last executing test programs: 2.449261336s ago: executing program 1 (id=89): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$UHID_INPUT(r0, &(0x7f0000001040)={0xfc, {"a2e3ad09ed0d09f91b5e071887f70e09d038e7ff7fc6e5539b0d670a8b089b3f363563030890e0879b0af8c6e70a9b334a959b669a9b2f0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d073b090acd3b78130daa61d8e804005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669114e2fbe70de98ec76a9e40dad47f36fd9f7d2d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f37c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b3d15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813491ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a737be3c67a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eb4581f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab9640071550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c894c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f411254c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486229e5b2e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc2c0db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df7227dfdb0d2b9e935c5af3cf474bed79dfc24ab0f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78c8fa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000026347ee800", 0x1000}}, 0x1006) 1.953183905s ago: executing program 2 (id=94): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x4, 0xc}, 0x50) r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@resuid}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T") 1.705544269s ago: executing program 1 (id=96): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, 0x0, 0x0, 0x8000, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00'}, 0x10) r1 = syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x8b7c, 0x800, 0x200007, 0x22}, &(0x7f0000000940)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000440)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, 0x0) io_uring_enter(r1, 0x47f9, 0x4db, 0x0, 0x0, 0x0) getrandom(&(0x7f0000000040)=""/133, 0xfffffffffffffdde, 0x2) 1.694049709s ago: executing program 0 (id=97): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000540), 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x8004587d, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x9cf, 0x1, 0x800000000001004}) 1.530747842s ago: executing program 3 (id=98): bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000340)='kfree\x00'}, 0x18) unshare(0x20000400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@bloom_filter={0x1e, 0x0, 0xc, 0x7}, 0x31) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) 1.185547559s ago: executing program 3 (id=99): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000000d7c0d6c878f064eb", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@gettfilter={0x24, 0x29, 0x6ce324a938346939, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x3}, {0x0, 0xffff}}}, 0x24}}, 0x0) 1.1254289s ago: executing program 0 (id=100): r0 = io_uring_setup(0x4d3f, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6(0xa, 0x2, 0x0) io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000000480), 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) get_robust_list(0x0, &(0x7f0000000240)=0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='neigh_create\x00', r1}, 0x18) r2 = socket(0x8000000010, 0x2, 0x0) write(r2, &(0x7f00000002c0)="fc0000001c000704ab5b2509b86803000aab087a0400000001481193210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc) 1.09846086s ago: executing program 3 (id=101): r0 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/notes', 0x0, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) finit_module(r0, 0x0, 0x7) 981.554982ms ago: executing program 2 (id=102): r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000140)=0x1) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1, 0x2, 0xfffffffc}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x7, 0x1, 0x80, 0x0, 0x1}) 925.546934ms ago: executing program 3 (id=103): bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = gettid() r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r2, &(0x7f0000000440)=""/247, 0x26) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000080)={0x31, @time={0x3, 0xfffefffd}, 0x0, {0x0, 0x2}, 0x0, 0x0, 0x4}) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r2, 0xc0305302, &(0x7f0000000040)={0x36, 0x7, 0x0, 0x9, 0xc4b, 0x87}) tkill(r1, 0x7) 802.666025ms ago: executing program 2 (id=104): syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x29c500a, 0x0, 0x4, 0x0, &(0x7f0000000000)) pipe2$9p(&(0x7f0000000240), 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), 0x21c004, &(0x7f0000000e40)={'trans=fd,', {'rfdno', 0x3d, r0}}) 713.427277ms ago: executing program 0 (id=105): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) memfd_create(0x0, 0x2) 640.840799ms ago: executing program 1 (id=106): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x9d}, 0x18) r2 = socket$inet6(0xa, 0x3, 0x3c) setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, &(0x7f0000001640)=ANY=[@ANYBLOB="000202"], 0x18) 640.207779ms ago: executing program 2 (id=107): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) unshare(0x20000400) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@bloom_filter={0x1e, 0x0, 0xc, 0x7}, 0x31) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20) 587.23912ms ago: executing program 0 (id=108): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) r2 = epoll_create1(0x0) r3 = eventfd2(0xffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000b80)={0xa0001011}) 528.496711ms ago: executing program 3 (id=109): syz_emit_ethernet(0x0, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) write$qrtrtun(0xffffffffffffffff, &(0x7f0000000400)="2ec8425d4ce2ef00", 0x8) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x1c, r1, 0x100, 0x70bd26, 0x25dfdbfb, {}, [""]}, 0x1c}}, 0x24008880) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x7, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000001000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = mq_open(&(0x7f0000000080)='eth0\x00#~\x02\x00\x00\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfd\x05\x00\x00\x00\x00\x00\x80\x00\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94uu_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18A\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x05\x00\x00\x000\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xce\x00\x00\x00\xe8\vq+\xbb\xc7\xaf\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0) mq_timedsend(r2, &(0x7f0000000600)="6d12483bb95dab4da2bccb9a5c51f7769b4aa2ed6f00bcfff2058843f7de72fa8f9dd7572991db9f2968c67d150dbd80321f91c14a7705c3d6e2292f74d074e24cdfdc28da61b60db4ac67a81c04430dd72555dcebe8193594b8fe29718d5781fe3f418379dab48089b86edc4facdbc388e30fdfabe867722b348dcfbff8f7745bb98584b3384eb1b1c541d05427c4e5c33b3692ebf599d4a179bcd27271d55e4a38ac7be3cae3e85eddbdcf574ac462df22b6b2242245f32d5826de908a96ea66331cad4d0ff094f552e118ee643f2f12f854c32d4e548bd82a69c4102bc516a41a52436f6dfd80133de801fdc8e75276c631f041d86269f2ba0791e8119868816c1fe9c78654919d6dcce67a5f32b77575867f43f76e99108bf9ee3fd550cc18f8bee8505da7ea8fe0a3a9e40c01be1d39435821c5f52cf39a7d5558f278b01be298e5460d3ebf011345ed0030603f767fe44876fdf1cb172a4cbfb2f7784ac61c4786a147b6d446eaf46d5b26c6b85580ba4913fc12a443d8dcf05d08513ae01a7f489826fdc8bff83c1708ebbc060aa72d25e6ce21521799bd37c34fdad973fd7e17070b7783bf341fc079c6b0c9811388430c84540d8d544d1887b73e3a9d2625358be4b09128ee7f8d2dacf2d9704b9143c0341568d1e39429e1d442d21878c87271e66651e12d077b8dd49c0bf285097e261a5116b91036368265c1c5b74353bb42ff4936e27a20c48dea290685b09c2e5baa29dbeb790969f793692fb112c973329236f30bd29c39ee6104e1e0ccd1f855e5837d156c83834661a2aa8929ad78c025413179d880ee905d0b1ee1c9c3eacb63ac807a6ce73d492502ce52beba9ea5214a9387e2c5a810a96e14956809b6865e46a9d9ce2deb4cce2155562dd7e3daef9b3c0c0a55f1fe1a89835971dbc9c09ee9d4abe827b0e87dcd08e5e7cf08869cdcd6fe7f42d93c075db2fec9d96aff21410c3cbd5d904ed147af08c297011ec105dec6fb319cc5637ac71dac05d01ef356dcc6b6bd3f8625204d92f6d0447c0ee5c72d13b4e951a5ba060d4e0ab4680bba08ca9e0079ed6332e6449e01ec480903b0f377e08e8146c8a1e86df678dd88f3768e0958b04f24d58f39a15ee93e4b3e1e2dcd91f8cd36c37b2806d5f7c1871d0e1d7496ac64b377a8fb32104166536597bbfd6d814b2eb41970ba1aef50238e34ec8069690029c58c8a01b28b711ff44aed4652629c7cdc7843d83efe9514bb5b1f80d1047e6075870c53505a142e48d6897d7811f84d8c3e8f9985f9a9d01c8fd68960aee376caa465f25622d7ff5deae8f0d628e048bc4387ca3046067768f3014a3ef4d1b55123ce45507ab1b6f587f6302bb9b715899d2fc20cabfd306549b6a2ec8ea5169e5be19cf59ef71cbb16d402cdc62a422b2bf5c01bb6139e60fd61ea4b77382c7e2e038c6511bfe08f7a3cea5e793f9e2cb4facce20e719d179104418f6745bf8065c70da3815c8e1a1b650d96865c41fd45dbcae51e1d54b41002c2f673cd1008dbf3f17847dd28d8fe3c24ef238000be692e05b0365cb7691fa8f134efe70df46b5cc4765def995971ae0c45f653292f4a3c26300e359afbe0c4f7b049f505ab8e8a0d4c7090cc07c62dbcb9bf6682425553de4ca63f98ac5d420d01bf729bf815683d11451eea0295675778f00bef94ac6e29dd2285847fd857cf2d204de3170e024169d568500befd5c6f34e9d3fcae78bd8fcd6d8f85fcf56241c7787d86bdfca06a6e69b996d72530c94eaa82e99f8ccbd66b53ce0f066fffcb3b643f84a1112c4c8a153ef745f7da3c4887f95de7df8dcf6653200eccb389a7aad4a874d347791cd00cf767bdd8d36de55cbc0879e11cddec175b36be0d1224d1dab7d8f8f3bab0f622d031be123b6ab48188716162afea5e0529830a39c3c9edc86b3e6020830f2f94060685d96887fb536afaedcd9523c53e5e210e87a07bc941b29b968ec9b0f6e5a74b929ad56ef7e80b981d39460040df8aedb253bc4681e72de2b3e886320b2f9a52f675bb08e4dee27b468d0822d6269ad1eee16d1c1781ad17b1fae21b44e427ace6d1fa932ca9c295c5ae74140ffea23ac2b70a6ca71af12c6d63adc32110521cee84dce3514c51417fa794fff4fb7b72844fbb3ba786173d3ffea23e03eb49acbd957d52494ffff3cd2dc420ace19bbe375aabb97953dd1b8adc24856a81b2888e2fb635332c2d4257cf6833ccb3135c0327f79c4846b691b693b066cd5de30ca40e29fe8775fd6a8844f566223008d017ccb6f2ee47496b61aa2900f64c1e2136c8dfbb6dd7ab368e0cfeb3e639657f16d9f26f0c575b61476ea7cd499e2fffe75f6118d19d6186e9433d1b92dc30e84bceba4c9bd8e889575c50da8e236d0ad184a2ae7e91e31485a44389a7c6a63c4d7588fa0755ae292102c46df1cfcc21eccfa5bc815a2491cb845de2feae93d5a9365cff327d048b7e66733b1d1cbf1eadae7296631f3f1681ab5878272a9b17e11f64e8ea8afbd297f388b951e39b94d909c74a4c667f6204128c84566c2347222a984f67177160e3f144518721f25aab93c9d0a34d407b84485bf1f2fa07af7de0617dbda0b2eb3ef839d6ad8649fa7133e14646cb30462e827a1bba8b6cf97c93c95552c70aae8ba4918f8b51275ed7e1f90f7ae7a5313aff699f54265adad4b0608a90165c8e7df729ceb0eda12357ea37e7bbb86fc542544c93d494d4edfd098432e389666a8a93f4333e630deefa87397ece144a59fbf736aeefb7b66744954e8076e9d0534508a3631dbdcd2c15b5fd844d62409bf6c63699ac5ff0cab98d4b7f0e33e5cb20853554c895ea26607e9554d74e1511c4c476c41aa7fa717259e5048d80f1f30f07dd5397c17d818dac1849b7ccf6425fa0265edfecb58a763615dedbe98e215ce63dd1688e191a191ccdb4e939bd370f68054440296cb511b5f070fb9479bdef321b7d124506f6345ac3c2ca0ef22292d3f83ec21908de3a3c7f98cc5e086034d0b08df704382a8ee9f6129542cac7dc5fd54e71270f5ea9739b625347f3200d6f74d41106aed8fa8af5a3a6cd58a44de62af681d449a44b5", 0x898, 0x6, 0x0) mq_timedreceive(r2, &(0x7f000001d600)=""/102376, 0x18fe8, 0x0, 0x0) 449.437952ms ago: executing program 1 (id=110): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000000d7c0d6c878f064eb", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@gettfilter={0x24, 0x29, 0x6ce324a938346939, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x3}, {0x0, 0xffff}}}, 0x24}}, 0x0) 449.160102ms ago: executing program 2 (id=111): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000002c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = open(&(0x7f0000000200)='./file1\x00', 0xc827e, 0xdc) fallocate(r0, 0x0, 0x0, 0x8800000) r1 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0x105042, 0x1db) writev(r1, &(0x7f0000000140)=[{0x0}, {&(0x7f00000000c0)="da657b03", 0x4}], 0x2) 352.618414ms ago: executing program 0 (id=112): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1, 0x2, 0xfffffffc}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x7, 0x1, 0x80, 0x0, 0x1}) 352.175914ms ago: executing program 3 (id=113): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x8, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba5"], 0x0}, 0x94) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000e00), 0x1, 0x561, &(0x7f0000000f80)="$eJzs3U1rG0cfAPD/ylbenycOhNCWUgw9NCWNHNt9SaGH9NyGBtp7KuyNCZajYMkhdgNNDs25hF5KA6X30nOPoV+gh36GQBsIJZj20IvLyivFL5ItJ7KtVL8frJnZXWl2NPsfz2gkFMDAGs3+FCJejoivk4jjEZHkx4YjPzi6et7yk1tT2ZbEysqnfyaN87J887majzuaZ16KiF++ijhT2FxubXFptlyppPN5fqw+d32strh09upceSadSa9NTE6ef2dy4v333u1ZXd+89Pe3nzwYynMn7iVxIY7lubX1eA6312ZGYzR/TYpxYcOJ4z0orJ8kbff+tOfXwc4M5XFejKwPOB5DedQD/31fRsQKMKCSHcf/b8XduRJgbzXHAc25fY/mwS+Mxx+uToA213949b2RONSYGx1ZTtbNjLL57kgPys/K+PmP+/eyLXr3PgTAtm7fiYhzw8Ob+78k7/+e3bkuztlYhv4P9s6DbPzzVrvxT6E1/ok245+jbWL3WWwf/4VHPSimo2z890Hb8W9r0WpkKM/9rzHmKyZXrlbSrG/7f0ScjuLBLL/Ves755YcrnY6tHf9lW1Z+cyyYX8ej4YPrHzNdrpefp85rPb4T8Urb8W/Sav+kTftnr8elLss4ld5/rdOx7eu/u1Z+iHijbfs/XdFKtl6fHGvcD2PNu2Kzv+6e+rVT+ftd/6z9j2xd/5Fk7XptbedlfH/onzRa68nrrat/dH//H0g+a6QP5Ptuluv1+fGIA8nHrf2F5v6Jp49t5pvnZ/U//frW/V+7+/9wRHzeZf3vnvzx1U7H+qH9p9u2f2t2u6H9d554+NEX33Uqv7v+7+1G6nS+p5v+r9sLfJ7XDgAAAAAAAPpNISKORVIotdKFQqm0+vmOk3GkUKnW6meuVBeuTUfju7IjUSw0V7qPr/k8xHi+YtjMT2zIT0bEiYj4ZuhwI1+aqlam97vyAAAAAAAAAAAAAAAAAAAA0CeOdvj+f+b3of2+OmDX+clvGFzbxn8vfukJ6Ev+/8PgEv8wuMQ/DC7xD4NL/MPgEv8wuMQ/DC7xDwAAAAAAAAAAAAAAAAAAAAAAAAAAAD116eLFbFtZfnJrKstP31hcmK3eODud1mZLcwtTpanq/PXSTLU6U0lLU9W57Z6vUq1eH5+IhZtj9bRWH6stLl2eqy5cq1++OleeSS+nxT2pFQAAAAAAAAAAAAAAAAAAALxYaotLs+VKJZ2XkHimxHB/XIZEjxP73TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFP/BgAA//9q6zMB") setxattr$incfs_metadata(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280), &(0x7f00000002c0)="30573472b621739991c336124406e8a5c812ca847e3bf9b837c91d46ab", 0x1d, 0x1) lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f0000000800)=ANY=[], 0x361, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000480)=ANY=[], 0xfe37, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r1, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x20, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4}], 0x1, 0x4001) r2 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000280)=0x8) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) dup2(r1, r4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @empty, 0x4}], 0x1c) sendto$inet6(r4, &(0x7f0000000040)='l', 0x1, 0x7ddfdbdfafa51cdd, &(0x7f0000000100)={0xa, 0x4e23, 0x2, @loopback, 0xffffffff}, 0x1c) connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e24, 0x9, @remote, 0xa}, 0x1c) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000080)={r3, 0x2, 0x1, "fa"}, 0x9) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) bpf$MAP_CREATE(0x600000000000000, &(0x7f0000000580)=@base={0xf, 0x4, 0x4, 0x20002, 0x0, 0x1, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 326.525674ms ago: executing program 1 (id=114): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='kfree\x00', r0}, 0x18) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0xf, 0x0, 0x1, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x58}}, 0x0) 145.514578ms ago: executing program 1 (id=115): prctl$PR_SET_TIMERSLACK(0x1d, 0x81) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000040) syz_open_procfs(0x0, &(0x7f0000002340)='fdinfo\x00') syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==") setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000000)={{}, {}, [], {0x4, 0x6}}, 0x24, 0x2) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x801460, 0x0, 0x2, 0x0, &(0x7f0000000000)) poll(&(0x7f0000000a00)=[{}], 0x2e, 0x5) 128.625958ms ago: executing program 0 (id=116): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, 0x0, 0x0, 0x8000, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00'}, 0x10) r1 = syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x8b7c, 0x800, 0x200007, 0x22}, &(0x7f0000000940)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000440)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, 0x0) io_uring_enter(r1, 0x47f9, 0x4db, 0x0, 0x0, 0x0) getrandom(&(0x7f0000000040)=""/133, 0xfffffffffffffdde, 0x2) 0s ago: executing program 2 (id=117): bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = gettid() r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r2, &(0x7f0000000440)=""/247, 0x26) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000080)={0x31, @time={0x3, 0xfffefffd}, 0x0, {0x0, 0x2}, 0x0, 0x0, 0x4}) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r2, 0xc0305302, &(0x7f0000000040)={0x36, 0x7, 0x0, 0x9, 0xc4b, 0x87}) tkill(r1, 0x7) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.196' (ED25519) to the list of known hosts. [ 65.266535][ T5777] cgroup: Unknown subsys name 'net' [ 65.393131][ T5777] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 66.918245][ T5777] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 68.995691][ T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 69.004187][ T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 69.011944][ T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 69.020544][ T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 69.027883][ T50] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 69.037479][ T5792] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 69.044941][ T5792] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 69.053508][ T5792] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 69.061941][ T5792] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 69.070070][ T5792] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 69.077460][ T5792] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 69.094688][ T5796] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.103944][ T5796] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 69.125492][ T5796] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 69.133182][ T5796] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 69.146178][ T5796] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 69.154155][ T5796] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 69.161592][ T5796] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 69.202329][ T50] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 69.210216][ T50] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 69.218265][ T50] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 69.226738][ T50] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 69.234884][ T50] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 69.242682][ T50] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 69.558370][ T5786] chnl_net:caif_netlink_parms(): no params data found [ 69.610639][ T5790] chnl_net:caif_netlink_parms(): no params data found [ 69.699965][ T5794] chnl_net:caif_netlink_parms(): no params data found [ 69.719029][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.726485][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.734000][ T5786] bridge_slave_0: entered allmulticast mode [ 69.741204][ T5786] bridge_slave_0: entered promiscuous mode [ 69.753977][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.761233][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.768521][ T5786] bridge_slave_1: entered allmulticast mode [ 69.775276][ T5786] bridge_slave_1: entered promiscuous mode [ 69.836313][ T5790] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.843483][ T5790] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.851689][ T5790] bridge_slave_0: entered allmulticast mode [ 69.858662][ T5790] bridge_slave_0: entered promiscuous mode [ 69.866640][ T5790] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.873765][ T5790] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.880963][ T5790] bridge_slave_1: entered allmulticast mode [ 69.888504][ T5790] bridge_slave_1: entered promiscuous mode [ 69.947809][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.959771][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.032062][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.049092][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.079272][ T5786] team0: Port device team_slave_0 added [ 70.088826][ T5786] team0: Port device team_slave_1 added [ 70.147979][ T5794] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.155131][ T5794] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.162840][ T5794] bridge_slave_0: entered allmulticast mode [ 70.170460][ T5794] bridge_slave_0: entered promiscuous mode [ 70.183265][ T5794] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.190508][ T5794] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.197925][ T5794] bridge_slave_1: entered allmulticast mode [ 70.204835][ T5794] bridge_slave_1: entered promiscuous mode [ 70.214242][ T5790] team0: Port device team_slave_0 added [ 70.224360][ T5790] team0: Port device team_slave_1 added [ 70.231092][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.238105][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.264683][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.277323][ T5800] chnl_net:caif_netlink_parms(): no params data found [ 70.317771][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.324759][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.351183][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.384651][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.391778][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.417865][ T5790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.430230][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.437361][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.463307][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.499475][ T5794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.511635][ T5794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.596322][ T5794] team0: Port device team_slave_0 added [ 70.607818][ T5790] hsr_slave_0: entered promiscuous mode [ 70.614191][ T5790] hsr_slave_1: entered promiscuous mode [ 70.637661][ T5794] team0: Port device team_slave_1 added [ 70.648153][ T5786] hsr_slave_0: entered promiscuous mode [ 70.654523][ T5786] hsr_slave_1: entered promiscuous mode [ 70.662393][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.670564][ T5786] Cannot create hsr debugfs directory [ 70.771449][ T5800] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.778906][ T5800] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.786242][ T5800] bridge_slave_0: entered allmulticast mode [ 70.793079][ T5800] bridge_slave_0: entered promiscuous mode [ 70.801171][ T5794] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.808358][ T5794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.834857][ T5794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.847326][ T5794] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.854284][ T5794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.880710][ T5794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.918810][ T5800] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.926179][ T5800] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.933325][ T5800] bridge_slave_1: entered allmulticast mode [ 70.940309][ T5800] bridge_slave_1: entered promiscuous mode [ 71.010663][ T5800] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.049675][ T5800] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.074065][ T5794] hsr_slave_0: entered promiscuous mode [ 71.081288][ T5794] hsr_slave_1: entered promiscuous mode [ 71.088118][ T5794] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 71.096233][ T5794] Cannot create hsr debugfs directory [ 71.136174][ T50] Bluetooth: hci0: command tx timeout [ 71.141943][ T50] Bluetooth: hci1: command tx timeout [ 71.181672][ T5800] team0: Port device team_slave_0 added [ 71.195230][ T5800] team0: Port device team_slave_1 added [ 71.225446][ T50] Bluetooth: hci2: command tx timeout [ 71.260034][ T5800] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.267414][ T5800] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.293974][ T5800] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.304741][ T50] Bluetooth: hci3: command tx timeout [ 71.326195][ T5800] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.333161][ T5800] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.359274][ T5800] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.381306][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.388227][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.481226][ T5800] hsr_slave_0: entered promiscuous mode [ 71.490790][ T5800] hsr_slave_1: entered promiscuous mode [ 71.498100][ T5800] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 71.505741][ T5800] Cannot create hsr debugfs directory [ 71.511526][ T5786] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 71.526580][ T5786] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 71.537523][ T5786] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 71.589316][ T5786] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 71.661613][ T5790] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 71.690918][ T5790] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 71.700621][ T5790] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 71.716928][ T5790] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 71.813733][ T5794] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 71.830328][ T5794] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 71.841317][ T5794] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 71.852935][ T5794] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 71.933840][ T5800] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 71.944297][ T5800] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 71.954162][ T5800] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 71.973145][ T5800] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 72.071083][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.113585][ T5794] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.127805][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.162796][ T5786] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.186597][ T5790] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.198759][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.206059][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.223718][ T5794] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.240227][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.247359][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.267335][ T2923] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.274462][ T2923] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.286737][ T2923] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.293863][ T2923] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.311013][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.318172][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.354656][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.362106][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.381279][ T5800] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.419603][ T5800] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.454185][ T2923] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.461310][ T2923] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.494213][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.501359][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.651842][ T5800] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 72.908229][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.999664][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.032683][ T5786] veth0_vlan: entered promiscuous mode [ 73.060043][ T5800] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.083288][ T5786] veth1_vlan: entered promiscuous mode [ 73.097196][ T5794] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.150295][ T5790] veth0_vlan: entered promiscuous mode [ 73.171613][ T5786] veth0_macvtap: entered promiscuous mode [ 73.202387][ T5786] veth1_macvtap: entered promiscuous mode [ 73.212532][ T5790] veth1_vlan: entered promiscuous mode [ 73.219752][ T5796] Bluetooth: hci0: command tx timeout [ 73.226214][ T50] Bluetooth: hci1: command tx timeout [ 73.253354][ T5794] veth0_vlan: entered promiscuous mode [ 73.274677][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.290445][ T5794] veth1_vlan: entered promiscuous mode [ 73.296508][ T50] Bluetooth: hci2: command tx timeout [ 73.308418][ T5800] veth0_vlan: entered promiscuous mode [ 73.317662][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.346985][ T5800] veth1_vlan: entered promiscuous mode [ 73.369352][ T5786] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.380166][ T5786] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.384804][ T50] Bluetooth: hci3: command tx timeout [ 73.394350][ T5786] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.394408][ T5786] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.426681][ T5790] veth0_macvtap: entered promiscuous mode [ 73.465009][ T5800] veth0_macvtap: entered promiscuous mode [ 73.483689][ T5794] veth0_macvtap: entered promiscuous mode [ 73.494170][ T5790] veth1_macvtap: entered promiscuous mode [ 73.508231][ T5794] veth1_macvtap: entered promiscuous mode [ 73.534770][ T5800] veth1_macvtap: entered promiscuous mode [ 73.559222][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.570916][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.584352][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.622582][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.635248][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.654895][ T5800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.667045][ T5800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.677160][ T5800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.689926][ T5800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.701729][ T5800] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.714569][ T5800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.725186][ T5800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.737297][ T5800] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.751949][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.763031][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.773154][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.783845][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.794901][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.812212][ T5800] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.821279][ T5800] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.830298][ T5800] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.839034][ T5800] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.858121][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.868694][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.879086][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.889893][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.899768][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.910647][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.922346][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.933470][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.944486][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.954492][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.965724][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.976044][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.986691][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.998414][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.007162][ T5790] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.017613][ T5790] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.026923][ T5790] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.036418][ T5790] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.047924][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.056597][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.078286][ T5794] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.088092][ T5794] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.097731][ T5794] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.106485][ T5794] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.293498][ T2909] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.319178][ T2909] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.348427][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.364305][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.379848][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.387932][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.451728][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.474965][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.485258][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.506508][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.561426][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.588398][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.992545][ T5882] syz.0.5[5882]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 75.083354][ T5882] loop0: detected capacity change from 0 to 1024 [ 75.177854][ T5882] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.228941][ T5891] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096 [ 75.296286][ T50] Bluetooth: hci1: command tx timeout [ 75.298169][ T5796] Bluetooth: hci0: command tx timeout [ 75.337871][ T28] audit: type=1800 audit(1759718284.982:2): pid=5882 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.5" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 75.373812][ T5882] EXT4-fs error (device loop0): mb_free_blocks:1938: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt. [ 75.396508][ T5796] Bluetooth: hci2: command tx timeout [ 75.455969][ T5796] Bluetooth: hci3: command tx timeout [ 75.522195][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.722994][ T28] audit: type=1326 audit(1759718285.362:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5893 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75f218eec9 code=0x7ffc0000 [ 75.789379][ T28] audit: type=1326 audit(1759718285.372:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5893 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75f218eec9 code=0x7ffc0000 [ 75.885579][ T28] audit: type=1326 audit(1759718285.372:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5893 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f75f218eec9 code=0x7ffc0000 [ 75.945986][ T28] audit: type=1326 audit(1759718285.372:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5893 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75f218eec9 code=0x7ffc0000 [ 76.014736][ T28] audit: type=1326 audit(1759718285.372:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5893 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f75f218eec9 code=0x7ffc0000 [ 76.125369][ T28] audit: type=1326 audit(1759718285.372:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5893 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75f218eec9 code=0x7ffc0000 [ 76.187518][ T28] audit: type=1326 audit(1759718285.372:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5893 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f75f218eec9 code=0x7ffc0000 [ 76.257016][ T28] audit: type=1326 audit(1759718285.382:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5893 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75f218eec9 code=0x7ffc0000 [ 76.310965][ T28] audit: type=1326 audit(1759718285.382:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5893 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f75f218eec9 code=0x7ffc0000 [ 76.311280][ T5907] loop0: detected capacity change from 0 to 1024 [ 76.391407][ T5907] EXT4-fs: Ignoring removed orlov option [ 76.457704][ T5907] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.129985][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.361068][ T5923] loop1: detected capacity change from 0 to 8192 [ 77.376526][ T5796] Bluetooth: hci1: command tx timeout [ 77.382103][ T5796] Bluetooth: hci0: command tx timeout [ 77.457062][ T50] Bluetooth: hci2: command tx timeout [ 77.536138][ T50] Bluetooth: hci3: command tx timeout [ 77.804148][ T5932] Zero length message leads to an empty skb [ 78.038827][ T5939] loop1: detected capacity change from 0 to 128 [ 78.065259][ T5939] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 78.124453][ T5939] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 78.257895][ T5939] ext2 filesystem being mounted at /6/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 78.368559][ T5947] 9pnet_fd: Insufficient options for proto=fd [ 78.488033][ T5949] loop3: detected capacity change from 0 to 1024 [ 78.520752][ T5949] EXT4-fs: Ignoring removed orlov option [ 78.533544][ T5794] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 78.616608][ T5949] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.702177][ T5956] netlink: 'syz.0.32': attribute type 13 has an invalid length. [ 78.772063][ T5956] netlink: 24859 bytes leftover after parsing attributes in process `syz.0.32'. [ 79.022495][ T5800] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.044047][ T5965] loop1: detected capacity change from 0 to 128 [ 79.081378][ T5965] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 79.131596][ T5965] ext4 filesystem being mounted at /9/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 79.310807][ T5794] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 79.524817][ T5974] 9pnet_fd: Insufficient options for proto=fd [ 79.811331][ T5980] netlink: 24 bytes leftover after parsing attributes in process `syz.1.42'. [ 80.344189][ T5988] loop1: detected capacity change from 0 to 1024 [ 80.373973][ T5988] ======================================================= [ 80.373973][ T5988] WARNING: The mand mount option has been deprecated and [ 80.373973][ T5988] and is ignored by this kernel. Remove the mand [ 80.373973][ T5988] option from the mount to silence this warning. [ 80.373973][ T5988] ======================================================= [ 80.467885][ T5988] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.522556][ T28] kauditd_printk_skb: 28 callbacks suppressed [ 80.522570][ T28] audit: type=1800 audit(1759718290.162:40): pid=5988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.46" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 80.805111][ T5874] Set syz1 is full, maxelem 65536 reached [ 80.838143][ T5988] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4031: comm syz.1.46: Allocating blocks 497-513 which overlap fs metadata [ 80.889255][ T5987] EXT4-fs (loop1): pa ffff888078296bc8: logic 32, phys. 161, len 22 [ 80.898138][ T5987] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 1 [ 80.981887][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.027428][ T5996] tipc: Started in network mode [ 81.032467][ T5996] tipc: Node identity ac14140f, cluster identity 4711 [ 81.060052][ T5996] tipc: New replicast peer: 255.255.255.83 [ 81.069828][ T5996] tipc: Enabled bearer , priority 10 [ 81.469034][ T28] audit: type=1326 audit(1759718291.112:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6007 comm="syz.0.55" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75f218eec9 code=0x7ffc0000 [ 81.529593][ T6012] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 81.565517][ T28] audit: type=1326 audit(1759718291.132:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6007 comm="syz.0.55" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f75f218eec9 code=0x7ffc0000 [ 81.603928][ T6012] loop2: detected capacity change from 0 to 512 [ 81.651920][ T6012] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 81.658475][ T6016] loop1: detected capacity change from 0 to 128 [ 81.705525][ T6012] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 81.710131][ T28] audit: type=1326 audit(1759718291.132:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6007 comm="syz.0.55" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f75f218ef03 code=0x7ffc0000 [ 81.778166][ T6012] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 81.835583][ T6012] EXT4-fs (loop2): 1 truncate cleaned up [ 81.842444][ T6012] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.886323][ T6016] syz.1.57: attempt to access beyond end of device [ 81.886323][ T6016] loop1: rw=2049, sector=145, nr_sectors = 104 limit=128 [ 81.901833][ T28] audit: type=1326 audit(1759718291.132:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6007 comm="syz.0.55" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f75f218ef03 code=0x7ffc0000 [ 82.021320][ T28] audit: type=1326 audit(1759718291.132:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6007 comm="syz.0.55" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75f218eec9 code=0x7ffc0000 [ 82.105415][ T28] audit: type=1326 audit(1759718291.142:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6007 comm="syz.0.55" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75f218eec9 code=0x7ffc0000 [ 82.146974][ T6022] netlink: 4 bytes leftover after parsing attributes in process `syz.2.56'. [ 82.173471][ T28] audit: type=1326 audit(1759718291.282:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6013 comm="syz.0.58" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75f218eec9 code=0x7ffc0000 [ 82.196984][ T5852] tipc: Node number set to 2886997007 [ 82.257132][ T28] audit: type=1326 audit(1759718291.282:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6013 comm="syz.0.58" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75f218eec9 code=0x7ffc0000 [ 82.325775][ T28] audit: type=1326 audit(1759718291.282:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6013 comm="syz.0.58" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f75f218eec9 code=0x7ffc0000 [ 82.718445][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.905302][ C0] sched: RT throttling activated [ 85.383642][ T6078] netlink: 152 bytes leftover after parsing attributes in process `syz.3.82'. [ 85.421383][ T6078] netlink: 4 bytes leftover after parsing attributes in process `syz.3.82'. [ 85.476310][ T6081] syz.0.83 uses obsolete (PF_INET,SOCK_PACKET) [ 85.492580][ T6081] syzkaller1: entered promiscuous mode [ 85.503329][ T6081] syzkaller1: entered allmulticast mode [ 85.653226][ T6087] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 85.771543][ T6091] loop0: detected capacity change from 0 to 512 [ 85.862149][ T28] kauditd_printk_skb: 121 callbacks suppressed [ 85.862163][ T28] audit: type=1326 audit(1759718295.502:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6098 comm="syz.2.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ff458eec9 code=0x7ffc0000 [ 85.862399][ T28] audit: type=1326 audit(1759718295.502:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6098 comm="syz.2.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ff458eec9 code=0x7ffc0000 [ 85.862724][ T28] audit: type=1326 audit(1759718295.502:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6098 comm="syz.2.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1ff458eec9 code=0x7ffc0000 [ 85.863122][ T28] audit: type=1326 audit(1759718295.502:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6098 comm="syz.2.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ff458eec9 code=0x7ffc0000 [ 85.863688][ T28] audit: type=1326 audit(1759718295.502:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6098 comm="syz.2.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f1ff458eec9 code=0x7ffc0000 [ 85.864111][ T28] audit: type=1326 audit(1759718295.502:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6098 comm="syz.2.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ff458eec9 code=0x7ffc0000 [ 85.864318][ T28] audit: type=1326 audit(1759718295.502:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6098 comm="syz.2.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ff458eec9 code=0x7ffc0000 [ 85.864932][ T28] audit: type=1326 audit(1759718295.502:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6098 comm="syz.2.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f1ff458eec9 code=0x7ffc0000 [ 85.865156][ T28] audit: type=1326 audit(1759718295.502:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6098 comm="syz.2.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ff458eec9 code=0x7ffc0000 [ 85.865987][ T28] audit: type=1326 audit(1759718295.512:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6098 comm="syz.2.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ff458eec9 code=0x7ffc0000 [ 85.872097][ T6091] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.872213][ T6091] ext4 filesystem being mounted at /24/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 86.036010][ T6102] 9pnet_fd: Insufficient options for proto=fd [ 86.091602][ C0] vkms_vblank_simulate: vblank timer overrun [ 86.209098][ C0] vkms_vblank_simulate: vblank timer overrun [ 86.373597][ T6107] loop2: detected capacity change from 0 to 512 [ 86.386588][ T6107] EXT4-fs: Ignoring removed nobh option [ 86.403308][ T6109] loop3: detected capacity change from 0 to 2048 [ 86.489125][ T6109] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.491036][ T6107] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #3: comm syz.2.94: corrupted inode contents [ 86.525474][ T6107] EXT4-fs error (device loop2): ext4_dirty_inode:6106: inode #3: comm syz.2.94: mark_inode_dirty error [ 86.528147][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.572441][ T6107] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #3: comm syz.2.94: corrupted inode contents [ 86.610886][ T6107] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #3: comm syz.2.94: mark_inode_dirty error [ 86.651652][ T5800] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.673603][ T6107] EXT4-fs error (device loop2): ext4_acquire_dquot:6940: comm syz.2.94: Failed to acquire dquot type 0 [ 86.703697][ T6107] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #16: comm syz.2.94: corrupted inode contents [ 86.723849][ T6117] loop0: detected capacity change from 0 to 512 [ 86.730957][ T6107] EXT4-fs error (device loop2): ext4_dirty_inode:6106: inode #16: comm syz.2.94: mark_inode_dirty error [ 86.752353][ T6107] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #16: comm syz.2.94: corrupted inode contents [ 86.769246][ T964] cfg80211: failed to load regulatory.db [ 86.770177][ T6107] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm syz.2.94: mark_inode_dirty error [ 86.795141][ T6107] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #16: comm syz.2.94: corrupted inode contents [ 86.814064][ T6107] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 86.833499][ T6117] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 86.853036][ T6117] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.864947][ T6107] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #16: comm syz.2.94: corrupted inode contents [ 86.905547][ T6107] EXT4-fs error (device loop2): ext4_truncate:4288: inode #16: comm syz.2.94: mark_inode_dirty error [ 86.921924][ T6117] EXT4-fs (loop0): shut down requested (0) [ 86.937970][ T6107] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 86.974836][ T6107] EXT4-fs (loop2): 1 truncate cleaned up [ 87.004758][ T6107] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.037900][ T6107] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 87.057439][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.158675][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.300582][ T6127] netlink: 'syz.0.100': attribute type 12 has an invalid length. [ 87.476478][ T6134] 9pnet_fd: Insufficient options for proto=fd [ 87.793622][ T6148] loop2: detected capacity change from 0 to 1024 [ 87.863905][ T6148] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.929946][ T6155] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 87.951152][ T6148] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4031: comm syz.2.111: Allocating blocks 385-513 which overlap fs metadata [ 87.984276][ T6157] loop3: detected capacity change from 0 to 1024 [ 88.001645][ T6146] EXT4-fs (loop2): pa ffff8880783193a0: logic 16, phys. 129, len 24 [ 88.010001][ T6146] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 8 [ 88.074739][ T6157] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.117154][ T6162] loop1: detected capacity change from 0 to 512 [ 88.180494][ T6162] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.210613][ T6157] ================================================================== [ 88.218747][ T6157] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x94b/0x1e90 [ 88.226508][ T6157] Read of size 18446744073709551588 at addr ffff88802449f040 by task syz.3.113/6157 [ 88.235891][ T6157] [ 88.238247][ T6157] CPU: 0 PID: 6157 Comm: syz.3.113 Not tainted syzkaller #0 [ 88.245548][ T6157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 88.255635][ T6157] Call Trace: [ 88.258934][ T6157] [ 88.261882][ T6157] dump_stack_lvl+0x16c/0x230 [ 88.266586][ T6157] ? read_lock_is_recursive+0x20/0x20 [ 88.272007][ T6157] ? show_regs_print_info+0x20/0x20 [ 88.275595][ T6162] ext4 filesystem being mounted at /37/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 88.277209][ T6157] ? load_image+0x3b0/0x3b0 [ 88.277233][ T6157] ? _raw_spin_lock_irqsave+0xb4/0xf0 [ 88.297280][ T6157] ? __virt_addr_valid+0x18c/0x540 [ 88.302423][ T6157] ? __virt_addr_valid+0x469/0x540 [ 88.307562][ T6157] print_report+0xac/0x220 [ 88.312007][ T6157] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 88.317487][ T6157] kasan_report+0x117/0x150 [ 88.322016][ T6157] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 88.327501][ T6157] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 88.332981][ T6157] kasan_check_range+0x288/0x290 [ 88.337943][ T6157] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 88.343434][ T6157] __asan_memmove+0x29/0x70 [ 88.347970][ T6157] ext4_xattr_set_entry+0x94b/0x1e90 [ 88.353295][ T6157] ext4_xattr_block_set+0xae3/0x32a0 [ 88.358620][ T6157] ? ext4_destroy_inode+0xe8/0x1b0 [ 88.363760][ T6157] ? ext4_destroy_inode+0x1b0/0x1b0 [ 88.368985][ T6157] ? proc_nr_inodes+0x230/0x230 [ 88.373854][ T6157] ? do_raw_spin_unlock+0x121/0x230 [ 88.379073][ T6157] ? _raw_spin_unlock+0x28/0x40 [ 88.383940][ T6157] ? ext4_xattr_block_find+0x350/0x350 [ 88.389454][ T6157] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 88.394869][ T6157] ext4_xattr_set_handle+0x10a1/0x1290 [ 88.400357][ T6157] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 88.406362][ T6157] ? __ext4_journal_start_sb+0x259/0x570 [ 88.412017][ T6157] ext4_xattr_set+0x22d/0x320 [ 88.416719][ T6157] ? end_current_label_crit_section+0x170/0x170 [ 88.422979][ T6157] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 88.428566][ T6157] ? posix_xattr_acl+0x93/0xb0 [ 88.433372][ T6157] ? evm_protect_xattr+0x36d/0x7a0 [ 88.438509][ T6157] ? ext4_xattr_trusted_get+0x40/0x40 [ 88.443904][ T6157] __vfs_setxattr+0x431/0x470 [ 88.448610][ T6157] __vfs_setxattr_noperm+0x12d/0x5e0 [ 88.453917][ T6157] vfs_setxattr+0x16c/0x2f0 [ 88.458441][ T6157] ? xattr_permission+0x470/0x470 [ 88.463488][ T6157] ? __mnt_want_write+0x223/0x2a0 [ 88.468539][ T6157] ? path_setxattr+0x314/0x550 [ 88.473342][ T6157] path_setxattr+0x362/0x550 [ 88.477954][ T6157] ? simple_xattrs_free+0x150/0x150 [ 88.483185][ T6157] ? lock_chain_count+0x20/0x20 [ 88.488056][ T6157] ? __secure_computing+0x111/0x2f0 [ 88.493281][ T6157] __x64_sys_lsetxattr+0xb8/0xd0 [ 88.497589][ T6162] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #2: comm syz.1.115: corrupted inode contents [ 88.498233][ T6157] do_syscall_64+0x55/0xb0 [ 88.514403][ T6157] ? clear_bhb_loop+0x40/0x90 [ 88.519097][ T6157] ? clear_bhb_loop+0x40/0x90 [ 88.523814][ T6157] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 88.529763][ T6157] RIP: 0033:0x7ff5da38eec9 [ 88.534210][ T6157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.553842][ T6157] RSP: 002b:00007ff5db1c8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 88.562294][ T6157] RAX: ffffffffffffffda RBX: 00007ff5da5e5fa0 RCX: 00007ff5da38eec9 [ 88.570289][ T6157] RDX: 0000200000000800 RSI: 0000200000000180 RDI: 00002000000001c0 [ 88.578280][ T6157] RBP: 00007ff5da411f91 R08: 0000000000000000 R09: 0000000000000000 [ 88.586265][ T6157] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000 [ 88.594251][ T6157] R13: 00007ff5da5e6038 R14: 00007ff5da5e5fa0 R15: 00007fffefc248f8 [ 88.602249][ T6157] [ 88.605279][ T6157] [ 88.607620][ T6157] Allocated by task 6157: [ 88.611949][ T6157] kasan_set_track+0x4e/0x70 [ 88.616559][ T6157] __kasan_kmalloc+0x8f/0xa0 [ 88.621176][ T6157] __kmalloc_node_track_caller+0xb2/0x230 [ 88.626920][ T6157] kmemdup+0x2b/0x70 [ 88.630834][ T6157] ext4_xattr_block_set+0x9e5/0x32a0 [ 88.636138][ T6157] ext4_xattr_set_handle+0x10a1/0x1290 [ 88.641621][ T6157] ext4_xattr_set+0x22d/0x320 [ 88.646320][ T6157] __vfs_setxattr+0x431/0x470 [ 88.651021][ T6157] __vfs_setxattr_noperm+0x12d/0x5e0 [ 88.656325][ T6157] vfs_setxattr+0x16c/0x2f0 [ 88.660847][ T6157] path_setxattr+0x362/0x550 [ 88.665459][ T6157] __x64_sys_lsetxattr+0xb8/0xd0 [ 88.670416][ T6157] do_syscall_64+0x55/0xb0 [ 88.674855][ T6157] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 88.680855][ T6157] [ 88.683198][ T6157] The buggy address belongs to the object at ffff88802449f000 [ 88.683198][ T6157] which belongs to the cache kmalloc-1k of size 1024 [ 88.686596][ T6162] EXT4-fs error (device loop1): ext4_dirty_inode:6106: inode #2: comm syz.1.115: mark_inode_dirty error [ 88.697252][ T6157] The buggy address is located 64 bytes inside of [ 88.697252][ T6157] 1024-byte region [ffff88802449f000, ffff88802449f400) [ 88.697273][ T6157] [ 88.697277][ T6157] The buggy address belongs to the physical page: [ 88.697298][ T6157] page:ffffea0000912600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x24498 [ 88.697316][ T6157] head:ffffea0000912600 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 88.697331][ T6157] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 88.697351][ T6157] page_type: 0xffffffff() [ 88.697366][ T6157] raw: 00fff00000000840 ffff888017841dc0 dead000000000100 dead000000000122 [ 88.697381][ T6157] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 88.710417][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.721858][ T6157] page dumped because: kasan: bad access detected [ 88.721869][ T6157] page_owner tracks the page as allocated [ 88.721875][ T6157] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5074, tgid 5074 (kworker/u4:10), ts 75149331418, free_ts 75140521655 [ 88.721916][ T6157] post_alloc_hook+0x1cd/0x210 [ 88.825732][ T6157] get_page_from_freelist+0x195c/0x19f0 [ 88.831340][ T6157] __alloc_pages+0x1e3/0x460 [ 88.835958][ T6157] alloc_slab_page+0x5d/0x170 [ 88.840665][ T6157] new_slab+0x87/0x2e0 [ 88.844767][ T6157] ___slab_alloc+0xc6d/0x1300 [ 88.849472][ T6157] __kmem_cache_alloc_node+0x1a2/0x260 [ 88.854948][ T6157] __kmalloc+0xa4/0x240 [ 88.859116][ T6157] ieee802_11_parse_elems_full+0xb9/0x2080 [ 88.864939][ T6157] ieee80211_inform_bss+0x107/0x1060 [ 88.870235][ T6157] rdev_inform_bss+0x106/0x410 [ 88.875018][ T6157] cfg80211_inform_bss_frame_data+0xb33/0x12b0 [ 88.881185][ T6157] ieee80211_bss_info_update+0x70b/0x930 [ 88.886834][ T6157] ieee80211_ibss_rx_queued_mgmt+0x17c9/0x2ac0 [ 88.892996][ T6157] ieee80211_iface_work+0x717/0xc70 [ 88.898206][ T6157] cfg80211_wiphy_work+0x225/0x260 [ 88.903329][ T6157] page last free stack trace: [ 88.908003][ T6157] free_unref_page_prepare+0x7ce/0x8e0 [ 88.913468][ T6157] free_unref_page+0x32/0x2e0 [ 88.918149][ T6157] __unfreeze_partials+0x1cf/0x210 [ 88.923274][ T6157] put_cpu_partial+0x17c/0x250 [ 88.928050][ T6157] __slab_free+0x31d/0x410 [ 88.932477][ T6157] qlist_free_all+0x75/0xe0 [ 88.936987][ T6157] kasan_quarantine_reduce+0x143/0x160 [ 88.942465][ T6157] __kasan_slab_alloc+0x22/0x80 [ 88.947334][ T6157] slab_post_alloc_hook+0x6e/0x4d0 [ 88.952453][ T6157] kmem_cache_alloc_node+0x150/0x330 [ 88.957747][ T6157] __alloc_skb+0x108/0x2c0 [ 88.962180][ T6157] mld_newpack+0x143/0xbf0 [ 88.966601][ T6157] add_grhead+0x5a/0x2a0 [ 88.970853][ T6157] add_grec+0x13ad/0x1660 [ 88.975199][ T6157] mld_send_initial_cr+0xed/0x240 [ 88.980230][ T6157] ipv6_mc_dad_complete+0x88/0x210 [ 88.985356][ T6157] [ 88.987687][ T6157] Memory state around the buggy address: [ 88.993331][ T6157] ffff88802449ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 89.001405][ T6157] ffff88802449ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 89.009474][ T6157] >ffff88802449f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 89.017548][ T6157] ^ [ 89.023695][ T6157] ffff88802449f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 89.031777][ T6157] ffff88802449f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 89.039836][ T6157] ================================================================== [ 89.047971][ C0] vkms_vblank_simulate: vblank timer overrun [ 89.069616][ T6162] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #2: comm syz.1.115: corrupted inode contents [ 89.100648][ T6167] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #2: comm syz.1.115: corrupted inode contents [ 89.119736][ T6167] EXT4-fs error (device loop1): ext4_dirty_inode:6106: inode #2: comm syz.1.115: mark_inode_dirty error [ 89.133848][ T6167] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #2: comm syz.1.115: corrupted inode contents [ 89.150256][ T6167] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.115: mark_inode_dirty error [ 89.164171][ T6167] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #2: comm syz.1.115: corrupted inode contents [ 89.178682][ T6157] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 89.185903][ T6157] CPU: 1 PID: 6157 Comm: syz.3.113 Not tainted syzkaller #0 [ 89.193257][ T6157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 89.203316][ T6157] Call Trace: [ 89.206631][ T6157] [ 89.209569][ T6157] dump_stack_lvl+0x16c/0x230 [ 89.214268][ T6157] ? show_regs_print_info+0x20/0x20 [ 89.219474][ T6157] ? load_image+0x3b0/0x3b0 [ 89.223984][ T6157] panic+0x2c0/0x710 [ 89.227878][ T6157] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 89.234047][ T6157] ? bpf_jit_dump+0xd0/0xd0 [ 89.238551][ T6157] ? _raw_spin_unlock_irqrestore+0xfa/0x110 [ 89.244452][ T6157] ? _raw_spin_unlock+0x40/0x40 [ 89.249306][ T6157] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 89.254764][ T6157] check_panic_on_warn+0x84/0xa0 [ 89.259707][ T6157] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 89.265167][ T6157] end_report+0x6f/0x140 [ 89.269406][ T6157] kasan_report+0x128/0x150 [ 89.273910][ T6157] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 89.279373][ T6157] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 89.284835][ T6157] kasan_check_range+0x288/0x290 [ 89.289774][ T6157] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 89.295234][ T6157] __asan_memmove+0x29/0x70 [ 89.299737][ T6157] ext4_xattr_set_entry+0x94b/0x1e90 [ 89.305057][ T6157] ext4_xattr_block_set+0xae3/0x32a0 [ 89.310350][ T6157] ? ext4_destroy_inode+0xe8/0x1b0 [ 89.315460][ T6157] ? ext4_destroy_inode+0x1b0/0x1b0 [ 89.320664][ T6157] ? proc_nr_inodes+0x230/0x230 [ 89.325515][ T6157] ? do_raw_spin_unlock+0x121/0x230 [ 89.330738][ T6157] ? _raw_spin_unlock+0x28/0x40 [ 89.335594][ T6157] ? ext4_xattr_block_find+0x350/0x350 [ 89.341079][ T6157] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 89.346492][ T6157] ext4_xattr_set_handle+0x10a1/0x1290 [ 89.351974][ T6157] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 89.357960][ T6157] ? __ext4_journal_start_sb+0x259/0x570 [ 89.363596][ T6157] ext4_xattr_set+0x22d/0x320 [ 89.368291][ T6157] ? end_current_label_crit_section+0x170/0x170 [ 89.374534][ T6157] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 89.380081][ T6157] ? posix_xattr_acl+0x93/0xb0 [ 89.384845][ T6157] ? evm_protect_xattr+0x36d/0x7a0 [ 89.389982][ T6157] ? ext4_xattr_trusted_get+0x40/0x40 [ 89.395365][ T6157] __vfs_setxattr+0x431/0x470 [ 89.400049][ T6157] __vfs_setxattr_noperm+0x12d/0x5e0 [ 89.405334][ T6157] vfs_setxattr+0x16c/0x2f0 [ 89.409838][ T6157] ? xattr_permission+0x470/0x470 [ 89.414858][ T6157] ? __mnt_want_write+0x223/0x2a0 [ 89.419914][ T6157] ? path_setxattr+0x314/0x550 [ 89.424705][ T6157] path_setxattr+0x362/0x550 [ 89.429297][ T6157] ? simple_xattrs_free+0x150/0x150 [ 89.434505][ T6157] ? lock_chain_count+0x20/0x20 [ 89.439357][ T6157] ? __secure_computing+0x111/0x2f0 [ 89.444557][ T6157] __x64_sys_lsetxattr+0xb8/0xd0 [ 89.449495][ T6157] do_syscall_64+0x55/0xb0 [ 89.453930][ T6157] ? clear_bhb_loop+0x40/0x90 [ 89.458599][ T6157] ? clear_bhb_loop+0x40/0x90 [ 89.463273][ T6157] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 89.469165][ T6157] RIP: 0033:0x7ff5da38eec9 [ 89.473575][ T6157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.493183][ T6157] RSP: 002b:00007ff5db1c8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 89.501609][ T6157] RAX: ffffffffffffffda RBX: 00007ff5da5e5fa0 RCX: 00007ff5da38eec9 [ 89.509582][ T6157] RDX: 0000200000000800 RSI: 0000200000000180 RDI: 00002000000001c0 [ 89.517571][ T6157] RBP: 00007ff5da411f91 R08: 0000000000000000 R09: 0000000000000000 [ 89.525536][ T6157] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000 [ 89.533527][ T6157] R13: 00007ff5da5e6038 R14: 00007ff5da5e5fa0 R15: 00007fffefc248f8 [ 89.541503][ T6157] [ 89.544857][ T6157] Kernel Offset: disabled [ 89.549178][ T6157] Rebooting in 86400 seconds..