime(0x9, &(0x7f00000000c0)) 4.477662614s ago: executing program 1 (id=108): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) close(0x4) syz_open_procfs$namespace(0x0, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0) unshare(0x6a040000) socket$inet6_mptcp(0xa, 0x1, 0x106) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback}, 0x1c) shutdown(0xffffffffffffffff, 0x1) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e21, 0x0, @dev={0xfe, 0x80, '\x00', 0x12}}}, 0x0, 0x0, 0x22, 0x0, "bb353738cb473fc7c9f1cf53b6a7b4e23602a3c364ca41d6e5615445244740bd4c0b42a21d7214bf92594925208a0e2f964e654dc534a6324d4993fcf19b2df3ee818a118a7c49462189316d556d2ccd"}, 0xd8) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4000040) sendto$inet6(0xffffffffffffffff, &(0x7f00000000c0)="e9", 0x1, 0x20008045, &(0x7f00000001c0)={0xa, 0x2, 0x1000, @empty}, 0x1c) 4.024332691s ago: executing program 1 (id=111): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xa4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3) sendmmsg$inet(r0, &(0x7f0000002040)=[{{0x0, 0x0, &(0x7f0000001b00)=[{&(0x7f0000000800)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f586136c5076a6f0f1b6fc9adf80557eb44db1b41824e9ef104c95e999766bbf27d74ad5d8fa63210cde65d384dd3e87c1fedaec3144d1ee66a0eb0750363e346cb930dae6109df6b9955bf8af119b5c9a86622af4ff8b5949fb90f8edbde416d046d61512fe4c453bb601a780e1bbc00dbedc5e50d3cd9bc920810eaefd5f9a171e9d32ab46b42e3e78c60087318bab42e94653cbdd600fba37c5a31d095500e91d02256f101e82447e34733220cdaaabc947f5b815080b5214c94a06fe96450ea42f48006c032b24d9e8d722841b7c7244b1d2cc012fcda1f7472fdbabb673ef862e32b359fad715b3f5cef6ef951abab80a4a0f5f8574395c5820fa25d07a119e23b39a87cb3b763fbfb0493121eec3e05eacbe7835e79e74881d1179013622a2a6421d51c974e6abd48a9882c8fcadbcee369346a9ad948fd5dd8f87496a30a9d888cdbcee8f3592dd69165358c4cd474639fc13300317b7fed115fb9818b20d177a3915710", 0x1c8}, {&(0x7f0000000a40)="1791613d45501cb6a8d8eaeb96ee68b2d8daad34b8c528b97ead9f051e427e309b714d3d12d8d401ee42a681834000000022ea526737b16783f6d819d82b492bf64f5475d1e1f435a4fd5de8795db130dc9a9e82dae807b69f", 0x59}], 0x2}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f198853", 0x88}], 0x1}}], 0x2, 0x2090) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 3.970190574s ago: executing program 0 (id=112): r0 = getpid() syz_pidfd_open(r0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00') read$msr(r1, &(0x7f0000000180)=""/174, 0xae) 3.942418196s ago: executing program 3 (id=113): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=@ipv6_newrule={0x44, 0x20, 0x1, 0x2000, 0x25dfdbfc, {0xa, 0x80, 0x14, 0xbc, 0x0, 0x0, 0x0, 0x5}, [@FRA_SRC={0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x4}}, @FRA_DST={0x14, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000340)=@newlink={0x48, 0x10, 0x439, 0x40, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}]}}}]}, 0x48}}, 0x0) 3.802266854s ago: executing program 0 (id=115): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) r3 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000), 0x8) r4 = socket$packet(0x11, 0x2, 0x300) r5 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x2000}, 0x4) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_RATE_DEL(r6, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000e40)={0x3c, r2, 0x6ae3e61d32b8160b, 0x0, 0x0, {0x4a}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0xa8, 0x36}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x3c}}, 0x0) getsockname$packet(r1, &(0x7f0000000940)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000b40)=ANY=[@ANYBLOB="500000001000370400000000ffdbdf2500000000", @ANYRES32=r7, @ANYBLOB="01f5050000000000300012800b00010067656e6576650000200002800500040001000000140007"], 0x50}, 0x1, 0x0, 0x0, 0x11}, 0x40004) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x30, r9, 0x1, 0x0, 0x0, {{}, {}, {0x6, 0x18, {0x732, @bearer=@udp='udp:syz2\x00'}}}}, 0x30}, 0x1, 0x0, 0x0, 0x41}, 0x0) sendmsg$TIPC_CMD_GET_MAX_PORTS(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x1c, r9, 0x200, 0x70bd2c, 0x25dfdbfe}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x890) 3.801037794s ago: executing program 1 (id=116): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2000c16, &(0x7f0000000280), 0xff, 0x25e, &(0x7f0000000e80)="$eJzs3U1IHGcYB/BnZndr1aXY9lIo/YBSSiuIvRV6sZcWhCJSSqEtWErppUULVulNe8olh+QYkuApFwm5xeQYvEguCYGcTOLBXAKJ5BDJIQnZsDsr+JVo3HUnZH4/WOfDd97nHWb+74g4GEBh9UXEUESUIqI/IioRkWxu8HH26WtuznUvjUXUaj/cTxrtsu3MxnG9ETEbEV9FxGKaxF/liOmFX1YfLn/32dGpyqdnFn7u7uhJNq2trny/fnrkyPnhL6evXr87ksRQVLecV/slu+wrJxHvHEaxV0RSznsE7Mfof+du1HP/bkR80sh/JdLILt6xyTcWK/HFqecde/zetfc7OVag/Wq1Sv0ZOFsDCieNiGok6UBEZOtpOjCQ/Qx/s9ST/j0x+W//nxNT43/kPVMB7VKNWPn2YteF3m35v1PK8g+8prJfSq38ODp/q76yXsp7QEBHfJAt6s///t9mPg/5h8KRfygu+Yfikn8oLvmH4pJ/KC75h4J42vxjv0275B+KS/6huA6c/xNPDm9QQEdszj8AUCy1rgO9Ndzel5CBXOQ9/wAAAAAAAAAAAAAAAAAAADvNdS+NbXza02N5zxaXT0asfZM13Vm/1Ph/xBFvNr72PEi29Jjsq8KL/fpRix206GzOb1+/dTvf+lc+zLf+zHjE7P8RMVgu77z/kub9d3Bv7/H9yu8tFnhJybbtr3/qbP3tHs/nW394OeJSff4Z3G3+SeO9xnL3+adav34t1v/nUYsdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0DHPAgAA///B2nXP") r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x182) r1 = openat(0xffffffffffffff9c, 0x0, 0x181242, 0x148) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x0, 0x0, 0x0, 0xfffffffffdffffff}) 3.683011081s ago: executing program 3 (id=117): r0 = socket(0x10, 0x803, 0x0) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, 0x0, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r2) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x38, 0x6d, 0x1, 0x0, 0x0, {}, [@IFLA_PROP_LIST={0x18, 0x34, 0x0, 0x1, [{0x14, 0x35, 'ip6_vti0\x00'}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 3.639026144s ago: executing program 2 (id=118): r0 = memfd_create(&(0x7f0000000000)='\xf3e\t\x9f\x918\xc0y\x01c\x1fnux\x00sV\ad\xb0l \xfd\xd7\x8e\x7f\x89\xb8\xc5;~\x04\x03~K\xfbP\x84=\xfa\x81\f\x1et\x10\x0e\xcf^9\xbe\\', 0x0) pwrite64(r0, &(0x7f00000008c0)='/', 0x1, 0x0) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4, 0x11, r0, 0x0) symlink(&(0x7f0000001000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') open(0x0, 0x3086c0, 0x78e22799f4a46edc) open$dir(&(0x7f0000000100)='./file0\x00', 0xc0000, 0x40) 3.557990339s ago: executing program 2 (id=119): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @broadcast}) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x4d, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084) sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001740)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdf8, {0x0, 0x0, 0x0, r5, {0x10}, {}, {0xa, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x40098}, 0x0) r6 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @dev={0xac, 0x14, 0x14, 0x41}, @empty}}}], 0x20}}], 0x1, 0x8000004) 3.438030666s ago: executing program 1 (id=120): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) close(0x3) 3.379628079s ago: executing program 3 (id=121): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, 0x0, 0x4000000) 3.311557183s ago: executing program 0 (id=122): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$inet(r0, &(0x7f0000000900)={&(0x7f0000000580)={0x2, 0x4e22, @remote}, 0x10, &(0x7f0000000880)=[{&(0x7f00000005c0)="7f118d", 0x3}, {0x0}], 0x2}, 0x4) 3.19735108s ago: executing program 3 (id=123): socket$nl_route(0x10, 0x3, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==") r0 = fspick(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x23) bpf$MAP_CREATE(0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="0e00000004000000080000000800000000000000", @ANYRESOCT=r0, @ANYBLOB="0000faf2e3ca4adf8ac05800080000000000ce2e20e9d89a8e0585297431b4fe7c9ed60f6bf93b3fa1878739f599dfb2f7affb00"/62, @ANYRESDEC, @ANYRESHEX=0x0], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRESOCT, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0) r5 = fsmount(r4, 0x0, 0x80) r6 = openat$cgroup_procs(r5, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f0000001c00), 0x12) timer_gettime(0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001080)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d3501000000000095000000000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d00000021000000008a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe320fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6420ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6ad62934782cc308e936d7637e07c201282bbbed84a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18532f4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbefc18f77700372471609e2c443e84ee5e9a5178f90512df04f3a0909c96632ae20c68c62b06e9fdc2977dfef1ced97b70263fc81c30f1354b319fe9d59d3101c4ee7375ff8673de5caff9e6ee73ccae77d1bf8f22330e8840af1ded6d5be627f7f87d5b12a2d6317825d77bef85313f541dcc4ff13f413db34d5da05648590a1685031e6955d4352bf0b7efd0b0a1e636b8aa4963d9f67de5ba91d501418bbeaac09bdd1059f3c3159e5900"/2282], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000003380)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="020000f8b970000100030000000000040001000000000010000500000000002000020000000000"], 0x24, 0x0) lchown(&(0x7f0000000040)='./file0\x00', 0xffffffffffffffff, 0x0) 3.19658587s ago: executing program 1 (id=124): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000440)={[{@max_batch_time={'max_batch_time', 0x3d, 0x479}}, {@noinit_itable}, {@jqfmt_vfsold}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resgid}, {@auto_da_alloc}, {@grpid}, {@jqfmt_vfsv0}]}, 0xfc, 0x58f, &(0x7f0000002d00)="$eJzs3U1rXFUfAPD/nUzSNu3zNIVS1IUUurBSO2kSXyoI1pWIFgu6r0MyDSWTTslMShMLtgu7cSNFELEgfgD3LotfwE9R0EKREnQhQuRO7qTTZCavE2fS+f3gtufMuTfn/nPuOTln7gw3gL51Mv0nF/FiRHydRBxtKstHVnhyZb+lJ7cm0y2J5eVP/kgiyV5r7J9k/x/OMi9ExC9fRpzJra+3urA4UyyXS3NZfrQ2e320urB49upscbo0Xbo2PjFx/o2J8bfferNjsb566a/vPn7wwfmvTi19+9OjY/eSuBBHsrLmOHbhdnPmZPGfLDUYF9bsONaBynpJ0u0TYEcGsn4+GOkYcDQGsl4PPP++iIhloE8l+j/0qcY8oLG279A6eN94/N7KAqge+1Bz/PmV90biYH1tNLyUPLMySte7Ix2oP63j59/v30u32Ph9iEOb5AG25fadiDiXz68f/5Ns/Nu5c/U3jze2to5++/sD3fQgnf+81mr+l1ud/0SL+c/hFn13Jzbv/7lHHaimrXT+907L+e/q0DUykOX+V5/zDSZXrpZL5yLi/xFxOgYPpPmN7uecX3q43K6sef6Xbmn9jblgdh6P8geePWaqWCtGxNBu4m54fCfipXyr+JPV9k9atH/6+7i0xTpOlO6/3K5s8/j31vKPEa+0bP+nd7SSje9Pjtavh9HGVbHen3dP/Nqu/m7Hn7b/8MbxjyTN92ur26/jh4N/l9qVpfEP7+D6H0o+racbneBmsVabG4sYSj5a//r402Mb+cb+afynT63E/+xkJbfh9Z8uvj7bYvx3j99tu2svtP/Uttp/+4mHH37+fbv6tzb+vV5Pnc5eyca/1rJrZasnuNvfHwAAAAAAAPSSXEQciSRXWE3ncoXCyuc7jsdwrlyp1s5cqcxfm4r6d2VHYjDXuNN9tOnzEGPZ52Eb+fE1+YmIOBYR3wwcqucLk5XyVLeDBwAAAAAAAAAAAAAAAAAAgB5xuM33/1O/DXT77IA9V3+wwYFunwXQDZs+8r8TT3oCetKm/R94bun/0L/0f+hfa/t/R54sDOwL/v5D/9L/oX/p/9C/9H8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqEsXL6bb8tKTW5NpfurGwvxM5cbZqVJ1pjA7P1mYrMxdL0xXKtPlUmGyMrvZzytXKtfHxmP+5mitVK2NVhcWL89W5q/VLl+dLU6XLpcG/5OoAAAAAAAAAAAAAAAAAAAAYH+pLizOFMvl0txqIp+VzK0v6tPEu9ETp7GXAa7Y0eH5XolibxLvD/TEaewmcSdr3u0d1aUBCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABa+DcAAP//Rm0oPg==") open(&(0x7f0000000000)='.\x00', 0x0, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000540), 0xfffffdd8) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0xffffffffffffffff, 0x4000000}, 0x50) mmap(&(0x7f00005e8000/0x1000)=nil, 0x1000, 0x2000003, 0x28011, r0, 0xffff8000) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17) 3.134100134s ago: executing program 0 (id=125): memfd_create(0x0, 0x7) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r0 = creat(&(0x7f0000001940)='./file0/file1\x00', 0x90) write$cgroup_type(r0, &(0x7f00000009c0), 0xd4ba0ff) unlink(&(0x7f0000000100)='./file0/file1\x00') rename(&(0x7f0000000440)='./file0/file1\x00', &(0x7f0000000480)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r1, 0x0, 0x22) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x44851) 2.751482507s ago: executing program 2 (id=126): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=@ipv6_newrule={0x44, 0x20, 0x1, 0x2000, 0x25dfdbfc, {0xa, 0x80, 0x14, 0xbc, 0x0, 0x0, 0x0, 0x5}, [@FRA_SRC={0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x4}}, @FRA_DST={0x14, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000340)=@newlink={0x48, 0x10, 0x439, 0x40, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}]}}}]}, 0x48}}, 0x0) 1.625728184s ago: executing program 3 (id=127): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) get_robust_list(r0, 0x0, &(0x7f00000006c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) r3 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="5c00000012006bab9e3fe3d86e6c1d000014a10d00000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dffefffffffffffffff60a64c9f4080003fe060100000400020011b53631", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x44010) socket$inet6_sctp(0xa, 0x1, 0x84) prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil) r4 = syz_io_uring_setup(0xfce, &(0x7f0000000340)={0x0, 0x3c90, 0x8, 0x2, 0x3d8}, &(0x7f00000003c0), 0x0) io_uring_register$IORING_REGISTER_BUFFERS2(r4, 0xf, 0x0, 0x0) 1.592810406s ago: executing program 2 (id=128): open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0) 1.502189901s ago: executing program 0 (id=129): r0 = socket(0x10, 0x803, 0x0) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, 0x0, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x38, 0x6d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_PROP_LIST={0x18, 0x34, 0x0, 0x1, [{0x14, 0x35, 'ip6_vti0\x00'}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 1.35729589s ago: executing program 2 (id=130): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000280)={0x0, 0x4}, 0xe) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000040)={r1, 0x0, 0xd8e, 0x7, 0x4, 0x5}, 0x14) 1.167623951s ago: executing program 0 (id=131): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000044, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@nodioread_nolock}, {@bh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@nouid32}, {@quota}, {@user_xattr}, {@nouid32}, {@dioread_nolock}]}, 0x1, 0x55e, &(0x7f0000001bc0)="$eJzs3d9rW+UbAPDnpM1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLqMJh1rHbhduBtvZAgiDsR7vfdKhv+Af8VAB0NG0QtvKic9abs1adIuWzrz+cDZ3jfnJO95cs7z9n1zTkgAA2s0+6cQ8WJEfJVEHI6IJF83HPnK0dXtlh9en8qWJFZWPv4zaWyX1Zuv1XzewbzyQkT8+kXEycLmdmuLS7PlSiWdz+tj9bkrY7XFpVOX5soz6Ux6eWJy8sybkxPvvP1Wz2J97fzf33509/0zXx5f/uan+0duJ3E2DuXrNsbxBG5srIzGaP6eFOPsYxuOr/7XizZ3haTfO8CODOV5XoysDzgcQ3nWA/99n0fECjCgEvkPA6o5DmjO7Xs0D35uPHhvdQK0Of7h1c9GYl9jbnRgOXlkZpTNd0d60H7Wxs9/3LmdLdG7zyEAOrpxMyJODw9v7v+SvP/budNdbPN4G/o/eHbuZuOf11uNfwpr459oMf452CJ3d6Jz/hfu96CZtrLx37stx79rF61GhvLa/xpjvmJy8VIlzfq2/0fEiSjuzerjW7RxZvneSrt1G8d/2ZK13xwL5vtxf3jvo8+ZLtfLTxLzRg9uRrzUcvybrB3/pMXxz96P8122cSy980q7dZ3jf7pWfoh4teXxX7+ilWx9fXKscT6MNc+Kzf66dey3du33O/7s+B/YOv6RZOP12tr22/h+3z9pu3WPxB/dn/97kk8a5T35Y9fK9fr8eMSe5MPNj0+sP7dZb26fxX/i+Nb93/r5/8va6+yPiE+7jP/W0R9f3tdN/H06/tPbOv7bL9z74LPv2rXfXf/3RqN0In+km/6vw34VY8dnMwAAAAAAAOxehYg4FEmhtFYuFEql1fs7jsaBQqVaq5+8WF24PB2N78qORLHQvNJ9eMP9EOP5/bDN+sRj9cmIOBIRXw/tb9RLU9XKdL+DBwAAAAAAAAAAAAAAAAAAgF3iYJvv/2d+H+r33gFPnZ/8hsHVMf978UtPwK7k7z8MLvkPg0v+w+CS/zC45D8MLvkPg0v+w+CS/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBT58+dy5aV5YfXp7L69NXFhdnq1VPTaW22NLcwVZqqzl8pzVSrM5W0NFWd6/R6lWr1yvhELFwbq6e1+lhtcenCXHXhcv3CpbnyTHohLT6TqAAAAAAAAAAAAAAAAAAAAOD5Ultcmi1XKum8gsKOCsO7YzcUelzod88EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOv+DQAA//8Kozfs") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0) r0 = open(&(0x7f0000000000)='./file1\x00', 0x143142, 0x80) ftruncate(r0, 0x2007ffb) sendfile(r0, r0, 0x0, 0x1000000201005) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x50) sendfile(r1, r1, 0x0, 0x800000009) 1.078430046s ago: executing program 2 (id=132): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000200)={[{@nombcache}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@nombcache}, {@nobarrier}, {@init_itable}, {@errors_remount}]}, 0x1, 0x569, &(0x7f00000002c0)="$eJzs3U1rXFUfAPD/nWT6/jxNoRQVkYALK7WTJvGlgou61mJB93VIbkPJpFMyk9LEgu3CrqW4EQviXly7LH4BF36GghaKlKALN5E7uTOdJDPJtJ0mU+f3g1vOuS8598y5/9NzcmYyAQyt8eyfQsTLEfF1EnE0IpL82GjkB8fXz1t9dGMm25JYW/v0z6RxXpZv/qzmdYfzzEsR8ctXEacKW8utLa/MlyuVdDHPT9QXrk7UlldOX14oz6Vz6ZWp6emz70xPvf/eu32r65sX/v72k3sjee7YnSTOxZE8116PZ3CzPTMe4/lrUoxzm06c7ENhgyTpuPenXb8PnsxIHufFyPqAozGSRz3w3/dlRKwBQyp54vj/rfh87gTYXc1xQHNu36d58Avj4YfrE6Ct9R9d/91IHGjMjQ6tJhtmRtl8d6wP5Wdl/PzH3TvZFv37PQTAjm7eiogzo6Nb+78k7/+e3pkeztlchv4Pds+9bPzzVqfxT6E1/okO45/DHWL3aewc/4UHfSimq2z890HH8W9r0WpsJM/9rzHmKyaXLlfSrG/7f0ScjOL+LL/des7Z1ftr3Y61j/+yLSu/ORbM7+PB6P6N18yW6+VnqXO7h7ciXuk4/k1a7Z90aP/s9bjQYxkn0ruvdTu2c/2fr7UfIt7o2P6PV7SS7dcnJxrPw0Tzqdjqr9snfu1W/l7XP2v/Q9vXfyxpX6+ttV890lMZ3x/4J43WevJGG+ofvT//+5LPGul9+b7r5Xp9cTJiX/Jxa3+huX/q8bXNfPP8rP4nX9++/+v0/B+MiM97qn3E7eM/vtrt2CC0/2zH9m/Nbje1/5Mn7n/0xXfdyu+t/3u7kTqZ7+ml/+v1Bp/ltQMAAAAAAIBBU4iII5EUSq10oVAqrb+/43gcKlSqtfqpS9WlK7PR+KzsWBQLzZXuo23vh5jMVwyb+alN+emIOBYR34wcbORLM9XK7F5XHgAAAAAAAAAAAAAAAAAAAAbE4S6f/8/8vvXPux/Y/TsEnitf+Q3Da8f478c3PQEDyf//MLzEPwwv8Q/DS/zD8BL/MLzEPwwv8Q/DS/wDAAAAAAAAAAAAAAAAAAAAAAAAAABAX104fz7b1lYf3ZjJ8rPXlpfmq9dOz6a1+dLC0kxpprp4tTRXrc5V0tJMdWGnn1epVq9OTsXS9Yl6WqtP1JZXLi5Ul67UL15eKM+lF9PirtQKAAAAAAAAAAAAAAAAAAAAXiy15ZX5cqWSLkpIPFVidDBuQ6LPib3umQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgsX8DAAD//welMww=") lsetxattr$trusted_overlay_upper(&(0x7f0000000080)='./file1\x00', &(0x7f0000000840), &(0x7f0000000940)=ANY=[], 0x361, 0x1) write$char_usb(0xffffffffffffffff, 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000100)="0d000000246804003199aee6fdb9291b3091ec1a2d41d2270a00d8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894", 0xe5}], 0x1) setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000280)='./file1\x00', &(0x7f00000000c0), &(0x7f00000001c0)=ANY=[], 0xfe37, 0x0) 0s ago: executing program 1 (id=133): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x404, &(0x7f0000000340)={[{@errors_remount}, {@nodiscard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@barrier}, {@jqfmt_vfsold}, {@quota}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") preadv2(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4, 0x3, 0x19) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.77' (ED25519) to the list of known hosts. [ 80.101940][ T5756] cgroup: Unknown subsys name 'net' [ 80.265309][ T5756] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 82.079687][ T5756] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 83.846432][ T5780] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 83.854803][ T5780] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 83.864165][ T5780] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 83.872287][ T5780] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 83.880148][ T5780] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 83.888483][ T5780] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 83.895845][ T5780] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 83.897948][ T5781] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 83.912090][ T5780] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 83.919911][ T5780] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 83.929089][ T5781] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 83.942408][ T5784] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 83.947716][ T5781] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 83.967741][ T5781] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 83.975011][ T5782] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 83.982685][ T5784] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 83.997943][ T5781] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 84.005783][ T5782] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 84.014384][ T5779] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 84.021906][ T5782] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 84.030236][ T5782] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 84.037820][ T5782] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 84.045032][ T5782] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 84.053947][ T5782] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.565385][ T5771] chnl_net:caif_netlink_parms(): no params data found [ 84.625412][ T5770] chnl_net:caif_netlink_parms(): no params data found [ 84.673076][ T5768] chnl_net:caif_netlink_parms(): no params data found [ 84.751318][ T5769] chnl_net:caif_netlink_parms(): no params data found [ 84.763764][ T5771] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.771691][ T5771] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.779440][ T5771] bridge_slave_0: entered allmulticast mode [ 84.786665][ T5771] bridge_slave_0: entered promiscuous mode [ 84.831914][ T5771] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.839921][ T5771] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.847445][ T5771] bridge_slave_1: entered allmulticast mode [ 84.854578][ T5771] bridge_slave_1: entered promiscuous mode [ 84.956235][ T5771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.968870][ T5771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.995458][ T5770] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.003570][ T5770] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.011189][ T5770] bridge_slave_0: entered allmulticast mode [ 85.018491][ T5770] bridge_slave_0: entered promiscuous mode [ 85.044255][ T5768] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.051538][ T5768] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.058913][ T5768] bridge_slave_0: entered allmulticast mode [ 85.066351][ T5768] bridge_slave_0: entered promiscuous mode [ 85.074637][ T5768] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.081951][ T5768] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.089504][ T5768] bridge_slave_1: entered allmulticast mode [ 85.097047][ T5768] bridge_slave_1: entered promiscuous mode [ 85.104348][ T5770] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.111582][ T5770] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.118857][ T5770] bridge_slave_1: entered allmulticast mode [ 85.126041][ T5770] bridge_slave_1: entered promiscuous mode [ 85.192148][ T5771] team0: Port device team_slave_0 added [ 85.214121][ T5770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.237766][ T5768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.249735][ T5771] team0: Port device team_slave_1 added [ 85.276922][ T5770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.286502][ T5769] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.296912][ T5769] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.304554][ T5769] bridge_slave_0: entered allmulticast mode [ 85.312575][ T5769] bridge_slave_0: entered promiscuous mode [ 85.322541][ T5768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.344502][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.352030][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.378640][ T5771] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.393872][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.401478][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.429389][ T5771] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.461967][ T5769] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.469370][ T5769] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.476541][ T5769] bridge_slave_1: entered allmulticast mode [ 85.484592][ T5769] bridge_slave_1: entered promiscuous mode [ 85.533948][ T5768] team0: Port device team_slave_0 added [ 85.544283][ T5770] team0: Port device team_slave_0 added [ 85.553596][ T5770] team0: Port device team_slave_1 added [ 85.582307][ T5768] team0: Port device team_slave_1 added [ 85.633274][ T5769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.665504][ T5771] hsr_slave_0: entered promiscuous mode [ 85.673439][ T5771] hsr_slave_1: entered promiscuous mode [ 85.685163][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.692511][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.718948][ T5770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.733787][ T5769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.746048][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.753114][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.780022][ T5768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.803252][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.810355][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.837161][ T5770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.865805][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.872971][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.899170][ T5768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.982088][ T5770] hsr_slave_0: entered promiscuous mode [ 85.989554][ T5770] hsr_slave_1: entered promiscuous mode [ 85.995801][ T5770] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.004537][ T5770] Cannot create hsr debugfs directory [ 86.021734][ T5769] team0: Port device team_slave_0 added [ 86.040528][ T5769] team0: Port device team_slave_1 added [ 86.130733][ T5768] hsr_slave_0: entered promiscuous mode [ 86.137312][ T5768] hsr_slave_1: entered promiscuous mode [ 86.139570][ T51] Bluetooth: hci0: command tx timeout [ 86.143067][ T5083] Bluetooth: hci1: command tx timeout [ 86.149753][ T51] Bluetooth: hci2: command tx timeout [ 86.154356][ T5782] Bluetooth: hci3: command tx timeout [ 86.167716][ T5768] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.175337][ T5768] Cannot create hsr debugfs directory [ 86.194433][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.201593][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.228384][ T5769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.242044][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.249206][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.275343][ T5769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.436052][ T5769] hsr_slave_0: entered promiscuous mode [ 86.443145][ T5769] hsr_slave_1: entered promiscuous mode [ 86.449947][ T5769] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.457950][ T5769] Cannot create hsr debugfs directory [ 86.725226][ T5771] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 86.751725][ T5771] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 86.786459][ T5771] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 86.805086][ T5771] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 86.852911][ T5770] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 86.864521][ T5770] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 86.888214][ T5770] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 86.923511][ T5770] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.097776][ T5768] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.118111][ T5768] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.162512][ T5768] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.184165][ T5768] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.341713][ T5771] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.356565][ T5769] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 87.403163][ T5769] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 87.442638][ T5769] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 87.474457][ T5769] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 87.511332][ T5771] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.536688][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.544099][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.614554][ T5770] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.625531][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.632839][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.721755][ T5770] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.782002][ T1129] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.789230][ T1129] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.808077][ T1136] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.815230][ T1136] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.858940][ T5768] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.898462][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.961072][ T5768] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.981621][ T5769] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.004667][ T1099] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.011928][ T1099] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.063518][ T1099] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.070770][ T1099] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.084701][ T1099] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.091941][ T1099] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.161811][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.169044][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.222451][ T5083] Bluetooth: hci1: command tx timeout [ 88.228884][ T5782] Bluetooth: hci2: command tx timeout [ 88.229140][ T5783] Bluetooth: hci0: command tx timeout [ 88.241141][ T51] Bluetooth: hci3: command tx timeout [ 88.351323][ T5771] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.511145][ T5771] veth0_vlan: entered promiscuous mode [ 88.536096][ T5771] veth1_vlan: entered promiscuous mode [ 88.613641][ T5771] veth0_macvtap: entered promiscuous mode [ 88.634484][ T5770] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.661888][ T5771] veth1_macvtap: entered promiscuous mode [ 88.761369][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.792577][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.849912][ T5771] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.860886][ T5771] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.869994][ T5771] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.879293][ T5771] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.894877][ T5770] veth0_vlan: entered promiscuous mode [ 88.908697][ T5768] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.940438][ T5770] veth1_vlan: entered promiscuous mode [ 88.956792][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.085080][ T5770] veth0_macvtap: entered promiscuous mode [ 89.094745][ T1129] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.112949][ T1129] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.135718][ T5768] veth0_vlan: entered promiscuous mode [ 89.154152][ T5770] veth1_macvtap: entered promiscuous mode [ 89.195440][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.206401][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.230172][ T5768] veth1_vlan: entered promiscuous mode [ 89.239816][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.250995][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.264358][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.295134][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.316780][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.330890][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.351154][ T5769] veth0_vlan: entered promiscuous mode [ 89.380805][ T5769] veth1_vlan: entered promiscuous mode [ 89.405571][ T5770] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.416006][ T5770] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.431792][ T5770] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.467330][ T5770] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.532908][ T5768] veth0_macvtap: entered promiscuous mode [ 89.591313][ T5768] veth1_macvtap: entered promiscuous mode [ 89.636213][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.652547][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.673287][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.683987][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.695829][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.707607][ T5769] veth0_macvtap: entered promiscuous mode [ 89.773962][ T5769] veth1_macvtap: entered promiscuous mode [ 89.791535][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.808164][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.835633][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.847331][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.865346][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.884111][ T5768] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.897689][ T5768] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.906890][ T5768] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.920732][ T5768] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.004946][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.016297][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.032950][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.052092][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.062475][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.074026][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.086476][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.115117][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.126905][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.138309][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.152352][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.166127][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.177194][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.189798][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.207277][ T1136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.229342][ T1136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.265753][ T5769] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.285207][ T5769] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.294532][ T5769] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.300554][ T51] Bluetooth: hci3: command tx timeout [ 90.309192][ T5769] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.309542][ T5783] Bluetooth: hci0: command tx timeout [ 90.320233][ T5083] Bluetooth: hci1: command tx timeout [ 90.324075][ T51] Bluetooth: hci2: command tx timeout [ 90.404803][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.452976][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.608252][ T1099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.616151][ T1099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.706808][ T1129] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.734045][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.753389][ T1129] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.765084][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.828671][ T5873] syz.0.1[5873]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 90.903064][ T1129] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.944304][ T1129] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.990952][ T5873] loop0: detected capacity change from 0 to 1024 [ 91.070133][ T27] audit: type=1326 audit(1769544554.612:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5876 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54499aeb9 code=0x7ffc0000 [ 91.107680][ T27] audit: type=1326 audit(1769544554.612:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5876 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54499aeb9 code=0x7ffc0000 [ 91.164117][ T5873] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 91.201813][ T27] audit: type=1326 audit(1769544554.682:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5876 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb54499aeb9 code=0x7ffc0000 [ 91.327650][ T27] audit: type=1326 audit(1769544554.682:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5876 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54499aeb9 code=0x7ffc0000 [ 91.418702][ T27] audit: type=1326 audit(1769544554.682:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5876 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54499aeb9 code=0x7ffc0000 [ 91.490778][ T5885] syz.3.4 uses obsolete (PF_INET,SOCK_PACKET) [ 91.492450][ T27] audit: type=1326 audit(1769544554.682:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5876 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb54499aeb9 code=0x7ffc0000 [ 91.598018][ T27] audit: type=1326 audit(1769544554.682:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5876 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54499aeb9 code=0x7ffc0000 [ 91.643328][ T27] audit: type=1326 audit(1769544554.682:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5876 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb54499aeb9 code=0x7ffc0000 [ 91.697222][ T27] audit: type=1326 audit(1769544554.842:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5876 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54499aeb9 code=0x7ffc0000 [ 91.761015][ T27] audit: type=1326 audit(1769544554.842:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5876 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54499aeb9 code=0x7ffc0000 [ 91.989022][ T9] cfg80211: failed to load regulatory.db [ 92.199253][ T5901] capability: warning: `syz.1.13' uses deprecated v2 capabilities in a way that may be insecure [ 92.377616][ T5782] Bluetooth: hci1: command tx timeout [ 92.383117][ T5782] Bluetooth: hci2: command tx timeout [ 92.389729][ T5083] Bluetooth: hci0: command tx timeout [ 92.395200][ T5083] Bluetooth: hci3: command tx timeout [ 92.773315][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.061871][ T5917] loop1: detected capacity change from 0 to 1024 [ 93.148276][ T5917] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 93.815012][ T5942] loop3: detected capacity change from 0 to 1024 [ 93.920333][ T5942] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.072179][ T5947] loop2: detected capacity change from 0 to 512 [ 94.229576][ T5947] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.312943][ T5947] ext4 filesystem being mounted at /5/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.514662][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.481722][ T5954] sctp: failed to load transform for md5: -2 [ 95.584020][ T5965] loop1: detected capacity change from 0 to 128 [ 95.679151][ T5965] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 95.735298][ T5965] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.759667][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.886699][ T5771] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 95.926583][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.317894][ T5980] loop3: detected capacity change from 0 to 512 [ 96.393188][ T5980] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.424665][ T5980] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 96.425993][ T5981] loop2: detected capacity change from 0 to 4096 [ 96.476624][ T5981] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 96.539871][ T27] kauditd_printk_skb: 16 callbacks suppressed [ 96.539885][ T27] audit: type=1800 audit(1769544560.092:28): pid=5980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.36" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 96.594157][ T5981] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 96.617961][ T5993] Zero length message leads to an empty skb [ 96.698293][ T5981] netlink: 8 bytes leftover after parsing attributes in process `syz.2.40'. [ 96.906523][ T5998] loop0: detected capacity change from 0 to 1024 [ 96.990050][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.011368][ T6004] netlink: 76 bytes leftover after parsing attributes in process `syz.1.47'. [ 97.050245][ T5998] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.189124][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.428647][ T6015] netlink: 104 bytes leftover after parsing attributes in process `syz.2.50'. [ 97.736471][ T6022] netlink: 4 bytes leftover after parsing attributes in process `syz.1.52'. [ 97.791022][ T6024] loop3: detected capacity change from 0 to 4096 [ 97.812029][ T6024] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 97.845349][ T6024] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 97.953916][ T6024] netlink: 8 bytes leftover after parsing attributes in process `syz.3.54'. [ 98.031962][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.170525][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.448266][ T6041] loop3: detected capacity change from 0 to 1024 [ 98.456033][ T6041] ======================================================= [ 98.456033][ T6041] WARNING: The mand mount option has been deprecated and [ 98.456033][ T6041] and is ignored by this kernel. Remove the mand [ 98.456033][ T6041] option from the mount to silence this warning. [ 98.456033][ T6041] ======================================================= [ 98.544154][ T6041] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.929090][ T6055] syzkaller0: entered promiscuous mode [ 98.934712][ T6055] syzkaller0: entered allmulticast mode [ 98.951761][ T9] usb 4-1: new low-speed USB device number 2 using dummy_hcd [ 99.162606][ T6061] loop0: detected capacity change from 0 to 1024 [ 99.187254][ T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 99.208551][ T6061] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.209702][ T9] usb 4-1: config 0 has no interfaces? [ 99.239939][ T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 99.258484][ T9] usb 4-1: config 0 has no interfaces? [ 99.268718][ T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 99.282154][ T9] usb 4-1: config 0 has no interfaces? [ 99.309629][ T9] usb 4-1: string descriptor 0 read error: -22 [ 99.316051][ T9] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 99.338575][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 99.377839][ T9] usb 4-1: config 0 descriptor?? [ 99.519071][ T6069] netlink: 12 bytes leftover after parsing attributes in process `syz.2.69'. [ 99.551870][ T6071] xt_hashlimit: size too large, truncated to 1048576 [ 100.057706][ T6075] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4047: comm syz.3.60: Allocating blocks 497-513 which overlap fs metadata [ 100.118566][ T6075] EXT4-fs (loop3): pa ffff88805d6f5000: logic 128, phys. 385, len 8 [ 100.127081][ T6075] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5388: group 0, free 0, pa_free 1 [ 100.218990][ T788] usb 4-1: USB disconnect, device number 2 [ 100.228791][ T6075] syz.3.60 (6075) used greatest stack depth: 20400 bytes left [ 100.281320][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.375041][ T6083] loop0: detected capacity change from 0 to 128 [ 100.419104][ T6083] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 100.469720][ T6083] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 100.597566][ T6041] syz.3.60 (6041) used greatest stack depth: 19336 bytes left [ 100.674754][ T5770] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 100.796434][ T5769] EXT4-fs error (device loop3): mb_free_blocks:1954: group 0, inode 30: block 369:freeing already freed block (bit 23); block bitmap corrupt. [ 100.876444][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.906724][ T6089] syzkaller0: entered promiscuous mode [ 100.924487][ T6089] syzkaller0: entered allmulticast mode [ 101.134953][ T6094] loop0: detected capacity change from 0 to 4096 [ 101.171682][ T6094] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 101.218338][ T6094] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 101.662023][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.930273][ T6116] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 102.937369][ T6116] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 102.949822][ T6118] loop2: detected capacity change from 0 to 128 [ 102.958575][ T6116] netlink: 4 bytes leftover after parsing attributes in process `syz.0.84'. [ 102.979745][ T6116] hsr_slave_0: left promiscuous mode [ 102.990953][ T6118] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 103.012826][ T6116] hsr_slave_1: left promiscuous mode [ 103.035980][ T6118] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 103.195228][ T5768] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 103.828959][ T6136] loop3: detected capacity change from 0 to 1024 [ 103.886176][ T6136] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.933943][ T6143] loop0: detected capacity change from 0 to 128 [ 104.009400][ T6143] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 104.056025][ T6143] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 104.171552][ T5770] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 104.489321][ T6157] loop0: detected capacity change from 0 to 1024 [ 104.568962][ T5787] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 104.740850][ T6160] loop1: detected capacity change from 0 to 128 [ 104.824785][ T6160] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 104.915598][ T6160] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 105.134288][ T5771] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 105.289745][ T6168] loop2: detected capacity change from 0 to 128 [ 105.301491][ T6168] EXT4-fs: Ignoring removed orlov option [ 105.310835][ T6168] EXT4-fs: Ignoring removed nomblk_io_submit option [ 105.322464][ T6168] EXT4-fs: Ignoring removed nomblk_io_submit option [ 105.338800][ T6168] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 105.351554][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.402791][ T6168] ext4 filesystem being mounted at /29/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 105.432775][ T6173] loop0: detected capacity change from 0 to 128 [ 105.524391][ T6173] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 105.564173][ T6173] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 105.600267][ T6177] loop3: detected capacity change from 0 to 128 [ 105.699606][ T5770] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 105.820143][ T6177] syz.3.105: attempt to access beyond end of device [ 105.820143][ T6177] loop3: rw=2049, sector=138, nr_sectors = 32 limit=128 [ 105.863994][ T6177] syz.3.105: attempt to access beyond end of device [ 105.863994][ T6177] loop3: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 105.947696][ T6180] syz.3.105: attempt to access beyond end of device [ 105.947696][ T6180] loop3: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 105.975110][ T6180] Buffer I/O error on dev loop3, logical block 69, lost async page write [ 106.067739][ T5768] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 106.500051][ T6204] loop1: detected capacity change from 0 to 128 [ 106.531879][ T6204] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 106.679699][ T6204] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 106.701081][ T6203] geneve2: entered promiscuous mode [ 106.755691][ T5771] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 106.782756][ T6212] syzkaller0: entered promiscuous mode [ 106.806308][ T6212] syzkaller0: entered allmulticast mode [ 107.121554][ T6222] loop3: detected capacity change from 0 to 512 [ 107.201971][ T6222] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.233291][ T6223] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.246141][ T6222] ext4 filesystem being mounted at /26/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 108.624805][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.100008][ T6250] set_capacity_and_notify: 1 callbacks suppressed [ 109.100024][ T6250] loop0: detected capacity change from 0 to 1024 [ 109.114561][ T6250] EXT4-fs: Ignoring removed bh option [ 109.131598][ T6250] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 110.098591][ T6250] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.213400][ T6256] loop2: detected capacity change from 0 to 1024 [ 110.226991][ C0] sched: RT throttling activated [ 110.228898][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.387463][ T6256] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.552807][ T6256] ================================================================== [ 110.560961][ T6256] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x94b/0x1e90 [ 110.568763][ T6256] Read of size 18446744073709551588 at addr ffff88801e77f040 by task syz.2.132/6256 [ 110.578165][ T6256] [ 110.580533][ T6256] CPU: 1 PID: 6256 Comm: syz.2.132 Not tainted syzkaller #0 [ 110.587845][ T6256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 110.597966][ T6256] Call Trace: [ 110.601280][ T6256] [ 110.604235][ T6256] dump_stack_lvl+0x18c/0x250 [ 110.608970][ T6256] ? read_lock_is_recursive+0x20/0x20 [ 110.614394][ T6256] ? show_regs_print_info+0x20/0x20 [ 110.619639][ T6256] ? load_image+0x400/0x400 [ 110.624187][ T6256] ? _raw_spin_lock_irqsave+0xc0/0x100 [ 110.629694][ T6256] ? __virt_addr_valid+0x18c/0x540 [ 110.634850][ T6256] ? __virt_addr_valid+0x469/0x540 [ 110.640012][ T6256] print_report+0xa8/0x210 [ 110.644470][ T6256] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 110.649976][ T6256] kasan_report+0x117/0x150 [ 110.654526][ T6256] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 110.660061][ T6256] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 110.665580][ T6256] kasan_check_range+0x241/0x290 [ 110.670567][ T6256] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 110.676074][ T6256] __asan_memmove+0x29/0x70 [ 110.680634][ T6256] ext4_xattr_set_entry+0x94b/0x1e90 [ 110.685968][ T6256] ext4_xattr_block_set+0xae8/0x32b0 [ 110.691296][ T6256] ? ext4_destroy_inode+0x200/0x200 [ 110.696541][ T6256] ? proc_nr_inodes+0x230/0x230 [ 110.701450][ T6256] ? do_raw_spin_unlock+0x121/0x230 [ 110.706780][ T6256] ? _raw_spin_unlock+0x28/0x40 [ 110.711731][ T6256] ? ext4_xattr_block_find+0x350/0x350 [ 110.717241][ T6256] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 110.722661][ T6256] ext4_xattr_set_handle+0xe2e/0x14c0 [ 110.728087][ T6256] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 110.734115][ T6256] ? __ext4_journal_start_sb+0x259/0x560 [ 110.739801][ T6256] ext4_xattr_set+0x252/0x340 [ 110.744530][ T6256] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 110.750128][ T6256] ? evm_protected_xattr_common+0x170/0x190 [ 110.756067][ T6256] ? ext4_xattr_security_get+0x40/0x40 [ 110.761561][ T6256] __vfs_setxattr+0x431/0x470 [ 110.766324][ T6256] __vfs_setxattr_noperm+0x12d/0x5e0 [ 110.771664][ T6256] vfs_setxattr+0x16b/0x2f0 [ 110.776221][ T6256] ? xattr_permission+0x470/0x470 [ 110.781280][ T6256] ? __mnt_want_write+0x223/0x2a0 [ 110.786351][ T6256] ? path_setxattr+0x3a1/0x5d0 [ 110.791163][ T6256] path_setxattr+0x3f3/0x5d0 [ 110.795803][ T6256] ? simple_xattrs_free+0x150/0x150 [ 110.801056][ T6256] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 110.807077][ T6256] ? lock_chain_count+0x20/0x20 [ 110.811970][ T6256] __x64_sys_setxattr+0xbb/0xd0 [ 110.816865][ T6256] do_syscall_64+0x55/0xa0 [ 110.821329][ T6256] ? clear_bhb_loop+0x40/0x90 [ 110.826043][ T6256] ? clear_bhb_loop+0x40/0x90 [ 110.830757][ T6256] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 110.836693][ T6256] RIP: 0033:0x7fb54499aeb9 [ 110.841152][ T6256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 110.860797][ T6256] RSP: 002b:00007fb545938028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 110.869252][ T6256] RAX: ffffffffffffffda RBX: 00007fb544c15fa0 RCX: 00007fb54499aeb9 [ 110.877261][ T6256] RDX: 00002000000013c0 RSI: 0000200000000140 RDI: 0000200000000100 [ 110.885268][ T6256] RBP: 00007fb544a08c1f R08: 0000000000000000 R09: 0000000000000000 [ 110.893270][ T6256] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000 [ 110.901272][ T6256] R13: 00007fb544c16038 R14: 00007fb544c15fa0 R15: 00007ffc2d89c648 [ 110.909283][ T6256] [ 110.912330][ T6256] [ 110.914685][ T6256] Allocated by task 6256: [ 110.919035][ T6256] kasan_set_track+0x4e/0x70 [ 110.923661][ T6256] __kasan_kmalloc+0x8f/0xa0 [ 110.928290][ T6256] __kmalloc_node_track_caller+0xb2/0x230 [ 110.934052][ T6256] kmemdup+0x2b/0x70 [ 110.937983][ T6256] ext4_xattr_block_set+0x9ea/0x32b0 [ 110.943311][ T6256] ext4_xattr_set_handle+0xe2e/0x14c0 [ 110.948726][ T6256] ext4_xattr_set+0x252/0x340 [ 110.953451][ T6256] __vfs_setxattr+0x431/0x470 [ 110.958168][ T6256] __vfs_setxattr_noperm+0x12d/0x5e0 [ 110.963508][ T6256] vfs_setxattr+0x16b/0x2f0 [ 110.968068][ T6256] path_setxattr+0x3f3/0x5d0 [ 110.972710][ T6256] __x64_sys_setxattr+0xbb/0xd0 [ 110.977604][ T6256] do_syscall_64+0x55/0xa0 [ 110.982066][ T6256] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 110.987999][ T6256] [ 110.990364][ T6256] The buggy address belongs to the object at ffff88801e77f000 [ 110.990364][ T6256] which belongs to the cache kmalloc-1k of size 1024 [ 111.004476][ T6256] The buggy address is located 64 bytes inside of [ 111.004476][ T6256] 1024-byte region [ffff88801e77f000, ffff88801e77f400) [ 111.017876][ T6256] [ 111.020241][ T6256] The buggy address belongs to the physical page: [ 111.026700][ T6256] page:ffffea000079de00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e778 [ 111.036898][ T6256] head:ffffea000079de00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 111.045861][ T6256] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 111.053973][ T6256] page_type: 0xffffffff() [ 111.058388][ T6256] raw: 00fff00000000840 ffff888017c41dc0 dead000000000100 dead000000000122 [ 111.067006][ T6256] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 111.075613][ T6256] page dumped because: kasan: bad access detected [ 111.082063][ T6256] page_owner tracks the page as allocated [ 111.087817][ T6256] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 34, tgid 34 (kworker/u4:2), ts 99739692617, free_ts 99276554343 [ 111.108175][ T6256] post_alloc_hook+0x1c1/0x200 [ 111.112994][ T6256] get_page_from_freelist+0x1951/0x19e0 [ 111.118569][ T6256] __alloc_pages+0x1f0/0x460 [ 111.123201][ T6256] alloc_slab_page+0x5d/0x160 [ 111.127916][ T6256] new_slab+0x87/0x2d0 [ 111.132202][ T6256] ___slab_alloc+0xc5d/0x12f0 [ 111.136919][ T6256] __kmem_cache_alloc_node+0x19e/0x250 [ 111.142454][ T6256] __kmalloc+0xa4/0x230 [ 111.146652][ T6256] ieee802_11_parse_elems_full+0xb9/0x20c0 [ 111.152496][ T6256] ieee80211_inform_bss+0x127/0x1080 [ 111.157816][ T6256] rdev_inform_bss+0x106/0x410 [ 111.162626][ T6256] cfg80211_inform_bss_frame_data+0xb8b/0x13d0 [ 111.168851][ T6256] ieee80211_bss_info_update+0x759/0x9b0 [ 111.174524][ T6256] ieee80211_ibss_rx_queued_mgmt+0x18ae/0x2c80 [ 111.180720][ T6256] ieee80211_iface_work+0x717/0xc70 [ 111.185966][ T6256] cfg80211_wiphy_work+0x225/0x260 [ 111.191115][ T6256] page last free stack trace: [ 111.195828][ T6256] free_unref_page_prepare+0x7b2/0x8c0 [ 111.201342][ T6256] free_unref_page+0x32/0x2e0 [ 111.206064][ T6256] __unfreeze_partials+0x1cf/0x210 [ 111.211207][ T6256] put_cpu_partial+0x17c/0x250 [ 111.216010][ T6256] __slab_free+0x319/0x400 [ 111.220463][ T6256] qlist_free_all+0x75/0xd0 [ 111.225024][ T6256] kasan_quarantine_reduce+0x143/0x160 [ 111.230523][ T6256] __kasan_slab_alloc+0x22/0x80 [ 111.235424][ T6256] slab_post_alloc_hook+0x6e/0x4b0 [ 111.240579][ T6256] kmem_cache_alloc_lru+0x111/0x2d0 [ 111.245819][ T6256] shmem_alloc_inode+0x28/0x40 [ 111.250625][ T6256] new_inode_pseudo+0x63/0x1d0 [ 111.255519][ T6256] new_inode+0x22/0x1b0 [ 111.259719][ T6256] shmem_get_inode+0x34f/0xcc0 [ 111.264536][ T6256] shmem_symlink+0xa4/0x490 [ 111.269084][ T6256] vfs_symlink+0x138/0x2b0 [ 111.273531][ T6256] [ 111.275883][ T6256] Memory state around the buggy address: [ 111.281539][ T6256] ffff88801e77ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 111.289624][ T6256] ffff88801e77ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 111.297719][ T6256] >ffff88801e77f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 111.305807][ T6256] ^ [ 111.311989][ T6256] ffff88801e77f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 111.320081][ T6256] ffff88801e77f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 111.328194][ T6256] ================================================================== [ 111.464423][ T6261] loop1: detected capacity change from 0 to 512 [ 111.497808][ T6261] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 111.527075][ T6261] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 111.624633][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.664019][ T6261] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2852: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 111.705683][ T6261] EXT4-fs (loop1): 1 truncate cleaned up [ 111.724733][ T6261] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.892308][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.903303][ T6256] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 111.910556][ T6256] CPU: 0 PID: 6256 Comm: syz.2.132 Not tainted syzkaller #0 [ 111.917885][ T6256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 111.927989][ T6256] Call Trace: [ 111.931305][ T6256] [ 111.934279][ T6256] dump_stack_lvl+0x18c/0x250 [ 111.939099][ T6256] ? show_regs_print_info+0x20/0x20 [ 111.944351][ T6256] ? load_image+0x400/0x400 [ 111.948918][ T6256] panic+0x2dc/0x730 [ 111.952850][ T6256] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 111.959041][ T6256] ? bpf_jit_dump+0xd0/0xd0 [ 111.963584][ T6256] ? _raw_spin_unlock_irqrestore+0x111/0x120 [ 111.969677][ T6256] ? _raw_spin_unlock+0x40/0x40 [ 111.974640][ T6256] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 111.980127][ T6256] check_panic_on_warn+0x84/0xa0 [ 111.985092][ T6256] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 111.990596][ T6256] end_report+0x6f/0x130 [ 111.994872][ T6256] kasan_report+0x128/0x150 [ 111.999407][ T6256] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 112.004906][ T6256] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 112.010406][ T6256] kasan_check_range+0x241/0x290 [ 112.015370][ T6256] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 112.020877][ T6256] __asan_memmove+0x29/0x70 [ 112.025414][ T6256] ext4_xattr_set_entry+0x94b/0x1e90 [ 112.030747][ T6256] ext4_xattr_block_set+0xae8/0x32b0 [ 112.036060][ T6256] ? ext4_destroy_inode+0x200/0x200 [ 112.041293][ T6256] ? proc_nr_inodes+0x230/0x230 [ 112.046200][ T6256] ? do_raw_spin_unlock+0x121/0x230 [ 112.051442][ T6256] ? _raw_spin_unlock+0x28/0x40 [ 112.056414][ T6256] ? ext4_xattr_block_find+0x350/0x350 [ 112.061901][ T6256] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 112.067309][ T6256] ext4_xattr_set_handle+0xe2e/0x14c0 [ 112.072784][ T6256] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 112.078801][ T6256] ? __ext4_journal_start_sb+0x259/0x560 [ 112.084466][ T6256] ext4_xattr_set+0x252/0x340 [ 112.089190][ T6256] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 112.094950][ T6256] ? evm_protected_xattr_common+0x170/0x190 [ 112.100880][ T6256] ? ext4_xattr_security_get+0x40/0x40 [ 112.106367][ T6256] __vfs_setxattr+0x431/0x470 [ 112.111080][ T6256] __vfs_setxattr_noperm+0x12d/0x5e0 [ 112.116580][ T6256] vfs_setxattr+0x16b/0x2f0 [ 112.121137][ T6256] ? xattr_permission+0x470/0x470 [ 112.126200][ T6256] ? __mnt_want_write+0x223/0x2a0 [ 112.131359][ T6256] ? path_setxattr+0x3a1/0x5d0 [ 112.136153][ T6256] path_setxattr+0x3f3/0x5d0 [ 112.140781][ T6256] ? simple_xattrs_free+0x150/0x150 [ 112.146028][ T6256] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 112.152033][ T6256] ? lock_chain_count+0x20/0x20 [ 112.156925][ T6256] __x64_sys_setxattr+0xbb/0xd0 [ 112.161813][ T6256] do_syscall_64+0x55/0xa0 [ 112.166257][ T6256] ? clear_bhb_loop+0x40/0x90 [ 112.170959][ T6256] ? clear_bhb_loop+0x40/0x90 [ 112.175704][ T6256] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 112.181659][ T6256] RIP: 0033:0x7fb54499aeb9 [ 112.186109][ T6256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 112.205771][ T6256] RSP: 002b:00007fb545938028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 112.214209][ T6256] RAX: ffffffffffffffda RBX: 00007fb544c15fa0 RCX: 00007fb54499aeb9 [ 112.222205][ T6256] RDX: 00002000000013c0 RSI: 0000200000000140 RDI: 0000200000000100 [ 112.230197][ T6256] RBP: 00007fb544a08c1f R08: 0000000000000000 R09: 0000000000000000 [ 112.238316][ T6256] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000 [ 112.246314][ T6256] R13: 00007fb544c16038 R14: 00007fb544c15fa0 R15: 00007ffc2d89c648 [ 112.254334][ T6256] [ 112.257948][ T6256] Kernel Offset: disabled [ 112.262483][ T6256] Rebooting in 86400 seconds..