last executing test programs: 1.536085756s ago: executing program 2 (id=266): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, 0x0) fchdir(r1) syz_usb_disconnect(0xffffffffffffffff) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) syz_open_procfs(r0, &(0x7f0000000200)='smaps_rollup\x00') 1.1261711s ago: executing program 1 (id=269): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000024000180060005004e230000060001000200000008000300ac1414aa0800060001"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x4c080) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r2, 0x0, 0x401}, 0x11) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c00)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010028bd7000fcdbdf2504"], 0x14}}, 0x0) 1.007253004s ago: executing program 1 (id=270): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000001d80)=@broute={'broute\x00', 0x20, 0x11, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2100000000c0], 0x11, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000b00000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feff8f4221063125"]}, 0x108) 1.00701314s ago: executing program 1 (id=271): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup(r0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) write$tun(0xffffffffffffffff, &(0x7f0000000380)={@val={0x0, 0x88e7}, @void, @eth={@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x32}, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x26, 0x14, 0x68, 0x0, 0xd, 0x4, 0x0, @loopback, @loopback}}}}}}, 0x26) 934.33345ms ago: executing program 1 (id=274): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000180)={0x7a2a, 0x9, 0x5a}, 0x8) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x4}, 0x8) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @private=0xa010101}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000540)='\x00', 0x1}], 0x1, 0x0, 0x0, 0x2804c044}, 0x0) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000001c0)={0x0, 0x6}, 0x8) 777.078214ms ago: executing program 2 (id=280): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x94}, 0x24000000) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002d40)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a68000000090a010400000000000000000a0000040900020073797a310000000008000a40fffffffc0900010073797a3100000000080005400000000b24001280a7000180090001006c61737400000000040002800c000180050001006374000008000340000001"], 0x90}, 0x1, 0x0, 0x0, 0x4044050}, 0x40) 726.72932ms ago: executing program 2 (id=283): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newaddr={0x18, 0x14, 0x9535393fea6295b5, 0x70bd2c, 0x25dfdbff, {0xa, 0x20, 0x0, 0xff}}, 0x18}, 0x1, 0x0, 0x0, 0x2004c041}, 0x400c0c0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0}) 726.622238ms ago: executing program 4 (id=284): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup(r0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) write$tun(0xffffffffffffffff, &(0x7f0000000380)={@val={0x0, 0x88e7}, @void, @eth={@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x32}, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x26, 0x14, 0x68, 0x0, 0xd, 0x4, 0x0, @loopback, @loopback}}}}}}, 0x26) 692.045354ms ago: executing program 2 (id=286): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) socket$inet6_udp(0xa, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000500)='kfree\x00', r3}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) socket(0xa, 0x3, 0x3a) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r4}, 0x18) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, 0x0) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r6, 0xffffffffffffffff, 0x0) 623.140455ms ago: executing program 2 (id=287): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x2) r1 = syz_io_uring_setup(0x4553, &(0x7f0000000240)={0x0, 0x59fc, 0x80, 0x3, 0xbd7f7ffd}, &(0x7f0000000480)=0x0, &(0x7f0000000080)) r3 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0xcd1d, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000000), 0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r3, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1) syz_io_uring_submit(r2, 0x0, &(0x7f00000003c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x20, 0x0, @fd_index=0x3, 0x0, &(0x7f00000001c0)=[{0x0}], 0x1}) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001000)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) io_uring_enter(r3, 0x26c3, 0xdffffffb, 0x4c, 0x0, 0x0) 622.888459ms ago: executing program 4 (id=288): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xfeffffffffffffff}, 0x18) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x93) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000210081044e81f782db44b90402000000e8fe55a11800152c280014", 0x1f}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x33fe0) 622.700557ms ago: executing program 4 (id=289): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020a07b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r0}, 0x18) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffbd5d7f0"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0xfeffff, 0xe80, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40) 622.300371ms ago: executing program 2 (id=290): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, 0x0) fchdir(r1) syz_usb_disconnect(0xffffffffffffffff) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) syz_open_procfs(r0, &(0x7f0000000200)='smaps_rollup\x00') 581.986118ms ago: executing program 4 (id=292): setgid(0xee00) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) r1 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) syz_open_procfs(r1, &(0x7f0000000500)='maps\x00') 520.488024ms ago: executing program 4 (id=293): unshare(0x20000400) r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, 0x0) 519.931212ms ago: executing program 4 (id=295): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000340), 0x2, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x801, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0xcb58c9f2fa78421b}, 0x40c0080) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_usb_disconnect(0xffffffffffffffff) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r5, 0xffffffffffffffff, 0x0) 218.685308ms ago: executing program 0 (id=309): syz_emit_ethernet(0x4e, &(0x7f0000000580)={@local, @link_local={0x17, 0x80, 0xc2, 0x6, 0x5}, @val={@void, {0x8100, 0x0, 0x0, 0x2}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "116c9f", 0x14, 0x6, 0xff, @remote, @private1={0xfc, 0x1, '\x00', 0x1}, {[], {{0x4e20, 0x4e24, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x58, 0x885}}}}}}}, 0x0) 209.832362ms ago: executing program 3 (id=310): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_emit_ethernet(0xfed7, &(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd6002adf700383a00fe880000000000000000000000400001ff020000000000000000000000000001"], 0x0) 159.276568ms ago: executing program 0 (id=311): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1802, 0x4) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8084) 159.097785ms ago: executing program 3 (id=312): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0xff, 0x7ffc1ffd}]}) clock_adjtime(0x0, &(0x7f0000000600)={0x19b1, 0xc1bdf10000000003, 0x100000000, 0x2, 0x0, 0x2, 0x80000001, 0x200, 0x0, 0xfffffffffffffff7, 0x80, 0x0, 0x0, 0x2, 0x0, 0x393, 0x0, 0xffffffffffffffff, 0x9, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x4}) 154.314431ms ago: executing program 0 (id=313): socket$key(0xf, 0x3, 0x2) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newsa={0x16c, 0x10, 0x713, 0x70bd26, 0x25dfdbfc, {{@in=@rand_addr=0x64010101, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x4e21, 0x2, 0xa, 0x0, 0x0, 0x6c}, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0xfe, 0x32}, @in6=@rand_addr=' \x01\x00', {0x0, 0x0, 0x0, 0x8, 0x0, 0x7, 0x0, 0x543}, {0x9f7c000000000, 0x7fffffffffffffff}, {0x2}, 0x70bd2c, 0x3500, 0xa, 0x4, 0x0, 0x50}, [@encap={0x1c, 0x4, {0x2, 0x4e24, 0x4e20, @in6=@empty}}, @algo_aead={0x5e, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x90, 0x60, "210466d38547aa140db9a200000000c538c7"}}]}, 0x16c}, 0x1, 0x0, 0x0, 0x880}, 0x0) 148.844208ms ago: executing program 3 (id=314): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18) symlinkat(&(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') execve(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) 102.141803ms ago: executing program 3 (id=315): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000020001000900000001"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r1}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'macsec0\x00', @random="06517dc2e6ea"}) 101.168288ms ago: executing program 0 (id=316): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0e000000040000000800000010"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]}) inotify_init1(0x0) 100.944691ms ago: executing program 3 (id=317): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) syz_read_part_table(0x5ac, &(0x7f0000000480)="$eJzs1D9Lc1ccB/CTQAiFPo08PODQDoLBobUK6aBDUrASQ6AYESsOvgEHHQQHB0kbnf3zBhT/gbgEOzuKEUQhDkUyinQsKC6ZUmxvi2I71KLwyOezXM45v3N/9/C99wY+avHwW6vVioUQWsn/vvuH/fxQsWNkYHQshFiYDImQ/+LTP1ZiUcVfdz2IxqVoXExm6pung7f7bWedF7X0djxaP4yH8GMIYfpqJ/V/z8bbV80dpxaXZgvL87mpy8LCdfXXr/Ofr+Rn1vq2suXx9uxE9GIdxl+nf7rev3veKt2sv+tJ1OrNzMl90U8PPgjelOpn4VH+Gx8qjUpzuGtvrrf7feOovBrlfvc0/2f8bwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5dNXecWlxKFJbnc1OXhYXrb779/pcvV/Iza31b2fJ4e3Yi/mfdYfwl+8/+3T9d7989b5Vu1t/1JGr1ZuYkquuOPdn63c8v80i8oq/C4/w3PlQaleZw195cb/f7xlF5Ncr97mn+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/KD9U7BgZGB0LIRYmQwiD8bad+/lW8nHdQXQtRfPFZKa+eTp4u9921nlRS2+PJEN4uGX6aif1yWsdgmf7PQAA//+DyYbh") 27.228602ms ago: executing program 0 (id=318): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581) ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x3ff, 0x20, &(0x7f0000000080)={0x80, 0x1, 0x0, 0x3, 0xe}, 0x8, 0x2, 0x0, 0x48000000, 0x0, 0x0, 0x0}) 26.99889ms ago: executing program 1 (id=319): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000b00)={0xa, 0x4e22, 0x100007, @remote, 0xa}, 0x1c) connect$pppl2tp(r0, &(0x7f0000000300)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x5, 0x0, {0xa, 0x0, 0xf9d, @private2}}}, 0x32) 26.820341ms ago: executing program 1 (id=320): r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r2, 0x0, 0xffffffffffffffff}, 0x18) getsockopt$sock_buf(r0, 0x1, 0x1f, &(0x7f00000006c0)=""/170, &(0x7f0000000780)=0xaa) 19.423162ms ago: executing program 3 (id=321): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10) sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000240)="cf9900ffffffff7f00000000000000000000005ac1d932df0d3e5d0142fcd74f6d43c8f9d9025512685c5007fd79d19ef09419ef4d3eca4dc2f10c80aef058c515eaa77423ebd991b2f6c90f32fb9868d6b4a69aa92dc4ed944966910a9ffff5d904cf25051c76b4ee6c775566fe207661aeaaf97479ed85decdcd39a807f123041a359c8f4dc6dda15ef0b8789cd920e9d255229b77b4ea22feb573959197038a3e79bb088a02186b4b644f942f14ef09f53da27fcd5434db", 0xb9}], 0x1, 0x0, 0x0, 0x80040000}}], 0x1, 0x20000810) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040)=@ccm_128={{0x304}, "dd7da625128742a9", "98d5cf4b9c42168cf06b183bd84ef02c", "fe6f083a", "6f7b93cfe857dd75"}, 0x28) 0s ago: executing program 0 (id=322): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000000580)=""/246) 0s ago: executing program 1 (id=323): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x1800700, &(0x7f00000004c0)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}, {@resgid}, {@barrier}, {@nombcache}]}, 0x0, 0x47c, &(0x7f0000001040)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJ0tZiUxFPghT0LB5F/wJvIoh6Erx68iSFor209RSZ2Zl0s81LazaZmP18YLLPMzO78/1m5pl59nmSADrWQPYjidgREb9FRF+junCHgcbLjWsXxm9euzCexNzcG38m+X7Xr10YL3ct37e9qAymEelHSXGQhabPnT85Vq/XzhT14ZlT7wxPnzv/1Hunxk7UTtROjx45cvjQyLPPjD7dljyzvK7v+2Bq/96X37r86vixy2//9E0W745ie3Me7TKQJf7XXK512+PtPljFdjaVk+4KA+GudEVEdrp68vbfF11x6+T1xUsfVhocsKayZ9OWpTfPzgGbWBJVRwBUo3zQZ99/y2Wduh4bwtXnG1+AsrxvFEtjS3ekxT49Ld9v22kgIo7N/v1FtsQajUMAADT7ZPzzo70R8f7Nr1/J+h5981vSuC9//T3/uauYQ+mPiP9HxO6IuCci9kTEvRH5vvdHxAOrjOf2/k96ZZUfuays//dcMbe1sP9X9v6iv6uo7czz70mOT9ZrB4vfyWD0bMnqI8sc47sXf/10qW3N/b9syY5f9gWLOK50twzQTYzNjOWd0ja4eiliX/di+SfzMwFJROyNiH1399G7ysLkE1/tX2qnlfNfRhvmmea+zNKbzfKfjZb8S0nz/OTkbfOTw1ujXjs4XF4Vt/v5l49fX+r4q8q/Da7WGq9N579paz472p80z9dOt/f4//L6T3uTN/N55t5i3dmxmZkzIxG9ydG8vmD96K33lvWzWaMeaVz/gwcWb/+7i/dk+T8YEdlF/FBEPBwRjxSxPxoRj0XEgWVy/PGFlfOPtKLzfyliYtH73/z133L+777QdfKHb5c6/p2d/8N5abBYk9//VrBYONntojXA1fzuAAAA4L8izUd5knRovpymQ0ONv+HfE/9L61PTM08en3r39ERjNKg/etJypKuvGA+tT9ZrI8ls8YmN8dHRYqy4HC89VIwbf9a1La8PjU/VJyrOHTrd9iXaf+aPrqqjA9bYtkXXjvaueyBABVrn0dOF1YuvhZsBbFb+Xxs61wrtP12vOID15/kPnWux9n+xpW4uADYnz3/oXNo/dKj0+6ojACrk+Q8daTX/17+Gha0bI4xqChv1pOSFiLKQboh4NmFhW0Tcwc49axtG1XcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9vgnAAD//7Ai4qc=") kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.66' (ED25519) to the list of known hosts. [ 27.815557][ T6532] cgroup: Unknown subsys name 'net' [ 27.952015][ T6532] cgroup: Unknown subsys name 'cpuset' [ 27.953966][ T6532] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 28.100178][ T6532] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 29.743803][ T6547] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 29.746162][ T6547] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 29.747821][ T6547] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 29.750097][ T6547] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 29.754173][ T6551] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 29.755665][ T6550] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 29.755821][ T6550] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 29.758220][ T6550] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 29.759635][ T6550] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 29.761484][ T6146] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 29.763026][ T6146] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 29.764981][ T6146] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 29.771808][ T52] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 29.772602][ T6555] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 29.773653][ T6555] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 29.775253][ T6555] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 29.777133][ T6559] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 29.780804][ T6559] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 29.782155][ T6547] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 29.785071][ T6547] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 29.786933][ T52] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 29.789438][ T6547] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 29.789644][ T6547] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 29.795650][ T6560] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 29.801109][ T6560] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 29.943073][ T6542] chnl_net:caif_netlink_parms(): no params data found [ 29.984280][ T6545] chnl_net:caif_netlink_parms(): no params data found [ 29.992910][ T6543] chnl_net:caif_netlink_parms(): no params data found [ 30.020570][ T6542] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.022741][ T6542] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.024004][ T6542] bridge_slave_0: entered allmulticast mode [ 30.025526][ T6542] bridge_slave_0: entered promiscuous mode [ 30.027764][ T6542] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.028955][ T6542] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.030190][ T6542] bridge_slave_1: entered allmulticast mode [ 30.031591][ T6542] bridge_slave_1: entered promiscuous mode [ 30.037990][ T6556] chnl_net:caif_netlink_parms(): no params data found [ 30.069530][ T6543] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.069627][ T6543] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.069694][ T6543] bridge_slave_0: entered allmulticast mode [ 30.070103][ T6543] bridge_slave_0: entered promiscuous mode [ 30.072698][ T6542] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 30.074725][ T6542] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 30.086950][ T6543] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.087039][ T6543] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.087102][ T6543] bridge_slave_1: entered allmulticast mode [ 30.087506][ T6543] bridge_slave_1: entered promiscuous mode [ 30.095148][ T6545] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.095185][ T6545] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.097816][ T6545] bridge_slave_0: entered allmulticast mode [ 30.099353][ T6545] bridge_slave_0: entered promiscuous mode [ 30.103052][ T6545] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.104392][ T6545] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.105725][ T6545] bridge_slave_1: entered allmulticast mode [ 30.107180][ T6545] bridge_slave_1: entered promiscuous mode [ 30.109751][ T6548] chnl_net:caif_netlink_parms(): no params data found [ 30.121772][ T6542] team0: Port device team_slave_0 added [ 30.122670][ T6542] team0: Port device team_slave_1 added [ 30.134501][ T6543] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 30.135688][ T6543] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 30.142083][ T6542] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 30.142114][ T6542] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 30.142123][ T6542] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 30.142841][ T6542] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 30.142849][ T6542] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 30.142862][ T6542] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 30.161374][ T6545] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 30.169510][ T6543] team0: Port device team_slave_0 added [ 30.170216][ T6543] team0: Port device team_slave_1 added [ 30.180332][ T6545] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 30.182964][ T6556] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.184251][ T6556] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.185611][ T6556] bridge_slave_0: entered allmulticast mode [ 30.187072][ T6556] bridge_slave_0: entered promiscuous mode [ 30.192906][ T6543] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 30.192929][ T6543] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 30.193318][ T6543] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 30.195288][ T6542] hsr_slave_0: entered promiscuous mode [ 30.195597][ T6542] hsr_slave_1: entered promiscuous mode [ 30.207374][ T6556] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.208654][ T6556] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.209936][ T6556] bridge_slave_1: entered allmulticast mode [ 30.213249][ T6556] bridge_slave_1: entered promiscuous mode [ 30.217114][ T6543] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 30.218383][ T6543] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 30.220765][ T6543] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 30.225278][ T6545] team0: Port device team_slave_0 added [ 30.242777][ T6545] team0: Port device team_slave_1 added [ 30.245983][ T6548] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.247300][ T6548] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.248546][ T6548] bridge_slave_0: entered allmulticast mode [ 30.249968][ T6548] bridge_slave_0: entered promiscuous mode [ 30.251481][ T6548] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.251515][ T6548] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.251581][ T6548] bridge_slave_1: entered allmulticast mode [ 30.251976][ T6548] bridge_slave_1: entered promiscuous mode [ 30.254437][ T6556] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 30.255437][ T6556] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 30.263580][ T6545] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 30.263598][ T6545] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 30.263611][ T6545] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 30.264092][ T6545] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 30.264099][ T6545] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 30.264109][ T6545] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 30.298873][ T6548] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 30.306769][ T6545] hsr_slave_0: entered promiscuous mode [ 30.308075][ T6545] hsr_slave_1: entered promiscuous mode [ 30.309231][ T6545] debugfs: 'hsr0' already exists in 'hsr' [ 30.310213][ T6545] Cannot create hsr debugfs directory [ 30.312106][ T6556] team0: Port device team_slave_0 added [ 30.314490][ T6543] hsr_slave_0: entered promiscuous mode [ 30.314764][ T6543] hsr_slave_1: entered promiscuous mode [ 30.314914][ T6543] debugfs: 'hsr0' already exists in 'hsr' [ 30.314922][ T6543] Cannot create hsr debugfs directory [ 30.321707][ T6548] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 30.325417][ T6556] team0: Port device team_slave_1 added [ 30.352013][ T6548] team0: Port device team_slave_0 added [ 30.353003][ T6548] team0: Port device team_slave_1 added [ 30.353486][ T6556] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 30.353495][ T6556] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 30.353509][ T6556] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 30.354100][ T6556] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 30.354109][ T6556] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 30.354118][ T6556] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 30.389399][ T6548] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 30.389423][ T6548] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 30.389438][ T6548] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 30.389994][ T6548] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 30.390000][ T6548] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 30.390011][ T6548] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 30.418560][ T6556] hsr_slave_0: entered promiscuous mode [ 30.420017][ T6556] hsr_slave_1: entered promiscuous mode [ 30.421287][ T6556] debugfs: 'hsr0' already exists in 'hsr' [ 30.421301][ T6556] Cannot create hsr debugfs directory [ 30.438139][ T6548] hsr_slave_0: entered promiscuous mode [ 30.439579][ T6548] hsr_slave_1: entered promiscuous mode [ 30.440909][ T6548] debugfs: 'hsr0' already exists in 'hsr' [ 30.441971][ T6548] Cannot create hsr debugfs directory [ 30.510119][ T6542] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 30.513175][ T6542] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 30.524091][ T6542] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 30.526374][ T6542] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 30.551560][ T6543] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 30.554105][ T6543] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 30.556617][ T6543] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 30.564871][ T6543] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 30.569784][ T6542] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.569831][ T6542] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.569996][ T6542] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.570020][ T6542] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.588380][ T6545] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 30.596559][ T6545] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 30.598769][ T6545] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 30.605205][ T6543] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.605242][ T6543] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.605329][ T6543] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.605358][ T6543] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.608272][ T6545] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 30.617594][ T6542] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.625657][ T6556] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 30.628197][ T6556] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 30.637546][ T6556] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 30.639728][ T6556] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 30.658044][ T6545] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.658089][ T6545] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.658153][ T6545] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.658183][ T6545] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.664071][ T528] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.665848][ T528] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.667638][ T528] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.669378][ T528] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.672170][ T528] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.673716][ T528] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.685406][ T6542] 8021q: adding VLAN 0 to HW filter on device team0 [ 30.689048][ T528] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.689089][ T528] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.695469][ T6543] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.697191][ T6548] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 30.699397][ T6548] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 30.711052][ T6542] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 30.711091][ T6542] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 30.717178][ T6548] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 30.722264][ T1640] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.722299][ T1640] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.731593][ T6548] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 30.740444][ T6543] 8021q: adding VLAN 0 to HW filter on device team0 [ 30.765849][ T15] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.765889][ T15] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.767079][ T15] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.767106][ T15] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.771779][ T6545] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.789325][ T6556] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.799738][ T6556] 8021q: adding VLAN 0 to HW filter on device team0 [ 30.802716][ T6542] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 30.804617][ T6545] 8021q: adding VLAN 0 to HW filter on device team0 [ 30.816669][ T6545] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 30.816705][ T6545] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 30.819900][ T6543] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 30.819911][ T6543] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 30.833639][ T15] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.833867][ T15] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.834205][ T15] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.834220][ T15] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.836138][ T15] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.836156][ T15] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.845059][ T6548] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.850357][ T6548] 8021q: adding VLAN 0 to HW filter on device team0 [ 30.865479][ T6542] veth0_vlan: entered promiscuous mode [ 30.868881][ T1640] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.868916][ T1640] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.884728][ T6542] veth1_vlan: entered promiscuous mode [ 30.893142][ T6542] veth0_macvtap: entered promiscuous mode [ 30.905357][ T1640] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.905413][ T1640] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.909322][ T6542] veth1_macvtap: entered promiscuous mode [ 30.916401][ T6542] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 30.918980][ T6542] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 30.923203][ T6543] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 30.934206][ T15] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.939777][ T528] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.940210][ T528] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.940244][ T528] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.947599][ T1640] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.947641][ T1640] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.961476][ T6543] veth0_vlan: entered promiscuous mode [ 30.962991][ T6543] veth1_vlan: entered promiscuous mode [ 30.979042][ T6548] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 30.982414][ T6548] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 30.984032][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 30.984045][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 30.994889][ T6545] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 31.033767][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 31.033799][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 31.036352][ T6543] veth0_macvtap: entered promiscuous mode [ 31.037318][ T6543] veth1_macvtap: entered promiscuous mode [ 31.050578][ T6543] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 31.057584][ T6543] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 31.059072][ T2259] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.059191][ T2259] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.059218][ T2259] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.059241][ T2259] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.082860][ T6548] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 31.089724][ T6556] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 31.115566][ T6542] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 31.124134][ T528] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 31.124161][ T528] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 31.133603][ T6556] veth0_vlan: entered promiscuous mode [ 31.158640][ T6556] veth1_vlan: entered promiscuous mode [ 31.167961][ T6548] veth0_vlan: entered promiscuous mode [ 31.168630][ T15] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 31.168642][ T15] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 31.188116][ T6556] veth0_macvtap: entered promiscuous mode [ 31.190350][ T6556] veth1_macvtap: entered promiscuous mode [ 31.204047][ T6545] veth0_vlan: entered promiscuous mode [ 31.210420][ T6556] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 31.218681][ T6548] veth1_vlan: entered promiscuous mode [ 31.229516][ T6548] veth0_macvtap: entered promiscuous mode [ 31.230503][ T6548] veth1_macvtap: entered promiscuous mode [ 31.234036][ T6548] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 31.234958][ T6548] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 31.238119][ T6556] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 31.239482][ T6545] veth1_vlan: entered promiscuous mode [ 31.254056][ T42] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.254266][ T42] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.254283][ T42] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.254296][ T42] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.257247][ T528] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.257325][ T528] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.257347][ T528] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.257367][ T528] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.259360][ T6545] veth0_macvtap: entered promiscuous mode [ 31.260406][ T6545] veth1_macvtap: entered promiscuous mode [ 31.274554][ T6545] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 31.276963][ T6545] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 31.301842][ T41] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.301891][ T41] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.301915][ T41] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.301929][ T41] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.324596][ T31] audit: type=1326 audit(31.300:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6665 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b5b3a8 code=0x7ffc0000 [ 31.324754][ T31] audit: type=1326 audit(31.300:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6665 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff84b5b3a8 code=0x7ffc0000 [ 31.325167][ T31] audit: type=1326 audit(31.300:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6665 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b5b3a8 code=0x7ffc0000 [ 31.325404][ T31] audit: type=1326 audit(31.300:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6665 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b5b3a8 code=0x7ffc0000 [ 31.325640][ T31] audit: type=1326 audit(31.300:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6665 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff84b5b3a8 code=0x7ffc0000 [ 31.325809][ T31] audit: type=1326 audit(31.300:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6665 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b5b3a8 code=0x7ffc0000 [ 31.325863][ T31] audit: type=1326 audit(31.300:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6665 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b5b3a8 code=0x7ffc0000 [ 31.325996][ T31] audit: type=1326 audit(31.300:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6665 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff84b5b3a8 code=0x7ffc0000 [ 31.326049][ T31] audit: type=1326 audit(31.300:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6665 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b5b3a8 code=0x7ffc0000 [ 31.326151][ T31] audit: type=1326 audit(31.300:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6665 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=442 compat=0 ip=0xffff84b5b3a8 code=0x7ffc0000 [ 31.377159][ T15] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 31.377192][ T15] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 31.398012][ T1640] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 31.398037][ T1640] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 31.413114][ T1640] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 31.413149][ T1640] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 31.429109][ T15] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 31.429136][ T15] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 31.447302][ T15] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 31.447445][ T15] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 31.495232][ T1640] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 31.495258][ T1640] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 31.530458][ T6673] loop3: detected capacity change from 0 to 512 [ 31.614685][ T6673] EXT4-fs (loop3): too many log groups per flexible block group [ 31.614895][ T6673] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 31.614969][ T6673] EXT4-fs (loop3): mount failed [ 31.701456][ T6688] loop0: detected capacity change from 0 to 512 [ 31.809775][ T6688] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1: bg 0: block 248: padding at end of block bitmap is not set [ 31.815299][ T6688] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.1: Failed to acquire dquot type 1 [ 31.834071][ T6688] EXT4-fs (loop0): 1 truncate cleaned up [ 31.835812][ T6688] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 31.854929][ T6550] Bluetooth: hci3: command tx timeout [ 31.854938][ T6560] Bluetooth: hci2: command tx timeout [ 31.855238][ T6550] Bluetooth: hci4: command tx timeout [ 31.855294][ T6550] Bluetooth: hci0: command tx timeout [ 31.855332][ T6550] Bluetooth: hci1: command tx timeout [ 31.946905][ T6709] loop2: detected capacity change from 0 to 1024 [ 31.949052][ T6709] ======================================================= [ 31.949052][ T6709] WARNING: The mand mount option has been deprecated and [ 31.949052][ T6709] and is ignored by this kernel. Remove the mand [ 31.949052][ T6709] option from the mount to silence this warning. [ 31.949052][ T6709] ======================================================= [ 31.971296][ T6709] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 31.992578][ T6548] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 32.113000][ T6719] loop2: detected capacity change from 0 to 512 [ 32.139094][ T6719] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 32.248632][ T6729] loop3: detected capacity change from 0 to 512 [ 32.261324][ T6729] EXT4-fs: Ignoring removed mblk_io_submit option [ 32.261368][ T6729] EXT4-fs: Ignoring removed nomblk_io_submit option [ 32.305619][ T6729] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 32.305656][ T6729] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 32.313723][ T6729] EXT4-fs (loop3): failed to initialize system zone (-117) [ 32.313780][ T6729] EXT4-fs (loop3): mount failed [ 32.338669][ T6611] IPVS: starting estimator thread 0... [ 32.373364][ T6729] loop3: detected capacity change from 0 to 2048 [ 32.396129][ T6548] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 32.430451][ T6563] Alternate GPT is invalid, using primary GPT. [ 32.430773][ T6563] loop3: p2 p3 p7 [ 32.440082][ T6738] netlink: 64 bytes leftover after parsing attributes in process `syz.2.26'. [ 32.460774][ T6735] IPVS: using max 49 ests per chain, 117600 per kthread [ 32.468957][ T6729] Alternate GPT is invalid, using primary GPT. [ 32.469058][ T6729] loop3: p2 p3 p7 [ 32.499039][ T6741] netlink: 20 bytes leftover after parsing attributes in process `syz.2.28'. [ 32.505895][ T6184] Alternate GPT is invalid, using primary GPT. [ 32.505986][ T6184] loop3: p2 p3 p7 [ 32.516910][ T6729] netlink: 'syz.3.24': attribute type 3 has an invalid length. [ 32.596367][ T6556] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 32.613717][ T1640] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:5: Failed to release dquot type 1 [ 32.723253][ T6536] udevd[6536]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 32.742447][ T6534] udevd[6534]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory [ 32.786282][ T6563] udevd[6563]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 32.802184][ T6563] udevd[6563]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 32.804658][ T6534] udevd[6534]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory [ 32.807433][ T6536] udevd[6536]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 32.811850][ T6760] loop4: detected capacity change from 0 to 512 [ 32.821840][ T6536] udevd[6536]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 32.829417][ T6534] udevd[6534]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 32.843107][ T6764] udevd[6764]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory [ 32.878555][ T6669] Set syz1 is full, maxelem 65536 reached [ 32.890445][ T528] Bluetooth: hci5: Frame reassembly failed (-84) [ 32.964173][ T6760] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 32.966854][ T6760] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.393398][ T6794] syz.1.47 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 33.432486][ T6798] loop4: detected capacity change from 0 to 512 [ 33.453742][ T6798] EXT4-fs (loop4): too many log groups per flexible block group [ 33.453857][ T6798] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 33.453892][ T6798] EXT4-fs (loop4): mount failed [ 33.462275][ T6804] loop0: detected capacity change from 0 to 512 [ 33.464290][ T6804] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 33.480304][ T6804] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.51: couldn't read orphan inode 26 (err -116) [ 33.483870][ T6804] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 33.507942][ T6556] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.602676][ T6811] loop0: detected capacity change from 0 to 2048 [ 33.642481][ T6807] loop1: detected capacity change from 0 to 512 [ 33.649070][ T6769] loop0: p1 < > p4 [ 33.654092][ T6769] loop0: p4 size 8388608 extends beyond EOD, truncated [ 33.655692][ T6807] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.50: bad orphan inode 11862016 [ 33.658175][ T6807] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 33.664967][ T6811] loop0: p1 < > p4 [ 33.666881][ T6811] loop0: p4 size 8388608 extends beyond EOD, truncated [ 33.752183][ T6536] udevd[6536]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 33.766769][ T6543] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 33.799117][ T6827] capability: warning: `syz.1.60' uses 32-bit capabilities (legacy support in use) [ 33.807154][ T6825] syz.4.59 uses obsolete (PF_INET,SOCK_PACKET) [ 33.883432][ T6835] capability: warning: `syz.0.64' uses deprecated v2 capabilities in a way that may be insecure [ 33.886288][ T6831] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 33.930993][ T6550] Bluetooth: hci1: command tx timeout [ 33.931007][ T6551] Bluetooth: hci0: command tx timeout [ 33.931036][ T6550] Bluetooth: hci4: command tx timeout [ 33.931039][ T6551] Bluetooth: hci3: command tx timeout [ 33.931272][ T6555] Bluetooth: hci2: command tx timeout [ 33.983571][ T6847] netlink: 8 bytes leftover after parsing attributes in process `syz.0.69'. [ 34.030364][ T6851] IPVS: Error connecting to the multicast addr [ 34.204391][ T6868] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 34.690845][ T6868] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 34.721947][ T6831] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 34.741431][ T6868] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 34.744562][ T6863] Set syz1 is full, maxelem 65536 reached [ 34.784261][ T6831] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 34.797388][ T6868] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 34.841471][ T6831] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 34.890847][ T6560] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 34.918271][ T5448] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.922647][ T5448] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.927415][ T5448] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.936971][ T5448] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.942767][ T6881] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.943251][ T6881] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.946692][ T6881] bridge0: entered allmulticast mode [ 34.956685][ T6881] bridge_slave_1: left allmulticast mode [ 34.956724][ T6881] bridge_slave_1: left promiscuous mode [ 34.957228][ T6881] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.981140][ T6883] mmap: syz.0.86 (6883) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 34.983954][ T6881] bridge_slave_0: left allmulticast mode [ 34.983991][ T6881] bridge_slave_0: left promiscuous mode [ 34.984082][ T6881] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.059476][ T6891] Set syz1 is full, maxelem 65536 reached [ 35.096048][ T6895] loop0: detected capacity change from 0 to 1024 [ 35.097613][ T6895] EXT4-fs: Ignoring removed nobh option [ 35.100279][ T6895] EXT4-fs: inline encryption not supported [ 35.117075][ T15] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.129611][ T6895] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 35.151115][ T6556] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 35.160089][ T5448] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.160158][ T5448] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.163766][ T6905] netlink: 96 bytes leftover after parsing attributes in process `syz.4.96'. [ 35.180463][ T41] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.205936][ T6908] Zero length message leads to an empty skb [ 35.322926][ T6923] loop4: detected capacity change from 0 to 1024 [ 35.596484][ T6923] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 35.605364][ T6921] netlink: 'syz.0.97': attribute type 13 has an invalid length. [ 35.605400][ T6921] netlink: 'syz.0.97': attribute type 17 has an invalid length. [ 35.713473][ T6921] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 35.724576][ T6923] netlink: 'syz.4.103': attribute type 10 has an invalid length. [ 35.734350][ T6923] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 35.741492][ T6923] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 35.750404][ T6944] netlink: 8 bytes leftover after parsing attributes in process `syz.1.109'. [ 35.753184][ T6946] netlink: 'syz.3.110': attribute type 4 has an invalid length. [ 35.753709][ T6944] netlink: 'syz.1.109': attribute type 6 has an invalid length. [ 35.779603][ T6545] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 35.781951][ T6946] netlink: 'syz.3.110': attribute type 4 has an invalid length. [ 35.858119][ T6954] can0: slcan on ttyS3. [ 35.862605][ T6957] netlink: 172 bytes leftover after parsing attributes in process `syz.3.115'. [ 35.928872][ T6954] can0 (unregistered): slcan off ttyS3. [ 35.929454][ T6954] Falling back ldisc for ttyS3. [ 36.012589][ T6555] Bluetooth: hci1: command tx timeout [ 36.012632][ T6555] Bluetooth: hci2: command tx timeout [ 36.012659][ T6555] Bluetooth: hci4: command tx timeout [ 36.012674][ T6555] Bluetooth: hci0: command tx timeout [ 36.012780][ T6560] Bluetooth: hci3: command tx timeout [ 36.123727][ T6975] loop2: detected capacity change from 0 to 256 [ 36.125710][ T6975] msdos: Unknown parameter 'nodo' [ 36.163363][ T6975] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 36.163391][ T6975] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 36.163930][ T6975] vhci_hcd vhci_hcd.0: Device attached [ 36.205345][ T6985] loop0: detected capacity change from 0 to 512 [ 36.228987][ T6985] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.125: bad orphan inode 11862016 [ 36.232830][ T6985] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 36.244295][ T6975] loop2: detected capacity change from 0 to 512 [ 36.262008][ T6991] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 36.271720][ T6975] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 36.271866][ T6975] EXT4-fs (loop2): orphan cleanup on readonly fs [ 36.277332][ T6975] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.123: corrupted inode contents [ 36.281817][ T6556] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 36.284604][ T6975] EXT4-fs (loop2): Remounting filesystem read-only [ 36.288071][ T6975] EXT4-fs (loop2): 1 truncate cleaned up [ 36.312984][ T41] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 36.315325][ T41] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 36.317218][ T41] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started [ 36.319528][ T6975] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 36.326472][ T6981] vhci_hcd: cannot find a urb of seqnum 8 max seqnum 0 [ 36.328749][ T41] vhci_hcd: stop threads [ 36.328961][ T41] vhci_hcd: release socket [ 36.331649][ T41] vhci_hcd: disconnect device [ 36.332812][ T31] kauditd_printk_skb: 196 callbacks suppressed [ 36.332820][ T31] audit: type=1326 audit(36.310:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6974 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5b3a8 code=0x7ffc0000 [ 36.344450][ T31] audit: type=1326 audit(36.320:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6974 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5b3a8 code=0x7ffc0000 [ 36.354662][ T31] audit: type=1326 audit(36.330:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6974 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5b3a8 code=0x7ffc0000 [ 36.363990][ T6549] vhci_hcd: vhci_device speed not set [ 36.365032][ T31] audit: type=1326 audit(36.340:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6974 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5b3a8 code=0x7ffc0000 [ 36.375214][ T31] audit: type=1326 audit(36.350:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6974 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5b3a8 code=0x7ffc0000 [ 36.385654][ T31] audit: type=1326 audit(36.360:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6974 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5b3a8 code=0x7ffc0000 [ 36.400151][ T31] audit: type=1326 audit(36.370:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6974 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5b3a8 code=0x7ffc0000 [ 36.412143][ T31] audit: type=1326 audit(36.390:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6974 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5b3a8 code=0x7ffc0000 [ 36.422409][ T31] audit: type=1326 audit(36.400:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6974 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5b3a8 code=0x7ffc0000 [ 36.432498][ T31] audit: type=1326 audit(36.410:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6974 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5b3a8 code=0x7ffc0000 [ 36.479339][ T7008] netlink: 'syz.0.133': attribute type 13 has an invalid length. [ 36.479367][ T7008] netlink: 'syz.0.133': attribute type 17 has an invalid length. [ 36.492947][ T7008] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 36.718179][ T12] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 36.813233][ T7035] netlink: 20 bytes leftover after parsing attributes in process `syz.1.146'. [ 36.858036][ T6548] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.295469][ T7047] loop0: detected capacity change from 0 to 1024 [ 37.313145][ T7047] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 37.326899][ T6556] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.526410][ T7066] netlink: 20 bytes leftover after parsing attributes in process `syz.4.160'. [ 37.617302][ T7077] netlink: 'syz.0.162': attribute type 13 has an invalid length. [ 37.617334][ T7077] netlink: 'syz.0.162': attribute type 17 has an invalid length. [ 37.641079][ T7077] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 37.819258][ T7108] netlink: 28 bytes leftover after parsing attributes in process `syz.4.179'. [ 37.819921][ T7108] netlink: 28 bytes leftover after parsing attributes in process `syz.4.179'. [ 37.820418][ T7110] netlink: 96 bytes leftover after parsing attributes in process `syz.2.180'. [ 37.828862][ T7108] netlink: 28 bytes leftover after parsing attributes in process `syz.4.179'. [ 37.828915][ T7108] netlink: 28 bytes leftover after parsing attributes in process `syz.4.179'. [ 37.940289][ T7130] Driver unsupported XDP return value 0 on prog (id 8) dev N/A, expect packet loss! [ 37.946222][ T7129] loop1: detected capacity change from 0 to 512 [ 37.964460][ T7129] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 37.981475][ T6543] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.017608][ T7135] loop1: detected capacity change from 0 to 512 [ 38.050919][ T7135] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 38.076122][ T7135] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 38.076225][ T7135] EXT4-fs (loop1): 1 truncate cleaned up [ 38.076692][ T7135] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 38.083611][ T7126] loop4: detected capacity change from 0 to 512 [ 38.090837][ T6560] Bluetooth: hci3: command tx timeout [ 38.090877][ T6560] Bluetooth: hci0: command tx timeout [ 38.090899][ T6560] Bluetooth: hci4: command tx timeout [ 38.090918][ T6560] Bluetooth: hci2: command tx timeout [ 38.090936][ T6560] Bluetooth: hci1: command tx timeout [ 38.107007][ T6543] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.123157][ T7126] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.187: bad orphan inode 11862016 [ 38.125030][ T7126] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 38.235449][ T7149] loop1: detected capacity change from 0 to 128 [ 38.240167][ T7149] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 38.245106][ T6545] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 38.261939][ T7149] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 38.266568][ T7149] netlink: 148 bytes leftover after parsing attributes in process `syz.1.196'. [ 38.266606][ T7149] netlink: 40 bytes leftover after parsing attributes in process `syz.1.196'. [ 38.333269][ T7155] tmpfs: Bad value for 'mpol' [ 38.334305][ T7155] loop4: detected capacity change from 0 to 128 [ 38.345849][ T7155] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 38.345879][ T7155] FAT-fs (loop4): Filesystem has been set read-only [ 38.370330][ T7159] netlink: 'syz.4.201': attribute type 2 has an invalid length. [ 38.463288][ T7162] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 38.540516][ T7162] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 38.644630][ T7162] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 38.660847][ T7192] netlink: 36 bytes leftover after parsing attributes in process `syz.0.217'. [ 38.662745][ T7192] netlink: 36 bytes leftover after parsing attributes in process `syz.0.217'. [ 38.709287][ T7162] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 38.838242][ T41] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.842384][ T41] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.857349][ T42] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.863318][ T42] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.933864][ T7215] netlink: 'syz.3.227': attribute type 10 has an invalid length. [ 38.936717][ T7217] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 38.945864][ T7215] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.948725][ T7215] bridge_slave_1: left allmulticast mode [ 38.949743][ T7215] bridge_slave_1: left promiscuous mode [ 38.951326][ T7215] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.959927][ T7215] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 38.983209][ T7217] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.054464][ T7217] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.127438][ T7217] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.307853][ T15] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.311825][ T2259] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.314639][ T2259] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.317701][ T2259] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.789681][ T7307] loop3: detected capacity change from 0 to 128 [ 39.803309][ T7307] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 39.829423][ T6542] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 40.198640][ T7323] netlink: 'syz.3.267': attribute type 13 has an invalid length. [ 40.200397][ T7323] netlink: 'syz.3.267': attribute type 17 has an invalid length. [ 40.261708][ T7323] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 40.311346][ T7282] Set syz1 is full, maxelem 65536 reached [ 40.533246][ T7335] loop4: detected capacity change from 0 to 512 [ 40.553476][ T7335] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.272: bad orphan inode 15 [ 40.555641][ T7335] ext4_test_bit(bit=14, block=5) = 0 [ 40.556176][ T7335] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 40.600284][ T6545] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.692265][ T7350] loop9: detected capacity change from 0 to 7 [ 40.693718][ T7350] Buffer I/O error on dev loop9, logical block 0, async page read [ 40.696012][ T7350] Buffer I/O error on dev loop9, logical block 0, async page read [ 40.697157][ T7350] Buffer I/O error on dev loop9, logical block 0, async page read [ 40.697231][ T7350] Buffer I/O error on dev loop9, logical block 0, async page read [ 40.697270][ T7350] Buffer I/O error on dev loop9, logical block 0, async page read [ 40.697318][ T7350] Buffer I/O error on dev loop9, logical block 0, async page read [ 40.697350][ T7350] Buffer I/O error on dev loop9, logical block 0, async page read [ 40.697370][ T7350] ldm_validate_partition_table(): Disk read failed. [ 40.697386][ T7350] Buffer I/O error on dev loop9, logical block 0, async page read [ 40.697415][ T7350] Buffer I/O error on dev loop9, logical block 0, async page read [ 40.697444][ T7350] Buffer I/O error on dev loop9, logical block 0, async page read [ 40.697488][ T7350] Dev loop9: unable to read RDB block 0 [ 40.697569][ T7350] loop9: unable to read partition table [ 40.697634][ T7350] loop9: partition table beyond EOD, truncated [ 40.699572][ T7350] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 40.699572][ T7350] ) failed (rc=-5) [ 40.870860][ T7370] loop0: detected capacity change from 0 to 2048 [ 40.886410][ T7370] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 40.916945][ T6556] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.201369][ T7414] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 41.242000][ T7419] netlink: 'syz.3.306': attribute type 29 has an invalid length. [ 41.314275][ T7394] Set syz1 is full, maxelem 65536 reached [ 41.353782][ T31] kauditd_printk_skb: 780 callbacks suppressed [ 41.353814][ T31] audit: type=1326 audit(297.322:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7430 comm="syz.3.312" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b5b3a8 code=0x7ffc0000 [ 41.356948][ T7433] netlink: 'syz.0.311': attribute type 10 has an invalid length. [ 41.359887][ T31] audit: type=1326 audit(297.322:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7430 comm="syz.3.312" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b5b3a8 code=0x7ffc0000 [ 41.363134][ T7433] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 41.366725][ T31] audit: type=1326 audit(297.342:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7430 comm="syz.3.312" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=266 compat=0 ip=0xffff84b5b3a8 code=0x7ffc0000 [ 41.370197][ T31] audit: type=1326 audit(288.349:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7430 comm="syz.3.312" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b5b3a8 code=0x7ffc0000 [ 41.413888][ T7439] veth1_macvtap: left promiscuous mode [ 41.413922][ T7439] macsec0: entered promiscuous mode [ 41.438714][ T31] audit: type=1326 audit(288.409:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.0.316" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91b5b3a8 code=0x7ffc0000 [ 41.438758][ T31] audit: type=1326 audit(288.409:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.0.316" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91b5b3a8 code=0x7ffc0000 [ 41.442552][ T31] audit: type=1326 audit(288.409:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.0.316" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=26 compat=0 ip=0xffff91b5b3a8 code=0x7ffc0000 [ 41.442576][ T31] audit: type=1326 audit(288.409:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.0.316" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91b5b3a8 code=0x7ffc0000 [ 41.442590][ T31] audit: type=1326 audit(288.409:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.0.316" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91b5b3a8 code=0x7ffc0000 [ 41.477568][ T7443] loop3: detected capacity change from 0 to 2048 [ 41.546472][ T7453] loop1: detected capacity change from 0 to 512 [ 41.558490][ T7453] [ 41.558918][ T7453] ====================================================== [ 41.560029][ T7453] WARNING: possible circular locking dependency detected [ 41.560991][ T7453] syzkaller #0 Not tainted [ 41.561634][ T7453] ------------------------------------------------------ [ 41.562677][ T7453] syz.1.323/7453 is trying to acquire lock: [ 41.563557][ T7453] ffff0000d3d6eb98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x150/0x2a0 [ 41.565077][ T7453] [ 41.565077][ T7453] but task is already holding lock: [ 41.566230][ T7453] ffff0000f7ffe068 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x358/0x6fc [ 41.567812][ T7453] [ 41.567812][ T7453] which lock already depends on the new lock. [ 41.567812][ T7453] [ 41.569446][ T7453] [ 41.569446][ T7453] the existing dependency chain (in reverse order) is: [ 41.570794][ T7453] [ 41.570794][ T7453] -> #2 (&ei->xattr_sem){++++}-{4:4}: [ 41.571931][ T7453] down_write+0x50/0xc0 [ 41.572654][ T7453] ext4_xattr_set_handle+0x11c/0x1260 [ 41.573552][ T7453] ext4_initxattrs+0xa4/0x11c [ 41.574369][ T7453] security_inode_init_security+0x6dc/0x7f4 [ 41.575394][ T7453] ext4_init_security+0x44/0x58 [ 41.576221][ T7453] __ext4_new_inode+0x27f4/0x3190 [ 41.577031][ T7453] ext4_create+0x1f8/0x3fc [ 41.577766][ T7453] path_openat+0x12d8/0x2c40 [ 41.578497][ T7453] do_filp_open+0x18c/0x36c [ 41.579272][ T7453] do_sys_openat2+0x11c/0x1b4 [ 41.580066][ T7453] __arm64_sys_openat+0x120/0x158 [ 41.580885][ T7453] invoke_syscall+0x98/0x254 [ 41.581702][ T7453] el0_svc_common+0x130/0x23c [ 41.582554][ T7453] do_el0_svc+0x48/0x58 [ 41.583244][ T7453] el0_svc+0x5c/0x254 [ 41.583935][ T7453] el0t_64_sync_handler+0x84/0x12c [ 41.584836][ T7453] el0t_64_sync+0x198/0x19c [ 41.585585][ T7453] [ 41.585585][ T7453] -> #1 (jbd2_handle){++++}-{0:0}: [ 41.586627][ T7453] start_this_handle+0xe74/0x10dc [ 41.587401][ T7453] jbd2__journal_start+0x288/0x51c [ 41.588233][ T7453] __ext4_journal_start_sb+0x378/0x88c [ 41.589130][ T7453] ext4_do_writepages+0xb94/0x39b4 [ 41.590011][ T7453] ext4_writepages+0x178/0x2a0 [ 41.590828][ T7453] do_writepages+0x270/0x468 [ 41.591671][ T7453] file_write_and_wait_range+0x1d0/0x2c4 [ 41.592645][ T7453] ext4_sync_file+0x274/0xb44 [ 41.593498][ T7453] __arm64_sys_fsync+0x170/0x1d4 [ 41.594355][ T7453] invoke_syscall+0x98/0x254 [ 41.595178][ T7453] el0_svc_common+0x130/0x23c [ 41.596009][ T7453] do_el0_svc+0x48/0x58 [ 41.596738][ T7453] el0_svc+0x5c/0x254 [ 41.597442][ T7453] el0t_64_sync_handler+0x84/0x12c [ 41.598318][ T7453] el0t_64_sync+0x198/0x19c [ 41.599176][ T7453] [ 41.599176][ T7453] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 41.600626][ T7453] __lock_acquire+0x1774/0x30a4 [ 41.601461][ T7453] lock_acquire+0x14c/0x2e0 [ 41.602256][ T7453] percpu_down_read_internal+0x5c/0x298 [ 41.603174][ T7453] ext4_writepages+0x150/0x2a0 [ 41.603949][ T7453] do_writepages+0x270/0x468 [ 41.604764][ T7453] __writeback_single_inode+0x15c/0x13e8 [ 41.605689][ T7453] writeback_single_inode+0x18c/0x54c [ 41.606576][ T7453] write_inode_now+0x13c/0x1a4 [ 41.607387][ T7453] iput+0x570/0x83c [ 41.608077][ T7453] ext4_xattr_block_set+0x13dc/0x24bc [ 41.608957][ T7453] ext4_expand_extra_isize_ea+0xeb4/0x182c [ 41.609902][ T7453] __ext4_expand_extra_isize+0x2a0/0x37c [ 41.610740][ T7453] __ext4_mark_inode_dirty+0x3c0/0x6fc [ 41.611613][ T7453] ext4_evict_inode+0x930/0x1084 [ 41.612369][ T7453] evict+0x414/0x928 [ 41.613119][ T7453] iput+0x6e4/0x83c [ 41.613726][ T7453] ext4_process_orphan+0x240/0x2b4 [ 41.614570][ T7453] ext4_orphan_cleanup+0x930/0x107c [ 41.615401][ T7453] ext4_fill_super+0x4724/0x4ea4 [ 41.616191][ T7453] get_tree_bdev_flags+0x360/0x414 [ 41.617023][ T7453] get_tree_bdev+0x2c/0x3c [ 41.617716][ T7453] ext4_get_tree+0x28/0x38 [ 41.618524][ T7453] vfs_get_tree+0x90/0x28c [ 41.619328][ T7453] do_new_mount+0x278/0x7f4 [ 41.620146][ T7453] path_mount+0x5b4/0xde0 [ 41.620937][ T7453] __arm64_sys_mount+0x3e8/0x468 [ 41.621873][ T7453] invoke_syscall+0x98/0x254 [ 41.622700][ T7453] el0_svc_common+0x130/0x23c [ 41.623749][ T7453] do_el0_svc+0x48/0x58 [ 41.624449][ T7453] el0_svc+0x5c/0x254 [ 41.625168][ T7453] el0t_64_sync_handler+0x84/0x12c [ 41.626017][ T7453] el0t_64_sync+0x198/0x19c [ 41.626789][ T7453] [ 41.626789][ T7453] other info that might help us debug this: [ 41.626789][ T7453] [ 41.628470][ T7453] Chain exists of: [ 41.628470][ T7453] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 41.628470][ T7453] [ 41.630765][ T7453] Possible unsafe locking scenario: [ 41.630765][ T7453] [ 41.631977][ T7453] CPU0 CPU1 [ 41.632773][ T7453] ---- ---- [ 41.633549][ T7453] lock(&ei->xattr_sem); [ 41.634171][ T7453] lock(jbd2_handle); [ 41.635123][ T7453] lock(&ei->xattr_sem); [ 41.636140][ T7453] rlock(&sbi->s_writepages_rwsem); [ 41.636925][ T7453] [ 41.636925][ T7453] *** DEADLOCK *** [ 41.636925][ T7453] [ 41.638038][ T7453] 3 locks held by syz.1.323/7453: [ 41.638786][ T7453] #0: ffff0000d3d6c0e0 (&type->s_umount_key#26/1){+.+.}-{4:4}, at: alloc_super+0x1a0/0x80c [ 41.640266][ T7453] #1: ffff0000d3d6c618 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2b0/0x1084 [ 41.641710][ T7453] #2: ffff0000f7ffe068 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x358/0x6fc [ 41.643237][ T7453] [ 41.643237][ T7453] stack backtrace: [ 41.644044][ T7453] CPU: 1 UID: 0 PID: 7453 Comm: syz.1.323 Not tainted syzkaller #0 PREEMPT [ 41.645437][ T7453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 41.647039][ T7453] Call trace: [ 41.647570][ T7453] show_stack+0x2c/0x3c (C) [ 41.648292][ T7453] __dump_stack+0x30/0x40 [ 41.648948][ T7453] dump_stack_lvl+0xd8/0x12c [ 41.649707][ T7453] dump_stack+0x1c/0x28 [ 41.650378][ T7453] print_circular_bug+0x324/0x32c [ 41.651187][ T7453] check_noncircular+0x154/0x174 [ 41.651982][ T7453] __lock_acquire+0x1774/0x30a4 [ 41.652782][ T7453] lock_acquire+0x14c/0x2e0 [ 41.653497][ T7453] percpu_down_read_internal+0x5c/0x298 [ 41.654333][ T7453] ext4_writepages+0x150/0x2a0 [ 41.655065][ T7453] do_writepages+0x270/0x468 [ 41.655820][ T7453] __writeback_single_inode+0x15c/0x13e8 [ 41.656640][ T7453] writeback_single_inode+0x18c/0x54c [ 41.657384][ T7453] write_inode_now+0x13c/0x1a4 [ 41.658101][ T7453] iput+0x570/0x83c [ 41.658639][ T7453] ext4_xattr_block_set+0x13dc/0x24bc [ 41.659376][ T7453] ext4_expand_extra_isize_ea+0xeb4/0x182c [ 41.660231][ T7453] __ext4_expand_extra_isize+0x2a0/0x37c [ 41.661092][ T7453] __ext4_mark_inode_dirty+0x3c0/0x6fc [ 41.661909][ T7453] ext4_evict_inode+0x930/0x1084 [ 41.662635][ T7453] evict+0x414/0x928 [ 41.663223][ T7453] iput+0x6e4/0x83c [ 41.663800][ T7453] ext4_process_orphan+0x240/0x2b4 [ 41.664536][ T7453] ext4_orphan_cleanup+0x930/0x107c [ 41.665292][ T7453] ext4_fill_super+0x4724/0x4ea4 [ 41.666030][ T7453] get_tree_bdev_flags+0x360/0x414 [ 41.666837][ T7453] get_tree_bdev+0x2c/0x3c [ 41.667598][ T7453] ext4_get_tree+0x28/0x38 [ 41.668366][ T7453] vfs_get_tree+0x90/0x28c [ 41.669077][ T7453] do_new_mount+0x278/0x7f4 [ 41.669813][ T7453] path_mount+0x5b4/0xde0 [ 41.670548][ T7453] __arm64_sys_mount+0x3e8/0x468 [ 41.671411][ T7453] invoke_syscall+0x98/0x254 [ 41.672198][ T7453] el0_svc_common+0x130/0x23c [ 41.672974][ T7453] do_el0_svc+0x48/0x58 [ 41.673684][ T7453] el0_svc+0x5c/0x254 [ 41.674331][ T7453] el0t_64_sync_handler+0x84/0x12c [ 41.675162][ T7453] el0t_64_sync+0x198/0x19c [ ** replaying previous printk message ** [ 41.681116][ T7453] ------------[ cut here ]------------ [ 41.681136][ T7453] EA inode 11 i_nlink=2 [ 41.681223][ T7453] WARNING: CPU: 1 PID: 7453 at fs/ext4/xattr.c:1053 ext4_xattr_inode_update_ref+0x444/0x488 [ 41.684670][ T7453] Modules linked in: [ 41.685212][ T7453] CPU: 1 UID: 0 PID: 7453 Comm: syz.1.323 Not tainted syzkaller #0 PREEMPT [ 41.686468][ T7453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 41.687919][ T7453] pstate: 63400005 (nZCv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) [ 41.689089][ T7453] pc : ext4_xattr_inode_update_ref+0x444/0x488 [ 41.690068][ T7453] lr : ext4_xattr_inode_update_ref+0x444/0x488 [ 41.691083][ T7453] sp : ffff80009d106dc0 [ 41.691746][ T7453] x29: ffff80009d106e50 x28: 0000000000000000 x27: 1fffe0001efff1c3 [ 41.692991][ T7453] x26: dfff800000000000 x25: ffff80009d106dc0 x24: ffff700013a20db8 [ 41.694170][ T7453] x23: ffff800092ef2000 x22: ffff0000f7ff8c68 x21: 0000000000000002 [ 41.695509][ T7453] x20: 0000000000000001 x19: ffff0000f7ff8c28 x18: 1fffe00033776488 [ 41.696785][ T7453] x17: ffff0001fea8d8b0 x16: ffff80008b065bd0 x15: 0000000000000001 [ 41.698011][ T7453] x14: 1ffff00013a20d28 x13: 0000000000000000 x12: 0000000000000000 [ 41.699358][ T7453] x11: 0000000000080000 x10: 000000000005ade5 x9 : 95e2e8795f44bb00 [ 41.700570][ T7453] x8 : 95e2e8795f44bb00 x7 : 0000000000000000 x6 : ffff80008056636c [ 41.701790][ T7453] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff8000807d446c [ 41.702985][ T7453] x2 : 0000000000000002 x1 : 0000000100000000 x0 : 0000000000000000 [ 41.704145][ T7453] Call trace: [ 41.704623][ T7453] ext4_xattr_inode_update_ref+0x444/0x488 (P) [ 41.705624][ T7453] ext4_xattr_set_entry+0x928/0x15c0 [ 41.706473][ T7453] ext4_xattr_ibody_set+0x204/0x5fc [ 41.707336][ T7453] ext4_expand_extra_isize_ea+0xefc/0x182c [ 41.708274][ T7453] __ext4_expand_extra_isize+0x2a0/0x37c [ 41.709258][ T7453] __ext4_mark_inode_dirty+0x3c0/0x6fc [ 41.710217][ T7453] ext4_evict_inode+0x930/0x1084 [ 41.711018][ T7453] evict+0x414/0x928 [ 41.711620][ T7453] iput+0x6e4/0x83c [ 41.712205][ T7453] ext4_process_orphan+0x240/0x2b4 [ 41.712985][ T7453] ext4_orphan_cleanup+0x930/0x107c [ 41.713740][ T7453] ext4_fill_super+0x4724/0x4ea4 [ 41.714464][ T7453] get_tree_bdev_flags+0x360/0x414 [ 41.715230][ T7453] get_tree_bdev+0x2c/0x3c [ 41.715928][ T7453] ext4_get_tree+0x28/0x38 [ 41.716619][ T7453] vfs_get_tree+0x90/0x28c [ 41.717324][ T7453] do_new_mount+0x278/0x7f4 [ 41.718005][ T7453] path_mount+0x5b4/0xde0 [ 41.718683][ T7453] __arm64_sys_mount+0x3e8/0x468 [ 41.719493][ T7453] invoke_syscall+0x98/0x254 [ 41.720301][ T7453] el0_svc_common+0x130/0x23c [ 41.721110][ T7453] do_el0_svc+0x48/0x58 [ 41.721833][ T7453] el0_svc+0x5c/0x254 [ 41.722522][ T7453] el0t_64_sync_handler+0x84/0x12c [ 41.723399][ T7453] el0t_64_sync+0x198/0x19c [ 41.724168][ T7453] irq event stamp: 1941 [ 41.724842][ T7453] hardirqs last enabled at (1941): [] find_get_block_common+0x334/0xde8 [ 41.726371][ T7453] hardirqs last disabled at (1940): [] find_get_block_common+0x6c/0xde8 [ 41.727905][ T7453] softirqs last enabled at (1778): [] handle_softirqs+0xaf8/0xc88 [ 41.729437][ T7453] softirqs last disabled at (1627): [] __do_softirq+0x14/0x20 [ 41.730902][ T7453] ---[ end trace 0000000000000000 ]--- [ 41.733689][ T7453] EXT4-fs (loop1): 1 orphan inode deleted [ 41.734945][ T7453] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 41.743685][ T6543] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.