last executing test programs:
2.055586861s ago: executing program 2 (id=3):
r0 = socket(0x2, 0x80805, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000040000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
epoll_create1(0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000080))
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendfile(r4, r4, 0x0, 0x200900)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r5, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000004c0)={0x40, 0x7, 0x104, 0x0, 0x2, 0x0, 0xa, 0x8}, &(0x7f0000000500)=0x20)
syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f00000000c0)='./file1\x00', 0x4490, &(0x7f0000002cc0)=ANY=[], 0xfd, 0x297, &(0x7f0000000480)="$eJzs3c1qE18Yx/HfmUyb/P8tdfoignRVLbiSvmzETUFyB25cidpEKIYKWkFdRdfiBbjPLXgBLl2Ja6G7rryA7CLnzBkzSWaSGBonid8PJEw655l5TuZMz3lSSgTgn3Wvet46vLAPI5VUknRXCiRVpFDSVV2rvDo9Ozlr1GvDDlRyEfZhFEeagTbHp/WsUBvnIrzIvgq1mv4ZpqPyQ83tlaKzQNHc3Z8hkMr+7nT7K389s+loFp1AwUxbbb3WWtF5AACK5ef/wM/zq379HgTSrp/24/k/WdXP+QTaLjqBKfsyYn9q/ndVVsfY63vF7erWe+5ih1ryQa3Di0lyWVY8snoWmGZUVelyCf57etKo3z5+3qgFeq8jb6nbbMs91+KhmzhvGVfT2u13g4fe8bXpmPVlUiGP1zrNFVbBku3DQTr/VJPNyz3jaOar+WYemkifVPu9/gs7xl4md6WivisV57+Xf0TXy2W5Vjm9XHcnue7P4A3tZUk5FYmSEbXedwGjnDzDnqiNvqi4d/v5vXNRm5lRByOitvqjuqM5P3LazEfzwOzopz6rmlr/B/bd3tU4d6Zt41r6kTG0P6FrGbn5xM8dze3MlsGkPcIEPuiJ7mjt5Zu3zx43GvUXC7th78QZSGOmNpJBMCv5LOyGfZMLOXsy70x+nPxfHXwsvzi6F/0PAxkEi8Kuu0xc/6XqlT23WLNPUe86vZyO7Yw6eOqI+zm1wYZ7/r+/gsupDYz76GEl46+Lg2ccWnPduCXdHOeMscjnOXuOJgkyVX3XIz7/BwAAAAAAAAAAAAAAAAAAmDeX9y8HFeXtKrqPAAAAAAAAAAAAAAAAAAAAAADMu4zv/y0X+v2/9xW/4vt/gan7FQAA//+pI3MQ")
r6 = socket$kcm(0x2a, 0x2, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
sendmsg$kcm(r6, 0x0, 0x0)
r7 = syz_io_uring_setup(0x380a, &(0x7f0000000140)={0x0, 0x729, 0x3010, 0x0, 0x8000001}, &(0x7f0000000100), &(0x7f0000000480))
r8 = epoll_create(0xaf2)
epoll_pwait(r8, &(0x7f00000002c0)=[{}], 0xfc, 0x80000001, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r7, &(0x7f0000000080)={0xe000200f})
setxattr$trusted_overlay_redirect(&(0x7f0000000240)='./file0/../file0/file0\x00', &(0x7f00000002c0), 0x0, 0x0, 0x3)
458.03802ms ago: executing program 2 (id=5):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0xd0, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xa4, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x90, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0_to_batadv\x00'}, {0x14, 0x1, 'macvlan1\x00'}, {0x14, 0x1, 'veth1\x00'}, {0x14, 0x1, 'gre0\x00'}, {0x14, 0x1, 'wlan1\x00'}, {0x14, 0x1, 'veth1_virt_wifi\x00'}, {0x14, 0x1, 'veth0_to_bond\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x6}]}]}, @NFT_MSG_DELFLOWTABLE={0x78, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'ip6erspan0\x00'}, {0x14, 0x1, 'bond_slave_1\x00'}, {0x14, 0x1, 'macsec0\x00'}]}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}], {0x14, 0x10}}, 0x190}}, 0x0)
425.760171ms ago: executing program 3 (id=4):
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000200)={[{@stripe={'stripe', 0x3d, 0x8001}}, {@auto_da_alloc}, {@nombcache}, {@nobarrier}, {@init_itable}, {@errors_remount}]}, 0x1, 0x569, &(0x7f00000002c0)="$eJzs3U1rXFUfAPD/nWT6/jxNoRQVkYALK7WTJvGlgou61mJB93VIbkPJpFMyk9LEgu3CrqW4EQviXly7LH4BF36GghaKlKALN5E7uTOdJDPJtJ0mU+f3g1vOuS8598y5/9NzcmYyAQyt8eyfQsTLEfF1EnE0IpL82GjkB8fXz1t9dGMm25JYW/v0z6RxXpZv/qzmdYfzzEsR8ctXEacKW8utLa/MlyuVdDHPT9QXrk7UlldOX14oz6Vz6ZWp6emz70xPvf/eu32r65sX/v72k3sjee7YnSTOxZE8116PZ3CzPTMe4/lrUoxzm06c7ENhgyTpuPenXb8PnsxIHufFyPqAozGSRz3w3/dlRKwBQyp54vj/rfh87gTYXc1xQHNu36d58Avj4YfrE6Ct9R9d/91IHGjMjQ6tJhtmRtl8d6wP5Wdl/PzH3TvZFv37PQTAjm7eiogzo6Nb+78k7/+e3pkeztlchv4Pds+9bPzzVqfxT6E1/okO45/DHWL3aewc/4UHfSimq2z890HH8W9r0WpsJM/9rzHmKyaXLlfSrG/7f0ScjOL+LL/des7Z1ftr3Y61j/+yLSu/ORbM7+PB6P6N18yW6+VnqXO7h7ciXuk4/k1a7Z90aP/s9bjQYxkn0ruvdTu2c/2fr7UfIt7o2P6PV7SS7dcnJxrPw0Tzqdjqr9snfu1W/l7XP2v/Q9vXfyxpX6+ttV890lMZ3x/4J43WevJGG+ofvT//+5LPGul9+b7r5Xp9cTJiX/Jxa3+huX/q8bXNfPP8rP4nX9++/+v0/B+MiM97qn3E7eM/vtrt2CC0/2zH9m/Nbje1/5Mn7n/0xXfdyu+t/3u7kTqZ7+ml/+v1Bp/ltQMAAAAAAIBBU4iII5EUSq10oVAqrb+/43gcKlSqtfqpS9WlK7PR+KzsWBQLzZXuo23vh5jMVwyb+alN+emIOBYR34wcbORLM9XK7F5XHgAAAAAAAAAAAAAAAAAAAAbE4S6f/8/8vvXPux/Y/TsEnitf+Q3Da8f478c3PQEDyf//MLzEPwwv8Q/DS/zD8BL/MLzEPwwv8Q/DS/wDAAAAAAAAAAAAAAAAAAAAAAAAAABAX104fz7b1lYf3ZjJ8rPXlpfmq9dOz6a1+dLC0kxpprp4tTRXrc5V0tJMdWGnn1epVq9OTsXS9Yl6WqtP1JZXLi5Ul67UL15eKM+lF9PirtQKAAAAAAAAAAAAAAAAAAAAXiy15ZX5cqWSLkpIPFVidDBuQ6LPib3umQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgsX8DAAD//welMww=")
r1 = open(&(0x7f0000000c00)='./file0\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
syz_emit_ethernet(0x62, &(0x7f0000000140)={@local, @random="4489a2bc242d", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010101, @local}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0xe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @broadcast=0xac14140a, @broadcast=0xac1414bb, {[@timestamp_addr={0x44, 0x24, 0x0, 0x1, 0x0, [{@local}, {@loopback}, {@local}, {@dev}]}]}}}}}}}, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000840), &(0x7f0000000940)=ANY=[], 0x361, 0x0)
setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000280)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000100)=ANY=[@ANYRESHEX=r0, @ANYRESHEX], 0xfe37, 0x0)
0s ago: executing program 2 (id=6):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xa4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000640)="985e44efeabe", 0x6}], 0x1}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)="bf", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000ac0)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f586136c5076a6f0f1b6fc9adf80557eb44db1b41824e9ef104c95e999766bbf27d74ad5d8fa63210cde65d384dd3e87c1fedaec3144d1ee66a0eb0750363e346cb930dae6109df236170051a31c21df5c4a6a5cf5321d26b9955bf8af119b5c9a86622af4ff8b5949fb90f8edbde416d046d61512fe4c453bb601a780e1bbc00dbedc5e50d3cd9bc920810eaefd5f9a171e9d32ab46b42e3e78c60087318bab42e94653cbdd600fba37c5a31d095500e91d02256f101e82447e34733220cdaaabc947f5b815080b5214c94a06fe96450ea42f48006c032b24d9e8d722841b7c7244b1d2cc012fcda1f7472fdba0300000062e32b359fad715b3f5cef6ef951abab80a4a0f5f8574395c5820fa25d07a119e23b39a87cb3b763fbfb0493121eec3e05eacbe7835e79e74881d1179013622a2a6421d51c974e6abd48a9882c8fcadbcee369346a9ad948fd5dd8f87496a30a9d888cdbcee8f3592dd69165358c4cd474639fc13300317b7fed115fb9818b20d177a39157101dbd8e23bc9ed32efed96c410a103d35336fb4ee4000bfb3d32b0181ff3d726a7dc6432a336a42b50b2c6877cb63b410d746b35fc721e5992ba47c3a2bc2d3679abe0794d226b7b0c333c3000fee7adaafb6efd57382eb2a86d71acaae52a154477a5b66757a886f4ad5446607520c17fb81ede0473cd897a34c7c9f41b653d568e4e1c457b0fc90554ed6798d3b8f3fb82578a424f385b1058dc11bab8989f000dd3e144a37015ffdf45d90393b12279455e6028dcb308b6bbcff5735ef770018ecb37242001aecc2a21c5d0edd078594240435b20a86566f110799ae2a11ec6c37d44e1fc10d38c11338909f158b4660a1f88ed47d113ceedd65e6f6834939359f8feec26e858c119aa044030af20bdf5fbc00972b59771330a4f0d179", 0x2f6}, {&(0x7f0000000740)="e879aa6243a217b8fc965e38137127f8c45d4890f1f5024a4249c22f15618073cd7360628a53bb07feb522614db4e510a823070840f8d9857da18f5fec169e443738354271143f57654221b381cbaf31e6d57be483087e06339188b996164436d100570db8e02e95631973a2e4fa", 0x6e}, {&(0x7f0000000800)="d1a763e27f", 0x5}], 0x3}}], 0x3, 0x2090)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)
kernel console output (not intermixed with test programs):
Warning: Permanently added '10.128.1.85' (ED25519) to the list of known hosts.
[ 67.274772][ T5775] cgroup: Unknown subsys name 'net'
[ 67.413230][ T5775] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 68.861351][ T5775] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 71.217445][ T5797] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 71.225207][ T5797] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 71.241718][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.256920][ T5797] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 71.273865][ T5798] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 71.276417][ T5797] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 71.292407][ T5803] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 71.292441][ T5800] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 71.299423][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[ 71.307453][ T5798] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 71.314106][ T5803] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 71.321312][ T5798] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 71.328679][ T5803] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 71.334971][ T5800] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 71.348620][ T5798] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 71.356084][ T5803] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 71.356789][ T5798] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 71.364082][ T5803] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 71.370584][ T5800] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 71.377684][ T5803] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 71.384576][ T5800] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 71.391428][ T5803] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 71.400982][ T5800] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 71.412106][ T5803] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 71.412950][ T5800] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 71.428240][ T5793] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 71.880890][ T5786] chnl_net:caif_netlink_parms(): no params data found
[ 71.905543][ T5785] chnl_net:caif_netlink_parms(): no params data found
[ 71.929158][ T5787] chnl_net:caif_netlink_parms(): no params data found
[ 71.990081][ T5788] chnl_net:caif_netlink_parms(): no params data found
[ 72.139999][ T5787] bridge0: port 1(bridge_slave_0) entered blocking state
[ 72.147801][ T5787] bridge0: port 1(bridge_slave_0) entered disabled state
[ 72.155034][ T5787] bridge_slave_0: entered allmulticast mode
[ 72.162849][ T5787] bridge_slave_0: entered promiscuous mode
[ 72.171252][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state
[ 72.178687][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state
[ 72.185800][ T5786] bridge_slave_0: entered allmulticast mode
[ 72.192676][ T5786] bridge_slave_0: entered promiscuous mode
[ 72.199762][ T5785] bridge0: port 1(bridge_slave_0) entered blocking state
[ 72.207017][ T5785] bridge0: port 1(bridge_slave_0) entered disabled state
[ 72.214220][ T5785] bridge_slave_0: entered allmulticast mode
[ 72.221385][ T5785] bridge_slave_0: entered promiscuous mode
[ 72.242041][ T5787] bridge0: port 2(bridge_slave_1) entered blocking state
[ 72.249445][ T5787] bridge0: port 2(bridge_slave_1) entered disabled state
[ 72.257195][ T5787] bridge_slave_1: entered allmulticast mode
[ 72.263922][ T5787] bridge_slave_1: entered promiscuous mode
[ 72.270842][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state
[ 72.278064][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state
[ 72.285225][ T5786] bridge_slave_1: entered allmulticast mode
[ 72.292115][ T5786] bridge_slave_1: entered promiscuous mode
[ 72.308382][ T5785] bridge0: port 2(bridge_slave_1) entered blocking state
[ 72.315480][ T5785] bridge0: port 2(bridge_slave_1) entered disabled state
[ 72.322659][ T5785] bridge_slave_1: entered allmulticast mode
[ 72.329677][ T5785] bridge_slave_1: entered promiscuous mode
[ 72.399372][ T5788] bridge0: port 1(bridge_slave_0) entered blocking state
[ 72.406986][ T5788] bridge0: port 1(bridge_slave_0) entered disabled state
[ 72.414106][ T5788] bridge_slave_0: entered allmulticast mode
[ 72.421579][ T5788] bridge_slave_0: entered promiscuous mode
[ 72.429780][ T5788] bridge0: port 2(bridge_slave_1) entered blocking state
[ 72.437023][ T5788] bridge0: port 2(bridge_slave_1) entered disabled state
[ 72.444173][ T5788] bridge_slave_1: entered allmulticast mode
[ 72.451652][ T5788] bridge_slave_1: entered promiscuous mode
[ 72.460456][ T5787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 72.472101][ T5787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 72.483229][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 72.494392][ T5785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 72.507145][ T5785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 72.537350][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 72.591059][ T5788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 72.623767][ T5785] team0: Port device team_slave_0 added
[ 72.633155][ T5788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 72.653689][ T5787] team0: Port device team_slave_0 added
[ 72.662908][ T5787] team0: Port device team_slave_1 added
[ 72.671199][ T5786] team0: Port device team_slave_0 added
[ 72.679925][ T5786] team0: Port device team_slave_1 added
[ 72.687420][ T5785] team0: Port device team_slave_1 added
[ 72.761521][ T5788] team0: Port device team_slave_0 added
[ 72.780771][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 72.788403][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 72.814330][ T5787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 72.826912][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 72.833867][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 72.860162][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 72.880596][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 72.887739][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 72.913884][ T5785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 72.926279][ T5788] team0: Port device team_slave_1 added
[ 72.932555][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 72.939821][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 72.966002][ T5787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 72.982858][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 72.989939][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 73.016439][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 73.027973][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 73.034906][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 73.060830][ T5785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 73.096908][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 73.103862][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 73.130089][ T5788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 73.146733][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 73.153692][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 73.179722][ T5788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 73.278595][ T5788] hsr_slave_0: entered promiscuous mode
[ 73.284863][ T5788] hsr_slave_1: entered promiscuous mode
[ 73.298313][ T5786] hsr_slave_0: entered promiscuous mode
[ 73.304515][ T5786] hsr_slave_1: entered promiscuous mode
[ 73.310885][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 73.318907][ T5786] Cannot create hsr debugfs directory
[ 73.329089][ T5787] hsr_slave_0: entered promiscuous mode
[ 73.335405][ T5787] hsr_slave_1: entered promiscuous mode
[ 73.341571][ T5787] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 73.349237][ T5787] Cannot create hsr debugfs directory
[ 73.384515][ T5785] hsr_slave_0: entered promiscuous mode
[ 73.390866][ T5785] hsr_slave_1: entered promiscuous mode
[ 73.397696][ T5785] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 73.405258][ T5785] Cannot create hsr debugfs directory
[ 73.476717][ T5800] Bluetooth: hci0: command tx timeout
[ 73.480837][ T5793] Bluetooth: hci1: command tx timeout
[ 73.486850][ T5800] Bluetooth: hci2: command tx timeout
[ 73.489155][ T51] Bluetooth: hci3: command tx timeout
[ 73.780817][ T5788] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 73.794732][ T5788] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 73.804938][ T5788] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 73.815852][ T5788] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 73.895069][ T5786] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 73.904688][ T5786] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 73.929944][ T5786] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 73.940133][ T5786] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 73.989127][ T5785] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 74.025494][ T5785] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 74.040296][ T5785] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 74.050040][ T5785] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 74.105356][ T5787] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 74.115894][ T5787] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 74.132512][ T5787] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 74.143554][ T5787] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 74.184649][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0
[ 74.254470][ T5788] 8021q: adding VLAN 0 to HW filter on device team0
[ 74.285705][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0
[ 74.301364][ T709] bridge0: port 1(bridge_slave_0) entered blocking state
[ 74.308592][ T709] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 74.334416][ T709] bridge0: port 2(bridge_slave_1) entered blocking state
[ 74.341550][ T709] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 74.365529][ T5786] 8021q: adding VLAN 0 to HW filter on device team0
[ 74.397305][ T5788] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 74.408203][ T5788] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 74.429055][ T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 74.436199][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 74.462125][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0
[ 74.477212][ T11] bridge0: port 2(bridge_slave_1) entered blocking state
[ 74.484387][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 74.585390][ T5785] 8021q: adding VLAN 0 to HW filter on device team0
[ 74.620837][ T48] bridge0: port 1(bridge_slave_0) entered blocking state
[ 74.628095][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 74.646032][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0
[ 74.674351][ T74] bridge0: port 2(bridge_slave_1) entered blocking state
[ 74.681481][ T74] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 74.743602][ T5787] 8021q: adding VLAN 0 to HW filter on device team0
[ 74.774515][ T74] bridge0: port 1(bridge_slave_0) entered blocking state
[ 74.781655][ T74] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 74.821261][ T74] bridge0: port 2(bridge_slave_1) entered blocking state
[ 74.828508][ T74] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 74.877815][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 74.987388][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 75.047889][ T5788] veth0_vlan: entered promiscuous mode
[ 75.093385][ T5788] veth1_vlan: entered promiscuous mode
[ 75.139616][ T5786] veth0_vlan: entered promiscuous mode
[ 75.181379][ T5786] veth1_vlan: entered promiscuous mode
[ 75.212829][ T5788] veth0_macvtap: entered promiscuous mode
[ 75.240198][ T5788] veth1_macvtap: entered promiscuous mode
[ 75.279217][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 75.295116][ T5786] veth0_macvtap: entered promiscuous mode
[ 75.311731][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 75.322358][ T5786] veth1_macvtap: entered promiscuous mode
[ 75.344944][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 75.367159][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 75.381160][ T5788] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.390200][ T5788] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.401349][ T5788] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.410322][ T5788] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.420765][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 75.431511][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 75.442780][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 75.453019][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 75.465218][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 75.478266][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 75.489890][ T5786] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.498761][ T5786] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.507857][ T5786] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.517650][ T5786] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.556373][ T5793] Bluetooth: hci1: command tx timeout
[ 75.561806][ T5803] Bluetooth: hci2: command tx timeout
[ 75.561832][ T5800] Bluetooth: hci0: command tx timeout
[ 75.567592][ T51] Bluetooth: hci3: command tx timeout
[ 75.680356][ T5785] veth0_vlan: entered promiscuous mode
[ 75.687594][ T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 75.690147][ T5787] veth0_vlan: entered promiscuous mode
[ 75.695592][ T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 75.734374][ T5785] veth1_vlan: entered promiscuous mode
[ 75.750946][ T5787] veth1_vlan: entered promiscuous mode
[ 75.802144][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 75.809329][ T5787] veth0_macvtap: entered promiscuous mode
[ 75.822254][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 75.846023][ T5787] veth1_macvtap: entered promiscuous mode
[ 75.871374][ T5785] veth0_macvtap: entered promiscuous mode
[ 75.884636][ T5785] veth1_macvtap: entered promiscuous mode
[ 75.900650][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 75.919043][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 75.982785][ T1023] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 75.985373][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 76.013198][ T1023] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 76.023342][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 76.041340][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 76.052817][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 76.068067][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 76.078186][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 76.102166][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 76.127600][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 76.180880][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 76.237378][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 76.294159][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 76.343584][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 76.437782][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 76.474791][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 76.515467][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 76.552558][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 76.582293][ T5884] syz.2.3[5884]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[ 76.611334][ T5884] loop2: detected capacity change from 0 to 64
[ 76.629988][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[ 76.644123][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 76.652602][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[ 76.673529][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[ 76.693677][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[ 76.702725][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[ 76.719653][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[ 76.778387][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[ 76.793259][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[ 76.802575][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[ 76.812476][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[ 76.932337][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 77.072444][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 77.153430][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 77.242142][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 77.318045][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 77.366502][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 77.397709][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 77.414977][ T5787] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.440039][ T5787] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.449465][ T5787] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.458905][ T5787] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.507876][ T5785] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.518059][ T5785] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.527952][ T5785] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.536947][ T5785] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.646186][ T51] Bluetooth: hci0: command tx timeout
[ 77.647683][ T5793] Bluetooth: hci3: command tx timeout
[ 77.651689][ T51] Bluetooth: hci1: command tx timeout
[ 77.658173][ T5803] Bluetooth: hci2: command tx timeout
[ 77.710603][ T5887] loop3: detected capacity change from 0 to 1024
[ 77.722405][ T5887] =======================================================
[ 77.722405][ T5887] WARNING: The mand mount option has been deprecated and
[ 77.722405][ T5887] and is ignored by this kernel. Remove the mand
[ 77.722405][ T5887] option from the mount to silence this warning.
[ 77.722405][ T5887] =======================================================
[ 77.773217][ T5887] EXT4-fs (loop3): stripe (32769) is not aligned with cluster size (16), stripe is disabled
[ 77.868316][ T709] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 77.884748][ T709] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 77.909942][ T5887] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 77.984227][ T1023] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 77.995791][ T709] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 78.025474][ T5887] ==================================================================
[ 78.033571][ T5887] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x94b/0x1e90
[ 78.036162][ T1023] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.041308][ T5887] Read of size 18446744073709551588 at addr ffff888143f15840 by task syz.3.4/5887
[ 78.048695][ T709] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.057773][ T5887]
[ 78.057800][ T5887] CPU: 0 PID: 5887 Comm: syz.3.4 Not tainted syzkaller #0
[ 78.074534][ T5887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 78.084609][ T5887] Call Trace:
[ 78.087903][ T5887]
[ 78.090852][ T5887] dump_stack_lvl+0x16c/0x230
[ 78.095556][ T5887] ? read_lock_is_recursive+0x20/0x20
[ 78.100962][ T5887] ? show_regs_print_info+0x20/0x20
[ 78.106177][ T5887] ? load_image+0x3b0/0x3b0
[ 78.110730][ T5887] ? _raw_spin_lock_irqsave+0xb4/0xf0
[ 78.116112][ T5887] ? __virt_addr_valid+0x18c/0x540
[ 78.121245][ T5887] ? __virt_addr_valid+0x469/0x540
[ 78.126388][ T5887] print_report+0xac/0x220
[ 78.130832][ T5887] ? ext4_xattr_set_entry+0x94b/0x1e90
[ 78.136313][ T5887] kasan_report+0x117/0x150
[ 78.140829][ T5887] ? ext4_xattr_set_entry+0x94b/0x1e90
[ 78.146316][ T5887] ? ext4_xattr_set_entry+0x94b/0x1e90
[ 78.151807][ T5887] kasan_check_range+0x288/0x290
[ 78.156762][ T5887] ? ext4_xattr_set_entry+0x94b/0x1e90
[ 78.162236][ T5887] __asan_memmove+0x29/0x70
[ 78.166769][ T5887] ext4_xattr_set_entry+0x94b/0x1e90
[ 78.172082][ T5887] ext4_xattr_block_set+0xae3/0x32a0
[ 78.177399][ T5887] ? ext4_destroy_inode+0x200/0x200
[ 78.182612][ T5887] ? proc_nr_inodes+0x230/0x230
[ 78.187470][ T5887] ? do_raw_spin_unlock+0x121/0x230
[ 78.192685][ T5887] ? _raw_spin_unlock+0x28/0x40
[ 78.197547][ T5887] ? ext4_xattr_block_find+0x350/0x350
[ 78.203008][ T5887] ? ext4_xattr_ibody_set+0x50d/0x6a0
[ 78.208384][ T5887] ext4_xattr_set_handle+0xbff/0x1290
[ 78.213766][ T5887] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0
[ 78.219757][ T5887] ? __ext4_journal_start_sb+0x259/0x570
[ 78.225398][ T5887] ext4_xattr_set+0x22d/0x320
[ 78.230083][ T5887] ? ext4_xattr_set_credits+0x2f0/0x2f0
[ 78.235633][ T5887] ? evm_protected_xattr_common+0x170/0x190
[ 78.241530][ T5887] ? evm_protect_xattr+0x534/0x7a0
[ 78.246647][ T5887] ? ext4_xattr_security_get+0x40/0x40
[ 78.252111][ T5887] __vfs_setxattr+0x431/0x470
[ 78.256789][ T5887] __vfs_setxattr_noperm+0x12d/0x5e0
[ 78.262082][ T5887] vfs_setxattr+0x16c/0x2f0
[ 78.266597][ T5887] ? xattr_permission+0x470/0x470
[ 78.271624][ T5887] ? __mnt_want_write+0x223/0x2a0
[ 78.276662][ T5887] ? path_setxattr+0x314/0x550
[ 78.281439][ T5887] path_setxattr+0x362/0x550
[ 78.286037][ T5887] ? simple_xattrs_free+0x150/0x150
[ 78.291252][ T5887] ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 78.297230][ T5887] ? lock_chain_count+0x20/0x20
[ 78.302080][ T5887] __x64_sys_setxattr+0xbb/0xd0
[ 78.306930][ T5887] do_syscall_64+0x55/0xb0
[ 78.311349][ T5887] ? clear_bhb_loop+0x40/0x90
[ 78.316031][ T5887] ? clear_bhb_loop+0x40/0x90
[ 78.320710][ T5887] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 78.326620][ T5887] RIP: 0033:0x7fb66098f749
[ 78.331038][ T5887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 78.350638][ T5887] RSP: 002b:00007fb6617fa038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 78.359051][ T5887] RAX: ffffffffffffffda RBX: 00007fb660be5fa0 RCX: 00007fb66098f749
[ 78.367018][ T5887] RDX: 00002000000013c0 RSI: 0000200000000140 RDI: 0000200000000100
[ 78.374985][ T5887] RBP: 00007fb660a13f91 R08: 0000000000000000 R09: 0000000000000000
[ 78.382958][ T5887] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000
[ 78.390927][ T5887] R13: 00007fb660be6038 R14: 00007fb660be5fa0 R15: 00007ffd48e6f128
[ 78.398899][ T5887]
[ 78.401914][ T5887]
[ 78.404239][ T5887] Allocated by task 5887:
[ 78.408565][ T5887] kasan_set_track+0x4e/0x70
[ 78.413155][ T5887] __kasan_kmalloc+0x8f/0xa0
[ 78.417754][ T5887] __kmalloc_node_track_caller+0xb2/0x230
[ 78.423490][ T5887] kmemdup+0x2b/0x70
[ 78.427389][ T5887] ext4_xattr_block_set+0x9e5/0x32a0
[ 78.432676][ T5887] ext4_xattr_set_handle+0xbff/0x1290
[ 78.438045][ T5887] ext4_xattr_set+0x22d/0x320
[ 78.442734][ T5887] __vfs_setxattr+0x431/0x470
[ 78.447421][ T5887] __vfs_setxattr_noperm+0x12d/0x5e0
[ 78.452702][ T5887] vfs_setxattr+0x16c/0x2f0
[ 78.457204][ T5887] path_setxattr+0x362/0x550
[ 78.461792][ T5887] __x64_sys_setxattr+0xbb/0xd0
[ 78.466660][ T5887] do_syscall_64+0x55/0xb0
[ 78.471095][ T5887] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 78.476998][ T5887]
[ 78.479319][ T5887] The buggy address belongs to the object at ffff888143f15800
[ 78.479319][ T5887] which belongs to the cache kmalloc-1k of size 1024
[ 78.493364][ T5887] The buggy address is located 64 bytes inside of
[ 78.493364][ T5887] 1024-byte region [ffff888143f15800, ffff888143f15c00)
[ 78.506629][ T5887]
[ 78.508966][ T5887] The buggy address belongs to the physical page:
[ 78.515374][ T5887] page:ffffea00050fc400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x143f10
[ 78.525601][ T5887] head:ffffea00050fc400 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 78.534536][ T5887] flags: 0x57ff00000000840(slab|head|node=1|zone=2|lastcpupid=0x7ff)
[ 78.542600][ T5887] page_type: 0xffffffff()
[ 78.546928][ T5887] raw: 057ff00000000840 ffff888017841dc0 dead000000000122 0000000000000000
[ 78.555506][ T5887] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 78.564099][ T5887] page dumped because: kasan: bad access detected
[ 78.570505][ T5887] page_owner tracks the page as allocated
[ 78.576213][ T5887] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 5889, tgid 5888 (syz.2.5), ts 77893752147, free_ts 39947125837
[ 78.598561][ T5887] post_alloc_hook+0x1cd/0x210
[ 78.603332][ T5887] get_page_from_freelist+0x195c/0x19f0
[ 78.608880][ T5887] __alloc_pages+0x1e3/0x460
[ 78.613476][ T5887] alloc_slab_page+0x4f/0x170
[ 78.618157][ T5887] new_slab+0x87/0x2e0
[ 78.622228][ T5887] ___slab_alloc+0xc6d/0x1300
[ 78.626909][ T5887] __kmem_cache_alloc_node+0x1a2/0x260
[ 78.632370][ T5887] __kmalloc_node+0xa4/0x230
[ 78.636960][ T5887] memcg_alloc_slab_cgroups+0x87/0x130
[ 78.642417][ T5887] slab_post_alloc_hook+0xfc/0x4d0
[ 78.647528][ T5887] __kmem_cache_alloc_node+0x13e/0x260
[ 78.652985][ T5887] __kmalloc+0xa4/0x240
[ 78.657137][ T5887] nla_strdup+0x9d/0x170
[ 78.661377][ T5887] nf_tables_newtable+0x492/0x16f0
[ 78.666484][ T5887] nfnetlink_rcv+0xfad/0x2180
[ 78.671157][ T5887] netlink_unicast+0x751/0x8d0
[ 78.675931][ T5887] page last free stack trace:
[ 78.680593][ T5887] free_unref_page_prepare+0x7ce/0x8e0
[ 78.686054][ T5887] free_unref_page+0x32/0x2e0
[ 78.690733][ T5887] __unfreeze_partials+0x1cf/0x210
[ 78.695858][ T5887] put_cpu_partial+0x17c/0x250
[ 78.700621][ T5887] __slab_free+0x31d/0x410
[ 78.705045][ T5887] qlist_free_all+0x75/0xe0
[ 78.709555][ T5887] kasan_quarantine_reduce+0x143/0x160
[ 78.715016][ T5887] __kasan_slab_alloc+0x22/0x80
[ 78.719861][ T5887] slab_post_alloc_hook+0x6e/0x4d0
[ 78.724981][ T5887] __kmem_cache_alloc_node+0x13e/0x260
[ 78.730451][ T5887] __kmalloc+0xa4/0x240
[ 78.734622][ T5887] tomoyo_realpath_from_path+0xe3/0x5d0
[ 78.740182][ T5887] tomoyo_check_open_permission+0x1c3/0x3c0
[ 78.746075][ T5887] security_file_open+0x62/0xa0
[ 78.751019][ T5887] do_dentry_open+0x380/0x1500
[ 78.755778][ T5887] path_openat+0x274b/0x3190
[ 78.760371][ T5887]
[ 78.762690][ T5887] Memory state around the buggy address:
[ 78.768309][ T5887] ffff888143f15700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 78.776369][ T5887] ffff888143f15780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 78.784432][ T5887] >ffff888143f15800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 78.792484][ T5887] ^
[ 78.798638][ T5887] ffff888143f15880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 78.806694][ T5887] ffff888143f15900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 78.814747][ T5887] ==================================================================
[ 78.871443][ T1023] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 78.894486][ T5887] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 78.901707][ T5887] CPU: 0 PID: 5887 Comm: syz.3.4 Not tainted syzkaller #0
[ 78.903971][ T1023] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.916103][ T5887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 78.926174][ T5887] Call Trace:
[ 78.929470][ T5887]
[ 78.932426][ T5887] dump_stack_lvl+0x16c/0x230
[ 78.937132][ T5887] ? show_regs_print_info+0x20/0x20
[ 78.942357][ T5887] ? load_image+0x3b0/0x3b0
[ 78.946882][ T5887] panic+0x2c0/0x710
[ 78.950812][ T5887] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 78.956993][ T5887] ? bpf_jit_dump+0xd0/0xd0
[ 78.961527][ T5887] ? _raw_spin_unlock_irqrestore+0xfa/0x110
[ 78.967444][ T5887] ? _raw_spin_unlock+0x40/0x40
[ 78.972316][ T5887] ? ext4_xattr_set_entry+0x94b/0x1e90
[ 78.977830][ T5887] check_panic_on_warn+0x84/0xa0
[ 78.982772][ T5887] ? ext4_xattr_set_entry+0x94b/0x1e90
[ 78.988233][ T5887] end_report+0x6f/0x140
[ 78.992477][ T5887] kasan_report+0x128/0x150
[ 78.996994][ T5887] ? ext4_xattr_set_entry+0x94b/0x1e90
[ 79.002470][ T5887] ? ext4_xattr_set_entry+0x94b/0x1e90
[ 79.007941][ T5887] kasan_check_range+0x288/0x290
[ 79.012883][ T5887] ? ext4_xattr_set_entry+0x94b/0x1e90
[ 79.018346][ T5887] __asan_memmove+0x29/0x70
[ 79.022853][ T5887] ext4_xattr_set_entry+0x94b/0x1e90
[ 79.028148][ T5887] ext4_xattr_block_set+0xae3/0x32a0
[ 79.033434][ T5887] ? ext4_destroy_inode+0x200/0x200
[ 79.038635][ T5887] ? proc_nr_inodes+0x230/0x230
[ 79.043496][ T5887] ? do_raw_spin_unlock+0x121/0x230
[ 79.048695][ T5887] ? _raw_spin_unlock+0x28/0x40
[ 79.053544][ T5887] ? ext4_xattr_block_find+0x350/0x350
[ 79.059005][ T5887] ? ext4_xattr_ibody_set+0x50d/0x6a0
[ 79.064378][ T5887] ext4_xattr_set_handle+0xbff/0x1290
[ 79.069757][ T5887] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0
[ 79.075741][ T5887] ? __ext4_journal_start_sb+0x259/0x570
[ 79.081376][ T5887] ext4_xattr_set+0x22d/0x320
[ 79.086057][ T5887] ? ext4_xattr_set_credits+0x2f0/0x2f0
[ 79.091607][ T5887] ? evm_protected_xattr_common+0x170/0x190
[ 79.097524][ T5887] ? evm_protect_xattr+0x534/0x7a0
[ 79.102639][ T5887] ? ext4_xattr_security_get+0x40/0x40
[ 79.108111][ T5887] __vfs_setxattr+0x431/0x470
[ 79.112807][ T5887] __vfs_setxattr_noperm+0x12d/0x5e0
[ 79.118115][ T5887] vfs_setxattr+0x16c/0x2f0
[ 79.122628][ T5887] ? xattr_permission+0x470/0x470
[ 79.127649][ T5887] ? __mnt_want_write+0x223/0x2a0
[ 79.132674][ T5887] ? path_setxattr+0x314/0x550
[ 79.137436][ T5887] path_setxattr+0x362/0x550
[ 79.142030][ T5887] ? simple_xattrs_free+0x150/0x150
[ 79.147254][ T5887] ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 79.153237][ T5887] ? lock_chain_count+0x20/0x20
[ 79.158090][ T5887] __x64_sys_setxattr+0xbb/0xd0
[ 79.162940][ T5887] do_syscall_64+0x55/0xb0
[ 79.167358][ T5887] ? clear_bhb_loop+0x40/0x90
[ 79.172035][ T5887] ? clear_bhb_loop+0x40/0x90
[ 79.176709][ T5887] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 79.182600][ T5887] RIP: 0033:0x7fb66098f749
[ 79.187011][ T5887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 79.206616][ T5887] RSP: 002b:00007fb6617fa038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 79.215041][ T5887] RAX: ffffffffffffffda RBX: 00007fb660be5fa0 RCX: 00007fb66098f749
[ 79.223030][ T5887] RDX: 00002000000013c0 RSI: 0000200000000140 RDI: 0000200000000100
[ 79.231174][ T5887] RBP: 00007fb660a13f91 R08: 0000000000000000 R09: 0000000000000000
[ 79.239141][ T5887] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000
[ 79.247121][ T5887] R13: 00007fb660be6038 R14: 00007fb660be5fa0 R15: 00007ffd48e6f128
[ 79.255094][ T5887]
[ 79.258449][ T5887] Kernel Offset: disabled
[ 79.262769][ T5887] Rebooting in 86400 seconds..