last executing test programs: 2.595798762s ago: executing program 3 (id=1424): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, 0x0, &(0x7f00002bf000)='GPL\x00', 0x4, 0xb7, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94) r2 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r0, r1}) syz_genetlink_get_family_id$gtp(&(0x7f000000ab40), r2) 1.619134895s ago: executing program 0 (id=1442): socket$tipc(0x1e, 0x5, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0) socket(0x10, 0x803, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)) r0 = socket(0x1, 0x803, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295a5, 0x0, 0x0, {0xa, 0x68, 0x0, 0xc8, r1}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}, @IFA_ADDRESS={0x14, 0x1, @local}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 1.615425545s ago: executing program 3 (id=1443): socket$nl_generic(0x10, 0x3, 0x10) socket$can_raw(0x1d, 0x3, 0x1) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{}, 0x0, &(0x7f00000000c0)}, 0x20) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r0, @ANYBLOB="10100000000000000800002005000000e4031680a40001800c00070000000000adffffff0c00", @ANYRES16=r0], 0x40c}}, 0x0) 1.47824999s ago: executing program 0 (id=1445): bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x899, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1c, 0x3, &(0x7f0000000000)=@framed={{0xdb, 0xa, 0xa, 0xfe00, 0xa0, 0x71, 0x10, 0x1d}}, 0x0, 0xb, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 1.410140732s ago: executing program 3 (id=1447): r0 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r0, &(0x7f0000000040), 0x10) listen(r0, 0x0) r1 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r1, &(0x7f0000000080), 0x10) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000180)={0x1, 0x5}, 0x8) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r2 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x2, 0x230}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50) io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0) sendmmsg$inet6(r1, &(0x7f0000000580)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000280)='i', 0x1}], 0x1, &(0x7f00000005c0)=ANY=[], 0x200}}], 0x1, 0x4000006) r3 = accept4$unix(r0, 0x0, 0x0, 0x0) recvfrom$unix(r3, &(0x7f0000000300)=""/279, 0x117, 0x0, 0x0, 0x0) r4 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r4, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000002940)=""/4077, 0xfed}, {0x0}], 0x2}, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)) bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2fffffffd}, 0xc) r5 = socket$igmp6(0xa, 0x3, 0x2) connect$inet6(r5, 0x0, 0x0) connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e20, 0xffffffff, @ipv4={'\x00', '\xff\xff', @loopback}, 0xffff}, 0x1c) 1.295093856s ago: executing program 0 (id=1449): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001a00)=@newtfilter={0x44c, 0x2c, 0x100, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0xffff}, {0xb, 0xffe0}, {0xd, 0x3}}, [@TCA_RATE={0x6, 0x5, {0x1, 0x12}}, @TCA_RATE={0x6, 0x5, {0x4, 0x1}}, @filter_kind_options=@f_flow={{0x9}, {0x40c, 0x2, [@TCA_FLOW_POLICE={0x408, 0xa, 0x0, 0x1, [@TCA_POLICE_RATE={0x404, 0x2, [0x8001, 0x81, 0x3, 0xfffffff8, 0x5, 0x7ff, 0xfffffffa, 0x0, 0x83f, 0x3, 0xcb14, 0x6, 0x3a3c8bd, 0x8001, 0x1, 0x3ff, 0xb8f, 0xffff, 0x1, 0x1ff, 0x76af, 0x841, 0x3, 0xbfcb, 0x2, 0x6, 0x4, 0xa7, 0x4, 0x1, 0xf46, 0x5, 0xb95a, 0x5629, 0xb8e, 0xffff, 0x143a39c2, 0x7, 0x3ff, 0x6, 0xf02, 0x2, 0x6, 0x9, 0x6, 0x9, 0x1, 0x1000, 0x14, 0x8000, 0x1, 0x2, 0x0, 0xf, 0x3a, 0xaf3, 0x3, 0x7ff, 0x1, 0xf1, 0xbf, 0x4, 0x7, 0x5, 0x3, 0xfff, 0x6, 0x1, 0xf, 0x5, 0x100, 0x140000, 0x9, 0xdaf, 0x3, 0x8001, 0x2, 0x401, 0x6, 0x15, 0x5, 0x6, 0x7, 0x1, 0xa9b, 0x8001, 0xf5, 0x9, 0x36c, 0x101, 0x0, 0x6, 0xe, 0x8, 0xfff, 0x6, 0xea3b, 0xf, 0x39de13a4, 0x2, 0x4ad3f1ab, 0x9, 0x2, 0xffff8c83, 0x9, 0x0, 0x9, 0x0, 0x6, 0x3, 0x6, 0xa, 0xa, 0xfffffff8, 0x4, 0x5, 0x7, 0x1, 0x5, 0x6, 0x8, 0xf, 0x109f, 0x5, 0x6, 0x9, 0x200, 0xb, 0x7fffffff, 0xff52, 0x7, 0xecc5, 0x76b, 0x2, 0x128, 0x5, 0xfffffffc, 0x2, 0x4, 0x4, 0xb, 0x2cfc, 0x5, 0x3, 0x2, 0xfffffff7, 0x6, 0x200, 0x6, 0x7, 0x66, 0x4, 0x73, 0xd, 0x8, 0x8, 0x7, 0x36aa, 0x10000, 0x4, 0x6, 0x5, 0x4, 0x854, 0x5, 0xdc5, 0x3, 0x1, 0x101, 0x9, 0x3, 0x5, 0x9, 0x7, 0x0, 0x6, 0xfffffffe, 0x80000001, 0x7fff, 0x81, 0x80, 0x5, 0x10001, 0x7fffffff, 0x9, 0x3, 0xff, 0x1, 0x2fd, 0xc40000, 0x3, 0x5, 0x56, 0xffff, 0x10, 0x1, 0x3, 0x101, 0xf, 0x6, 0xf7, 0x4, 0x10000, 0x1fb6, 0x0, 0x5, 0x9, 0x0, 0x40, 0x1, 0x7, 0x9, 0x6f, 0x6, 0x5, 0x0, 0x8, 0x2, 0xffffffff, 0xe, 0x105, 0x12, 0x2, 0x4, 0x43, 0x3, 0x5, 0x8, 0x400002, 0x101, 0xfff, 0x0, 0x3, 0x5, 0x8, 0x7, 0x8, 0x2, 0x8, 0x0, 0x4, 0xfff, 0xd, 0x0, 0x401, 0x5, 0x2, 0x93b148cf, 0x2, 0x7e, 0x9, 0xb, 0xfffffff7, 0x10, 0x4, 0x1]}]}]}}]}, 0x44c}}, 0x20000040) r0 = io_uring_setup(0x899, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1c, 0x3, &(0x7f0000000000)=@framed={{0xdb, 0xa, 0xa, 0xfe00, 0xa0, 0x71, 0x10, 0x1d}}, 0x0, 0x7fff, 0x53, 0x0, 0x0, 0x79, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 1.141428691s ago: executing program 0 (id=1451): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, 0x0, &(0x7f00002bf000)='GPL\x00', 0x4, 0xb7, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94) r2 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r0, r1}) syz_genetlink_get_family_id$gtp(&(0x7f000000ab40), r2) 1.100848743s ago: executing program 1 (id=1453): syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000000c0)='./file0\x00', 0x10840, &(0x7f0000000700)=ANY=[@ANYBLOB='iocharset=utf8,shortname=winnt,shortname=win95\x00\x00ni_xlate=0,showexec,shortname=winnt,shortname=win95,nonumtairodir,nonumtail=0,shortname=mixed,nfs=nostale_ro,utf8=0,\x00', @ANYRES32, @ANYRES64, @ANYRESOCT, @ANYRESHEX], 0x1, 0x26c, &(0x7f0000000340)="$eJzs3U9rU1kYB+A3bTpJC0OyGCgzDMwdZjOr0HaYfcrQgWECipKFriw2RWlqoYWCLtruit9Bv4Iu3QouxK1fQASpghvrqgshEm//JDWJjZpG7PNs+nLu++Ock17upYueXPl1eWlhZW1xd3cn8vlMZMtRjr1MFGMkRiO1FQDA92Sv0Yg3jdSw1wIAnA7vfwA4e3q9/zNbh2PnT39lAMCgfNHf/yMDWRIAMGAXL13+f7ZSmbuQJPmI5e316no1/Zlen12M61GPWkxFId5FNA6l9b//VeamkqaXxcgvb46k+c316mh7fjoKUeycn05SUW3mDvJjMbGffzYRtZiJQvzUOT/TMf9D/PlHy/ylKMTTq7ES9ViIZjbN5yJiYzpJ/jlXOZbPfegDAAAAAAAAAAAAAAAAAAAAAIBBKCWHiu3n36Tn95RK3a6n+dbzgcZ7nQ/U2Dx2vk42fskOd+8AAAAAAAAAAAAAAAAAAADwrVi7eWtpvl6vrfYqbjy592gnlwY+2dy7yOzP219qu2fP+Ml2caz48fcXdzpdykWu38/n84qxiGgdSfanfPjbACf9WsXjnWs//7U2+Xe3nsi2jtxubrWtp8uNlB3UB/66ENG1J9/3Ddla3D8oym8/6jm4lWqr48P+xU3eLc8/2Hj+6qSpHg+NxuggHkUAAAAAAAAAAAAAAAAAAHDmHf3T77BXAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDc/T9//0WuWgbyXdt3hr2HgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4H0AAAD//7qXlSU=") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000280)=""/59, 0x5e) ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, &(0x7f0000000f80)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) 1.063943314s ago: executing program 2 (id=1454): r0 = socket$tipc(0x1e, 0x4, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r1, &(0x7f0000000240)={&(0x7f00000003c0)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1000a8d0}, 0x40000) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ccb000/0x9000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f00009e9000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r2 = io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0xa, 0x20002f7}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40005}, 0x8000) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4) r3 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0) 925.494299ms ago: executing program 1 (id=1455): socket$tipc(0x1e, 0x5, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) socket(0x10, 0x803, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = socket(0x1, 0x803, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295a5, 0x0, 0x0, {0xa, 0x68, 0x0, 0xc8, r1}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}, @IFA_ADDRESS={0x14, 0x1, @local}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 801.073973ms ago: executing program 1 (id=1456): sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002fc0)=@newchain={0x1388, 0x64, 0x100, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x4, 0x10}, {0xffe0, 0x2}, {0xe, 0xb}}, [@f_tcindex={{0xc}, {0x14, 0x2, [@TCA_TCINDEX_SHIFT={0x8, 0x3, 0x8}, @TCA_TCINDEX_CLASSID={0x8, 0x5, {0xa}}]}}, @f_tcindex={{0xc}, {0x1338, 0x2, [@TCA_TCINDEX_HASH={0x8, 0x1, 0x31f0}, @TCA_TCINDEX_MASK={0x6}, @TCA_TCINDEX_ACT={0x1324, 0x7, [@m_skbedit={0x154, 0x0, 0x0, 0x0, {{0xc}, {0x6c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_MARK={0x8, 0x5, 0x50}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x0, 0x4, 0x8, 0x6, 0x42b68165}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x9}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x7}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x3}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x5}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0xf319, 0x0, 0xf2ec1842c81a2ba0, 0x8, 0x80000000}}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x6}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x3}]}, {0xbd, 0x6, "cdcfcd992129242badf4e75290670ba9fcb5797a050d292b3969f1e53c3bed205cc440fd825a803eb562ce89c8f9c7d28003c4e9b86bd7186fb50863a7d4c3257f4dc79aa3bcd7e8fc78ce891dae54b6f0b816533279f28d96e812855adbca59046882977a2b541e7e555f1f416f9c9d3e44cd6dd506c0ba28cd2b993ec0d764a7f63d889fd1fdcca443752bbca24949a9eefcaf1d971c2c414424a69897ffae698a0fb14501df8e5a0423f01be91982aee6202d357fff5cc3"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x7, 0x2}}}}, @m_connmark={0x138, 0x1c, 0x0, 0x0, {{0xd}, {0xac, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x6, 0x5, 0x7, 0x4, 0x5}, 0x9}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x400, 0x3, 0x3, 0x9, 0x5}, 0x4}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0x80000000, 0x6, 0x6, 0x2}, 0x7ff}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xc, 0x1, 0x7, 0x5, 0x6}, 0x2}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x7, 0x1, 0x7, 0x4, 0x3e76f9e}, 0x4}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0x2, 0x4, 0xbf58, 0xd5}, 0x2c3}}]}, {0x5d, 0x6, "3189565d76bf092330207524ce042bf23eacfcf62beb7e624b98da8ee9fa0c09c118ab52795888690314e07b859eab8464372dd69840aefb7d55583af8173170af6c9c19055f8830ce996e0acaa75006863dca8a9bf10698d2"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}, @m_bpf={0x134, 0x2, 0x0, 0x0, {{0x8}, {0x50, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0xf, 0xfffffff7, 0x6, 0x6, 0xffffffff}}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0xe0000000, 0xa, 0x10000000, 0x1, 0xa}}, @TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x1}]}, {0xbd, 0x6, "6a12521adb82d662b3bed716a5aa9335c2b5f43d7c4f8e20e33cf5a061242476313749108644eaa262f0f7d9ccc441b39210a9c89a6f61a91eede22338d8f6bc275835d794be7c2f029b148ee510ad5dca6616bc319d639e17666edbe8de375fa62f6bf9ddd9424e7bb6b28d1fad2ee250e19cfcb41e0b5a5841f95279c6eca2982567a660fbc07b7980a96b9f254ada6aec0bf5192392bf3503a2f645e61ced4794eb0ed40c827071983669d85f372b08938a68ab3c6737ae"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_tunnel_key={0xf4, 0x6, 0x0, 0x0, {{0xf}, {0x54, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x2}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @private1}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x4, 0x1, 0x2, 0x101, 0x1}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @multicast2}, @TCA_TUNNEL_KEY_NO_CSUM={0x5}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @empty}]}, {0x71, 0x6, "01f59e04f3e3c50b5d7801cd1dab4a6ea1108e1cb49dce9b7117603bbf3c569f835836fde86410eb323f30f71a894e32f23a69e8fd8de2b8e6fd736ff0db80914b9f6d8f4dd7c8e7328156f233d0e24c85d0aeba4378e0fee965c4905afc2e0a4ba9af1198c2a335c81f0f148d"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_skbmod={0xa4, 0x13, 0x0, 0x0, {{0xb}, {0x78, 0x2, 0x0, 0x1, [@TCA_SKBMOD_DMAC={0xa, 0x3, @multicast}, @TCA_SKBMOD_ETYPE={0x6}, @TCA_SKBMOD_PARMS={0x24, 0x2, {{0x5, 0x3, 0x2, 0x1, 0xf}, 0x6}}, @TCA_SKBMOD_DMAC={0xa}, @TCA_SKBMOD_SMAC={0xa, 0x4, @broadcast}, @TCA_SKBMOD_PARMS={0x24, 0x2, {{0x5, 0x4, 0xffffffffdfffffff, 0x1, 0x100}}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}, @m_police={0xdc8, 0x1f, 0x0, 0x0, {{0xb}, {0xce0, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0xbb6, 0x7, 0x7, 0x0, 0x2, 0x68, 0x5, 0xc7, 0x5c1, 0x2, 0x9, 0x8, 0x5, 0x4, 0xc, 0x5, 0x0, 0x9, 0x7, 0x9, 0x1000, 0x5, 0x1a5, 0x7, 0xb, 0x7fffffff, 0xc, 0x401, 0xfffff6fc, 0xa, 0x71ca, 0x1, 0x800000, 0xfffff801, 0x2, 0xe, 0xf, 0xfffffffb, 0x7, 0xca3, 0x8, 0x400, 0x1, 0x0, 0x10, 0x6, 0x8c6, 0x1, 0x7, 0xf3, 0x4, 0x1, 0x4, 0x9, 0x5, 0x8, 0x0, 0x10, 0xfffffff8, 0x3, 0x6b, 0x9488, 0x2, 0x3, 0x2, 0x7, 0x0, 0x9, 0x9, 0x1ff, 0x6, 0x8, 0x5f, 0x8, 0x0, 0x8, 0x2, 0x5, 0x1000, 0x8000, 0x8001, 0x422f, 0x6, 0x9, 0x7, 0x5, 0x101, 0x3, 0x7, 0x7, 0xd8f, 0x9, 0x7fff, 0x313, 0x6, 0x5, 0x0, 0x4, 0xd1be, 0xb4d4, 0x29, 0x8, 0x7, 0x1, 0x20000000, 0x149, 0x800, 0x0, 0xe, 0x7ff, 0x8, 0xffffffff, 0x2, 0x7, 0x4, 0x80000001, 0x10001, 0xfffffff7, 0x969, 0x6, 0x9, 0x1, 0x6, 0xfffffffe, 0x8, 0x1, 0x80000000, 0xe6, 0x1000, 0x7, 0x6, 0x6, 0xe85d, 0x9, 0x10000, 0x7fffffff, 0x6000, 0xffff, 0x80, 0x6, 0xfffffeff, 0x0, 0x46, 0x8, 0x0, 0x101, 0x5, 0xfffffffa, 0x84, 0x2, 0x2, 0xa8, 0x6, 0x3, 0x7, 0xffff613d, 0x0, 0x1, 0x5, 0x8, 0x0, 0x8001, 0x1, 0x3ff, 0xcae, 0x4, 0x7, 0xff, 0xfffffffd, 0x4, 0xfffffffd, 0x80000000, 0x3, 0x5, 0x2, 0xbdba, 0xd, 0xfffffff7, 0x10, 0x1, 0x1, 0x8, 0xffff, 0x9, 0x6b, 0x4, 0xffff, 0x2, 0x4aa, 0x5, 0x3, 0x4, 0x6, 0x4, 0x6, 0xc, 0x401, 0x6, 0x8, 0x4, 0x5, 0x0, 0x2, 0x0, 0xffff, 0x9, 0x7, 0x9c, 0xffffff17, 0xffff, 0xa86f, 0xffffff80, 0x8f83f90, 0x0, 0x1, 0xffffffff, 0x1, 0x8, 0x3, 0xfffffff9, 0x5, 0x1, 0x1, 0x2, 0x4, 0xe, 0x3, 0x8000, 0x8c88, 0x9, 0x74, 0x3, 0x8001, 0x3, 0x81, 0xe, 0x6, 0x4, 0x200, 0x0, 0x0, 0x3, 0xd, 0x96ad, 0x2, 0xe0, 0x5, 0x1, 0x3, 0x1, 0xfffff81e, 0x9, 0x0, 0x400, 0x6e0, 0x8]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x1}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x2}, @TCA_POLICE_RESULT={0x8}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x4, 0x40, 0x6, 0x5, 0x0, 0xaff0, 0x876, 0x1, 0x8, 0x4, 0x3102, 0x6e5, 0x1, 0x9, 0x5, 0x3, 0xa, 0x3ff, 0x4, 0x102, 0x8, 0xfffffff9, 0x6, 0xe, 0x6, 0x5, 0x16f7, 0x1, 0x2, 0x6, 0x5, 0x2, 0x1ec5cd78, 0x3ff, 0x14, 0x5, 0x0, 0x6, 0x4, 0x112, 0xd97, 0x5, 0x70, 0x48c9, 0x4d, 0x10000, 0x4, 0xa3, 0x4, 0xfffffffa, 0x5, 0x2, 0x1, 0xe19f, 0x8, 0x3, 0x7, 0x6, 0xffffffff, 0x9e, 0x8, 0x9, 0xffffff01, 0x9, 0x80000001, 0x7, 0x2, 0x616c, 0x7, 0x2, 0x7, 0x1, 0x7fffffff, 0x100000, 0x40, 0x40, 0x1000, 0xffffffff, 0x3, 0x200, 0x479d, 0xffff4cb0, 0x3, 0x7, 0x7ff, 0x1000, 0x7, 0x2, 0x3, 0x7, 0x8, 0x101, 0x80, 0x7fff, 0x7, 0x2, 0x8c, 0x9, 0x2, 0x6, 0x2, 0x6a, 0x8, 0x1, 0x135, 0x5, 0x8, 0xd9, 0x0, 0x101, 0x3, 0x3, 0x3, 0x6, 0x6, 0x40, 0x6, 0xc, 0xc, 0x6, 0x5, 0x401, 0x11e, 0x2, 0x1ff, 0x4, 0x1, 0x283, 0x40, 0xb, 0x2, 0xfffffffa, 0x4, 0xcf8, 0x7, 0x1, 0x3ff, 0x0, 0x3, 0x5, 0x9, 0x2498, 0xac, 0x3ff, 0x6, 0x8, 0x7, 0x2bd9, 0x5, 0x1, 0x7, 0x2, 0x7f, 0x7f, 0x8000, 0x0, 0x3, 0x4, 0xffffffff, 0xe, 0x6, 0x10001, 0x9, 0x5, 0x1, 0x9, 0x7, 0x4, 0x7, 0x4, 0x8, 0x8000, 0x80, 0x9, 0x101, 0xe, 0xcc6, 0x8, 0x8001, 0x4c6, 0x7, 0x6, 0x6, 0xfffffffd, 0xf, 0x1, 0x8, 0xc2b4, 0x8, 0x9eb, 0x1, 0xd5bb, 0xfffffffc, 0x1, 0x8, 0xc, 0x1, 0x2, 0x5, 0x2, 0x7, 0x8, 0x9, 0x3, 0x2, 0x2, 0x7ff, 0x2, 0xb, 0x0, 0x7, 0x7, 0x0, 0x9, 0x1, 0x2, 0x1, 0x2, 0x9, 0x2, 0x80000001, 0xfffffadd, 0x9, 0x4, 0xfff, 0x2, 0x6, 0xfffffff9, 0x369b, 0x6, 0xc, 0x1, 0xffff, 0x7, 0x40, 0x2, 0x7, 0x7, 0x9, 0x6, 0x4092, 0x1, 0xce, 0xa, 0x9, 0x8, 0x9, 0x2, 0x7, 0x6, 0x3, 0xfffffffe, 0xbb13, 0xa5, 0xffffffff, 0xa49b]}, @TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x2}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x1c}, @TCA_POLICE_RATE64={0xc, 0x8, 0xfffffffffffffff7}, @TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_TBF={0x3c, 0x1, {0x8, 0x20000000, 0x5b, 0x7f, 0x8001, {0x42, 0x0, 0x66f, 0x1ff, 0x1000, 0xfffffff7}, {0x40, 0x0, 0x9, 0x2, 0xffff, 0x4}, 0x7ff, 0xb, 0xe}}], [@TCA_POLICE_TBF={0x3c, 0x1, {0xff, 0x4, 0xa, 0x9, 0x0, {0xc, 0x0, 0x6, 0x7fff, 0xb96, 0x8}, {0x9, 0x2, 0x6, 0x3, 0x2, 0x2}, 0x3186, 0x0, 0x6}}], [@TCA_POLICE_RATE64={0xc, 0x8, 0xf}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x9, 0x10, 0x634d, 0x3, 0x6, 0x7, 0x57a9d0a4, 0x1, 0x4, 0x3, 0x7, 0x4, 0x4, 0xe, 0x1, 0x9, 0x6, 0x101, 0x4, 0x800, 0xb651, 0x100, 0xe1, 0x3, 0xb507, 0x0, 0x80, 0x200, 0x9, 0x10, 0xb, 0x6, 0x3, 0x7ff, 0xa813, 0xb3, 0x94, 0x5, 0x9, 0x10000, 0x3, 0x9, 0xfffffff9, 0x5d84, 0x100, 0x7, 0x3, 0x4, 0x0, 0xeb, 0xf, 0x0, 0x2, 0x4, 0xfff, 0x8cb, 0x4, 0x39, 0x6, 0x10000, 0x2, 0x4, 0x9, 0x4, 0x5, 0xc0, 0x2, 0x3, 0x6, 0xc8d0, 0x9, 0x7, 0x200, 0x2, 0x7fffffff, 0x90e, 0x101, 0x0, 0x8, 0x1, 0x5a, 0xc0000000, 0x329, 0x5, 0x80000000, 0x9, 0x6, 0x1, 0x5, 0x0, 0xd5f, 0x7, 0x8, 0x2, 0x5, 0x401, 0x1e4, 0xfffffbff, 0x4, 0x9, 0x2, 0x7, 0x3, 0xb, 0xffffffff, 0x4, 0xc, 0x1, 0x2, 0x80000000, 0x0, 0x8000, 0xfffffff5, 0x0, 0x7, 0x4, 0x40, 0x4, 0x0, 0xd90a3d3c, 0x400, 0x7, 0x75a, 0x1, 0xa, 0x68, 0x5, 0x6, 0x1c, 0x15, 0x0, 0x4, 0x6, 0x3, 0x72da, 0x3, 0x5, 0x3, 0x6, 0xe, 0x1f6, 0x8, 0x366, 0x1, 0xfffff7fa, 0x7, 0x7, 0x0, 0x5, 0x60000, 0xffffffff, 0x8, 0x8, 0x465, 0x304dfa2b, 0x6, 0x389f, 0x5, 0xd, 0x8, 0x10, 0x6, 0x0, 0xbc03, 0x0, 0x480000, 0x55d7b526, 0x8000, 0x7, 0xffffe0d7, 0x100, 0x0, 0x6, 0x6, 0x2, 0x0, 0x800, 0x5, 0x5, 0x3, 0x3, 0x400, 0x9, 0x7, 0x610, 0x9baf, 0x9, 0xda8, 0xdb6, 0x8, 0xeda, 0x5a, 0x6de6, 0x7, 0x7, 0x5, 0xffff, 0x1000, 0x10, 0x1ff, 0xfffffffa, 0x2, 0x81, 0x6948, 0x0, 0xe, 0x6, 0xb8, 0x12, 0x3, 0x0, 0x1, 0x0, 0x2e21, 0x0, 0x8000, 0x4, 0x0, 0x6, 0x9, 0x2, 0x0, 0x9, 0x8, 0x7, 0x9, 0x9, 0xcd5, 0x1, 0xb, 0x7, 0x1, 0x400, 0x8, 0x9, 0x3ff, 0xab, 0x5, 0x400, 0x6, 0x20000000, 0x4, 0x6, 0x400, 0x8, 0x2, 0x0, 0x1, 0x4f6, 0x1, 0x14c, 0x8, 0x7, 0x400, 0x8001, 0x7]}]]}, {0xbe, 0x6, "dcd8eb68c144c975605ef5d07eec81e2dd11694d0aac3a59fd61b35562c4745fba965e31890462850684a0639f08a316e5bcfad8cf8de8952c6c7e1ecc4386c1ff198c5666c8772473a90b6a9eb7f72877aea6d01da6d2ab36fc3580bb31736f24039a2f391637f2d020697cd2f370128b3038368f674bbeb2d0ae80b5aa9262d96a5c98d012c91d3aa78e91ac5811eca7f7ef7248ea63fa3f30dfb110d1cabbc797bf14a7e5a2a94e026b54bc8d0e3821f2f85307a06eb83652"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}}]}, 0x1388}, 0x1, 0x0, 0x0, 0x2000004}, 0x40) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x899, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x10, 0x7fff0000}]}) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 800.861313ms ago: executing program 2 (id=1457): bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x899, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1c, 0x3, &(0x7f0000000000)=@framed={{0xdb, 0xa, 0xa, 0xfe00, 0xa0, 0x71, 0x10, 0x1d}}, 0x0, 0xb, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 762.775574ms ago: executing program 2 (id=1458): r0 = creat(&(0x7f0000000080)='./file0\x00', 0xc7) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x101000, 0x800, 0x3, 0x1}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000240)=0x1, 0x4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth1_to_batadv\x00', 0x0}) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r1, &(0x7f00000001c0)={0x2c, 0x8, r3}, 0x10) sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x8000) 639.746138ms ago: executing program 2 (id=1459): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x4361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0x0, 0xd}, {0x6, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_MEMORY={0x8, 0xa, 0xb}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x240040e0}, 0x894) r3 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r3, &(0x7f0000000240)="800000800000210ee7decd7a0003", 0xe, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r2, 0x1, 0xd8, 0x6, @broadcast}, 0x14) 638.844008ms ago: executing program 1 (id=1460): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {0x0, 0xc}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=@newchain={0x24, 0x64, 0x1, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0xfff1, 0xc}, {0x5, 0xc}, {0xfff2, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x24044801}, 0x24040000) 543.504231ms ago: executing program 1 (id=1461): socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6(0xa, 0x800000000000002, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000310000/0x400000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f00003f8000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="5400020029000b05d25a806f8c6394f90424fc602f0011002e2f0100053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='/', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845) io_uring_enter(0xffffffffffffffff, 0x3bee, 0x7724, 0x16, 0x0, 0xffffffffffffffba) 446.593295ms ago: executing program 3 (id=1462): r0 = socket$kcm(0x1e, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000540)={&(0x7f0000000280)=@tipc=@id={0x1e, 0x3, 0x0, {0x4e22}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000300)="80", 0x1}], 0x1}, 0x0) recvmsg$kcm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000001680)=""/4096, 0x1000}], 0x1, &(0x7f0000000880)=""/175, 0xaf}, 0x20) 349.504808ms ago: executing program 1 (id=1463): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000100)={[{@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@discard}, {@errors_remount}, {@data_err_ignore}, {}]}, 0xfe, 0x28c, &(0x7f0000004240)="$eJzs3b9rO2UcB/DP5UdrbClVFycRREQLpQ6C4KKLhYIUERG0UJHqorRCbdfGycXBXaWTSxE3q+AiLsXFP6Bqh7q4FAeLgg6R3F0gTdM2NsnlS+/1glyeS5+75wnk/eRK7+kTQGnNR8TzEVGNiIWIqEdE0l3h0ewxn+/uN47WI1qtV/5I0nrZfqZz3ExENCPi2Yha52e7h2+c/nW8/MTHO/XHvzh8vVHU++t2dnry0vnnqx99vfL0biV/bTZ/7n4fo5T0ea2WRDw4jsbuEUltwIrTY+4IN/jq53buH4qIx9L816OSR/aT7akf6vHUZ/2Pmzovtp/AOLRa9fZ3YLMFlE4lvQZOKosRkZUrlcXF7Br+l2oS721tf7DwztbO5sakRypgBJJm9nvvyYvfTn8z05P/36tZ/gfyzJh7CoxFO/+vvnzwa7t8Xp10b4ACfNcptPO/8ObekyH/UDryD3fNoH94lX8oM/mHO+C67F5zf5X8Q3nJP5TXoPlvFtgnYETqnUL/BA///f93fgfh7bsIFG0u3br+h/LqyX8+HzefrTrYRf/y2xvvjq+DwKitdQrd+QcAyqU1PeEJyMDETHr8AQAAAAAAAAAAAAAAAAAALttvHK13HkW1+eOnEWcvZMsWdbefLVtQTdcjjrgv3d7/Z3JhdaPkf6121N/akMcP68sRz75evWa9h37mfhtt+4ObSrc/PTKes394cbdxVb29zYhmu/JSrXb585/kn78bXXn+B244sP7WYA2MStKz/9xrxbbf69+Dyba/chzxfXv8Weo3/lXi4fS5//gz2/0vlm/p/X+GPAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACF+S8AAP//MSJ0XA==") r0 = creat(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x9) symlink(&(0x7f0000000440)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') creat(&(0x7f0000000d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1) rename(&(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') chmod(0x0, 0x51) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) 317.846429ms ago: executing program 2 (id=1464): socket$tipc(0x1e, 0x5, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) socket(0x10, 0x803, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = socket(0x1, 0x803, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295a5, 0x0, 0x0, {0xa, 0x68, 0x0, 0xc8, r1}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}, @IFA_ADDRESS={0x14, 0x1, @local}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 305.56884ms ago: executing program 3 (id=1465): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[], 0x10448) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0) r1 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f00000005c0)={'nat\x00', 0x0, 0x0, 0x0, [0x5, 0x1922, 0xaf03, 0xfffffffffffffffb, 0x9, 0xfffffffffffffff7], 0x1, 0x0, 0x0, [{}]}, 0x88) 234.782852ms ago: executing program 0 (id=1466): bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, 0x0, 0x0, 0x4}, 0x94) prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x899, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1c, 0x3, &(0x7f0000000000)=@framed={{0xdb, 0xa, 0xa, 0xfe00, 0xa0, 0x71, 0x10, 0x1d}}, 0x0, 0xb, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 97.445477ms ago: executing program 3 (id=1467): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) fcntl$addseals(r0, 0x409, 0x71b325cc0ffe4181) 97.245807ms ago: executing program 0 (id=1468): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f00000001c0)={[{@data_err_ignore}, {@dioread_nolock}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@grpid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x3c}}, {@min_batch_time={'min_batch_time', 0x3d, 0x3}}]}, 0x1, 0x47a, &(0x7f00000006c0)="$eJzs28uPFMUfAPBv9z6AH4/lh/gAUVeJyUbjLrugcvCi0cQYjCZ6wOM6O5ANA2vY1QgSWYzxZGJI9Ew8Gv0LvBkTo55MuHryZEiIcgE8remebpgdZni4M8yy8/kkPVPVXT1VNdWP6qqZAPrWaPaSRGyKiN8jYqQeXZ5gtP525dKpytVLpypJLC299VeSp7t86VSlTFrut7GIjKUR6adJkcly8ydOHpmu1arHi/jEwtH3JuZPnHzmg6PTh6uHq8em9u/ft3fy+eemnu1IPbN6Xd758dyuHa++c/b1ysGz7/7yXVbeTcX2xnp0ymhW8b+Xcs3bnux0Zj22uSGcDPawINyRgYjImmsoP/9HYiCuN95IvPJJTwsHdFV2b1rXfvPiErCGJdHrEgC9Ud7os+ffcrlLXY9V4eKL9QegrN5XiqW+ZTDSIs1Q0/NtJ41GxMHFf85lS3RpHAIAoNHnla8ODEfER1e/fS3re4xERDke9ED++kf+uqWYQ9kaEf+PiG0RcV9EbI+I+4u0D0bEQyssz439n/TCCj/yprL+3wvF3Nby/l/Z+4utA0Vsc17/oeTQbK26J9bl38lYDK3L4pM3yeOHl89/0W5bY/8vW7L8y75gUY4Lg00DdDPTC9N5p7QDLp6J2DnYqv7JtZmAJCJ2RMTOO/voLWVg9qlvdrVL1Lr+l8/dVg4dmGda+jqr3mJW/8Voqn8paZyfnL1hfnJifdSqeybqR0Urv/722Zvt8r91+3fXxWr9vaH9m5NsTRrna+c7m/9/PP7T4eTtfJ55uFj34fTCwvHJiOHkQB5ftn7q+r5lvEyfHf9ju1uf/9uKfbL6PxwR2UH8SEQ8GhGPFWV/PCKeiIjdN6njzy/duv6R9qj9z0TMtLz+XTv+m9r/zgMDR376vl3+t9f++/LQWLEmv/7dQqviZJeL5gKu5LsDAACAe0Wa/wY+ScevhdN0fLz+G/7t8b+0Nje/8PShufePzcT5LfXxz7Qc6RopxkNrs7XqZLJYfGJ9fHSqGCsux0v3FuPGXw5syOPjlbnaTI/rDv1uY5vzP/PnQK9LB3TZhpZrp4bvekGAHmieR0+XR0+/ES4GsFb5vzb0r/L8b/O83/g/GGCNcf+H/tXq/D/dFDcXAGuT+z/0L+c/9Kn0xxXs7KkA7nXu/9CXVvK//i4G1q+OYvQmsFobJQ9ElIF0VZRHoEuBXl+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOuPfAAAA//+Pc+dq") 0s ago: executing program 2 (id=1469): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {0x0, 0xc}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=@newchain={0x24, 0x64, 0x1, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0xfff1, 0xc}, {0x5, 0xc}, {0xfff2, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x24044801}, 0x24040000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.128' (ED25519) to the list of known hosts. [ 73.403853][ T5757] cgroup: Unknown subsys name 'net' [ 73.539867][ T5757] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 74.935305][ T5757] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 76.405423][ T5776] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 76.414846][ T5776] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 76.421684][ T5777] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 76.422593][ T5776] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 76.437490][ T5776] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 76.445486][ T5777] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 76.447087][ T5776] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 76.460090][ T5782] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 76.468834][ T5782] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 76.474626][ T5780] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 76.476266][ T5782] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 76.490156][ T5777] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 76.492653][ T5782] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 76.506271][ T5777] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 76.514151][ T5782] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 76.522242][ T5777] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 76.523032][ T5085] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 76.544302][ T5781] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 76.555503][ T5781] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 76.555821][ T5085] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 76.564652][ T5781] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 76.577902][ T5085] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 76.589131][ T5777] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 76.596633][ T5777] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 76.991455][ T5770] chnl_net:caif_netlink_parms(): no params data found [ 77.019490][ T5769] chnl_net:caif_netlink_parms(): no params data found [ 77.093683][ T5771] chnl_net:caif_netlink_parms(): no params data found [ 77.107954][ T5768] chnl_net:caif_netlink_parms(): no params data found [ 77.217005][ T5769] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.226214][ T5769] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.235178][ T5769] bridge_slave_0: entered allmulticast mode [ 77.246060][ T5769] bridge_slave_0: entered promiscuous mode [ 77.255633][ T5769] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.262982][ T5769] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.270140][ T5769] bridge_slave_1: entered allmulticast mode [ 77.277092][ T5769] bridge_slave_1: entered promiscuous mode [ 77.284697][ T5770] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.291876][ T5770] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.300156][ T5770] bridge_slave_0: entered allmulticast mode [ 77.307190][ T5770] bridge_slave_0: entered promiscuous mode [ 77.315706][ T5770] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.323049][ T5770] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.330438][ T5770] bridge_slave_1: entered allmulticast mode [ 77.337696][ T5770] bridge_slave_1: entered promiscuous mode [ 77.412444][ T5769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.447944][ T5770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.470957][ T5769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.480457][ T5771] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.487929][ T5771] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.495424][ T5771] bridge_slave_0: entered allmulticast mode [ 77.502338][ T5771] bridge_slave_0: entered promiscuous mode [ 77.511995][ T5770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.530886][ T5768] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.539460][ T5768] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.547405][ T5768] bridge_slave_0: entered allmulticast mode [ 77.554594][ T5768] bridge_slave_0: entered promiscuous mode [ 77.572977][ T5768] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.580107][ T5768] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.589938][ T5768] bridge_slave_1: entered allmulticast mode [ 77.597703][ T5768] bridge_slave_1: entered promiscuous mode [ 77.606177][ T5771] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.614520][ T5771] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.621653][ T5771] bridge_slave_1: entered allmulticast mode [ 77.629116][ T5771] bridge_slave_1: entered promiscuous mode [ 77.671476][ T5769] team0: Port device team_slave_0 added [ 77.687990][ T5770] team0: Port device team_slave_0 added [ 77.705912][ T5769] team0: Port device team_slave_1 added [ 77.715017][ T5768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.727196][ T5771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.739996][ T5771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.751876][ T5770] team0: Port device team_slave_1 added [ 77.768171][ T5768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.835451][ T5771] team0: Port device team_slave_0 added [ 77.842264][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 77.851761][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.878221][ T5769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 77.891593][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 77.898743][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.925142][ T5769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 77.949464][ T5768] team0: Port device team_slave_0 added [ 77.956380][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 77.965790][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.992359][ T5770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.005472][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.012447][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.038470][ T5770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.051310][ T5771] team0: Port device team_slave_1 added [ 78.080878][ T5768] team0: Port device team_slave_1 added [ 78.156470][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.163543][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.189964][ T5771] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.208226][ T5770] hsr_slave_0: entered promiscuous mode [ 78.214723][ T5770] hsr_slave_1: entered promiscuous mode [ 78.227495][ T5769] hsr_slave_0: entered promiscuous mode [ 78.233782][ T5769] hsr_slave_1: entered promiscuous mode [ 78.239931][ T5769] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 78.247921][ T5769] Cannot create hsr debugfs directory [ 78.264191][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.271183][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.297986][ T5771] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.326880][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.336766][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.365744][ T5768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.407978][ T5771] hsr_slave_0: entered promiscuous mode [ 78.415077][ T5771] hsr_slave_1: entered promiscuous mode [ 78.421466][ T5771] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 78.429842][ T5771] Cannot create hsr debugfs directory [ 78.436010][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.443225][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.469235][ T5768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.603990][ T5777] Bluetooth: hci3: command tx timeout [ 78.609713][ T5777] Bluetooth: hci2: command tx timeout [ 78.624852][ T5768] hsr_slave_0: entered promiscuous mode [ 78.631210][ T5768] hsr_slave_1: entered promiscuous mode [ 78.638421][ T5768] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 78.646204][ T5768] Cannot create hsr debugfs directory [ 78.683110][ T5777] Bluetooth: hci0: command tx timeout [ 78.683132][ T5774] Bluetooth: hci1: command tx timeout [ 78.906394][ T5770] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 78.926093][ T5770] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 78.936524][ T5770] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 78.947060][ T5770] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 79.029727][ T5769] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 79.048688][ T5769] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 79.060084][ T5769] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 79.073271][ T5769] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 79.159472][ T5768] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 79.190037][ T5768] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 79.236301][ T5768] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 79.246314][ T5768] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 79.285971][ T5771] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 79.305754][ T5771] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 79.317402][ T5771] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 79.326877][ T5771] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 79.347465][ T5770] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.370725][ T5770] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.403321][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.410633][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.434661][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.441787][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.509155][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.564119][ T5769] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.651456][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.658674][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.669514][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.676797][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.700143][ T5771] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.710838][ T5768] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.747722][ T5771] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.789023][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.796173][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.814157][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.821351][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.850497][ T5768] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.879789][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.886969][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.927217][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.934394][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.949853][ T5770] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.976965][ T5769] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 80.077827][ T5768] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 80.090413][ T5768] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 80.174693][ T5770] veth0_vlan: entered promiscuous mode [ 80.217686][ T5770] veth1_vlan: entered promiscuous mode [ 80.296273][ T5770] veth0_macvtap: entered promiscuous mode [ 80.317804][ T5770] veth1_macvtap: entered promiscuous mode [ 80.359140][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.375584][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.406843][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.475170][ T5770] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.502774][ T5770] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.511532][ T5770] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.520857][ T5770] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.596555][ T5768] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.619035][ T5769] veth0_vlan: entered promiscuous mode [ 80.649190][ T5771] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.661282][ T5769] veth1_vlan: entered promiscuous mode [ 80.689621][ T5777] Bluetooth: hci3: command tx timeout [ 80.690365][ T5774] Bluetooth: hci2: command tx timeout [ 80.744146][ T5768] veth0_vlan: entered promiscuous mode [ 80.764102][ T5774] Bluetooth: hci1: command tx timeout [ 80.764137][ T5777] Bluetooth: hci0: command tx timeout [ 80.795670][ T5769] veth0_macvtap: entered promiscuous mode [ 80.806991][ T5768] veth1_vlan: entered promiscuous mode [ 80.829619][ T5769] veth1_macvtap: entered promiscuous mode [ 80.854074][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.862175][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.864881][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.884569][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.896659][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.907238][ T5771] veth0_vlan: entered promiscuous mode [ 80.926116][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.937990][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.949281][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.977592][ T5769] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.989118][ T5769] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.998551][ T5769] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.008078][ T5769] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.033838][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.048774][ T5771] veth1_vlan: entered promiscuous mode [ 81.055462][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.074430][ T5768] veth0_macvtap: entered promiscuous mode [ 81.150643][ T5768] veth1_macvtap: entered promiscuous mode [ 81.222832][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.249456][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.272699][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.283421][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.311178][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.329014][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.339670][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.350375][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.360993][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.372324][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.389883][ T5771] veth0_macvtap: entered promiscuous mode [ 81.403284][ T5768] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.412446][ T5768] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.423066][ T5768] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.432300][ T5768] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.447905][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.458628][ T5771] veth1_macvtap: entered promiscuous mode [ 81.477285][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.561006][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.575536][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.586584][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.597430][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.607559][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.642187][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.655587][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.680789][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.719721][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.724595][ T5844] syz.2.8[5844]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 81.742101][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.763074][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.774321][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.789335][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.802507][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.820204][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.832104][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.833135][ T5844] loop2: detected capacity change from 0 to 8192 [ 81.851686][ T5844] ======================================================= [ 81.851686][ T5844] WARNING: The mand mount option has been deprecated and [ 81.851686][ T5844] and is ignored by this kernel. Remove the mand [ 81.851686][ T5844] option from the mount to silence this warning. [ 81.851686][ T5844] ======================================================= [ 81.890961][ T5771] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.902204][ T5771] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.914192][ T5771] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.925075][ T5771] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.047202][ T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.072737][ T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.205094][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.223360][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.341319][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.395556][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.537360][ T2937] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.576550][ T2937] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.763262][ T5777] Bluetooth: hci3: command tx timeout [ 82.763519][ T5774] Bluetooth: hci2: command tx timeout [ 82.845798][ T5774] Bluetooth: hci1: command tx timeout [ 82.853084][ T5774] Bluetooth: hci0: command tx timeout [ 83.208967][ T5861] loop2: detected capacity change from 0 to 256 [ 83.338935][ T5853] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.348344][ T5853] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.330894][ T5870] loop2: detected capacity change from 0 to 512 [ 84.349679][ T5870] EXT4-fs: Ignoring removed orlov option [ 84.486690][ T5870] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.512934][ T5870] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.618020][ T5870] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #15: comm syz.2.16: corrupted xattr block 33: bad e_name length [ 84.651357][ T5870] EXT4-fs error (device loop2): ext4_get_inode_usage:888: inode #15: comm syz.2.16: corrupted xattr block 33: bad e_name length [ 84.728732][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.811510][ T5853] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 84.843089][ T5777] Bluetooth: hci2: command tx timeout [ 84.848584][ T5774] Bluetooth: hci3: command tx timeout [ 84.849873][ T5876] netlink: 28 bytes leftover after parsing attributes in process `syz.2.17'. [ 84.867426][ T5853] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 84.923706][ T5774] Bluetooth: hci0: command tx timeout [ 84.929157][ T5774] Bluetooth: hci1: command tx timeout [ 85.452130][ T5853] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.462109][ T5853] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.634822][ T5853] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.687563][ T5853] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.246693][ T5867] lo speed is unknown, defaulting to 1000 [ 86.267897][ T5867] lo speed is unknown, defaulting to 1000 [ 86.276292][ T5867] lo speed is unknown, defaulting to 1000 [ 86.288066][ T5867] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 86.303840][ T5867] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 86.360454][ T5867] lo speed is unknown, defaulting to 1000 [ 86.369473][ T5867] lo speed is unknown, defaulting to 1000 [ 86.376794][ T5867] lo speed is unknown, defaulting to 1000 [ 86.383932][ T5867] lo speed is unknown, defaulting to 1000 [ 86.406287][ T5853] syz.0.10 (5853) used greatest stack depth: 20904 bytes left [ 86.579262][ T5891] loop0: detected capacity change from 0 to 1024 [ 86.619970][ T5891] EXT4-fs: Ignoring removed bh option [ 86.692297][ T5891] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.748581][ T5891] EXT4-fs error (device loop0): ext4_lookup:1850: inode #2: comm syz.0.22: bad inode number: 12 [ 86.795332][ T5891] EXT4-fs (loop0): Remounting filesystem read-only [ 87.098666][ T788] cfg80211: failed to load regulatory.db [ 87.301121][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.688682][ T5915] loop0: detected capacity change from 0 to 128 [ 87.708140][ T5915] EXT4-fs: Ignoring removed nobh option [ 87.738472][ T5915] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 87.773108][ T5915] ext4 filesystem being mounted at /5/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 87.823935][ T5915] EXT4-fs warning (device loop0): ext4_group_extend:1868: can't shrink FS - resize aborted [ 87.966863][ T5769] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 88.376112][ T5924] Driver unsupported XDP return value 0 on prog (id 7) dev N/A, expect packet loss! [ 88.796128][ T5932] loop0: detected capacity change from 0 to 128 [ 88.950269][ T28] audit: type=1800 audit(1774814392.464:2): pid=5932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.38" name="file1" dev="loop0" ino=1048594 res=0 errno=0 [ 89.136939][ T5935] netlink: 12 bytes leftover after parsing attributes in process `syz.1.39'. [ 89.155787][ T5935] tipc: Started in network mode [ 89.181633][ T5935] tipc: Node identity 5, cluster identity 3 [ 89.201160][ T5935] tipc: Node number set to 5 [ 89.380240][ T5944] syzkaller0: entered promiscuous mode [ 89.392782][ T5944] syzkaller0: entered allmulticast mode [ 89.822546][ T5951] kernel profiling enabled (shift: 9) [ 90.870052][ T5960] loop1: detected capacity change from 0 to 4096 [ 90.948316][ T5960] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.200510][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.410733][ T5975] loop1: detected capacity change from 0 to 512 [ 91.434751][ T5975] EXT4-fs: Ignoring removed nobh option [ 91.518826][ T5975] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.538280][ T5975] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.575062][ T5978] io-wq is not configured for unbound workers [ 91.672421][ T28] audit: type=1800 audit(1774814395.194:3): pid=5975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.53" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 91.750286][ T5980] capability: warning: `syz.1.53' uses deprecated v2 capabilities in a way that may be insecure [ 92.013436][ T5984] loop7: detected capacity change from 0 to 16384 [ 93.559844][ T6013] loop3: detected capacity change from 0 to 128 [ 93.785497][ T6017] loop0: detected capacity change from 0 to 128 [ 93.821395][ T6017] EXT4-fs: Ignoring removed nobh option [ 93.865389][ T6017] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 93.935243][ T6017] ext4 filesystem being mounted at /21/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 93.995562][ T5769] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 94.378813][ T28] audit: type=1800 audit(1774814397.904:4): pid=5975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.53" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 94.442941][ T6039] loop3: detected capacity change from 0 to 128 [ 94.718278][ T6049] loop3: detected capacity change from 0 to 128 [ 94.753631][ T6049] EXT4-fs: Ignoring removed nobh option [ 94.820273][ T6049] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 94.837133][ T6049] ext4 filesystem being mounted at /19/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 94.957401][ T5771] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 95.046646][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.385803][ T6071] loop3: detected capacity change from 0 to 128 [ 95.607991][ T6080] loop2: detected capacity change from 0 to 128 [ 95.633909][ T6080] EXT4-fs: Ignoring removed nobh option [ 95.688557][ T6080] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 95.754048][ T6085] loop3: detected capacity change from 0 to 4096 [ 95.790848][ T6080] ext4 filesystem being mounted at /22/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 95.839154][ T6085] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.007043][ T5770] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 96.325612][ T6106] loop2: detected capacity change from 0 to 128 [ 96.358216][ T5771] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.455725][ T28] audit: type=1800 audit(1774814399.954:5): pid=6106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.103" name="file1" dev="loop2" ino=1048598 res=0 errno=0 [ 97.335872][ T6129] loop3: detected capacity change from 0 to 4096 [ 97.372826][ T6129] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.498538][ T5771] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.715087][ T6140] loop3: detected capacity change from 0 to 128 [ 97.797442][ T28] audit: type=1800 audit(1774814401.324:6): pid=6140 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.115" name="file1" dev="loop3" ino=1048599 res=0 errno=0 [ 98.222279][ T6156] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.483249][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.191496][ T6191] set_capacity_and_notify: 1 callbacks suppressed [ 99.191511][ T6191] loop0: detected capacity change from 0 to 4096 [ 99.251088][ T6191] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.356309][ T6199] loop3: detected capacity change from 0 to 128 [ 99.364586][ T6199] EXT4-fs: Ignoring removed nobh option [ 99.401835][ T6199] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 99.442068][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.536548][ T6199] ext4 filesystem being mounted at /33/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 99.701038][ T5771] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 101.057627][ T6225] loop2: detected capacity change from 0 to 4096 [ 101.140732][ T6225] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.239563][ T6238] loop3: detected capacity change from 0 to 512 [ 101.247529][ T6238] EXT4-fs: Ignoring removed nobh option [ 101.293668][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.380978][ T6238] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.403188][ T6238] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 101.571510][ T28] audit: type=1800 audit(1774814405.094:7): pid=6238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.153" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 101.835718][ T6253] loop1: detected capacity change from 0 to 128 [ 102.367785][ T6264] loop0: detected capacity change from 0 to 4096 [ 102.451602][ T6264] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.624032][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.971797][ T6283] loop0: detected capacity change from 0 to 128 [ 103.641021][ T6293] loop2: detected capacity change from 0 to 4096 [ 103.695943][ T6293] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.862972][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.187711][ T6303] loop2: detected capacity change from 0 to 128 [ 104.522444][ T5771] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.913677][ T6320] loop3: detected capacity change from 0 to 4096 [ 104.972565][ T6320] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.142538][ T5771] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.376860][ T6330] loop2: detected capacity change from 0 to 128 [ 105.424219][ T28] audit: type=1800 audit(1774814408.954:8): pid=6330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.190" name="file1" dev="loop2" ino=1048600 res=0 errno=0 [ 105.945259][ T6344] loop0: detected capacity change from 0 to 4096 [ 106.008932][ T6344] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.226516][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.333106][ T6356] loop3: detected capacity change from 0 to 128 [ 106.413522][ T28] audit: type=1800 audit(1774814409.944:9): pid=6356 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.202" name="file1" dev="loop3" ino=1048601 res=0 errno=0 [ 107.215941][ T6374] loop3: detected capacity change from 0 to 4096 [ 107.269953][ T6374] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.321036][ T5771] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.495547][ T6380] loop0: detected capacity change from 0 to 128 [ 107.594201][ T28] audit: type=1800 audit(1774814411.124:10): pid=6380 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.211" name="file1" dev="loop0" ino=1048602 res=0 errno=0 [ 111.438280][ T6496] loop3: detected capacity change from 0 to 4096 [ 111.488559][ T6496] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.774355][ T5771] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.618736][ T6527] loop1: detected capacity change from 0 to 4096 [ 112.702081][ T6527] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.908301][ T6538] Zero length message leads to an empty skb [ 112.916449][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.560068][ T6565] loop1: detected capacity change from 0 to 4096 [ 113.594688][ T6565] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.779279][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.634841][ T6589] loop3: detected capacity change from 0 to 4096 [ 114.710467][ T6589] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.934822][ T5771] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.941513][ T6761] netlink: 12 bytes leftover after parsing attributes in process `syz.1.370'. [ 120.578631][ T6784] netlink: 12 bytes leftover after parsing attributes in process `syz.0.382'. [ 121.259640][ T6808] 9pnet_virtio: no channels available for device .. [ 121.322214][ T6811] netlink: 12 bytes leftover after parsing attributes in process `syz.2.392'. [ 133.168037][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.569861][ T7305] netlink: 28 bytes leftover after parsing attributes in process `syz.0.573'. [ 134.720361][ T7309] loop3: detected capacity change from 0 to 1024 [ 134.744548][ T7309] EXT4-fs: Ignoring removed bh option [ 134.852466][ T7309] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 135.010782][ T7309] EXT4-fs error (device loop3): ext4_lookup:1850: inode #2: comm syz.3.575: bad inode number: 12 [ 135.044136][ T7309] EXT4-fs (loop3): Remounting filesystem read-only [ 135.126173][ T5771] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.788005][ T7339] netlink: 336 bytes leftover after parsing attributes in process `syz.1.585'. [ 135.822882][ T7339] netlink: 156 bytes leftover after parsing attributes in process `syz.1.585'. [ 136.483337][ T7359] netlink: 8 bytes leftover after parsing attributes in process `syz.2.593'. [ 136.504591][ T7359] netlink: 8 bytes leftover after parsing attributes in process `syz.2.593'. [ 137.325575][ T7386] netlink: 8 bytes leftover after parsing attributes in process `syz.3.604'. [ 137.338101][ T7386] netlink: 8 bytes leftover after parsing attributes in process `syz.3.604'. [ 138.214724][ T7417] netlink: 8 bytes leftover after parsing attributes in process `syz.0.617'. [ 138.246343][ T7417] netlink: 8 bytes leftover after parsing attributes in process `syz.0.617'. [ 139.459463][ T7439] netlink: 8 bytes leftover after parsing attributes in process `syz.1.626'. [ 140.960358][ T7461] loop1: detected capacity change from 0 to 8192 [ 143.584258][ T7516] __nla_validate_parse: 1 callbacks suppressed [ 143.584274][ T7516] netlink: 8 bytes leftover after parsing attributes in process `syz.2.656'. [ 143.633691][ T7516] netlink: 8 bytes leftover after parsing attributes in process `syz.2.656'. [ 144.712041][ T7540] netlink: 8 bytes leftover after parsing attributes in process `syz.3.666'. [ 144.730225][ T7540] netlink: 8 bytes leftover after parsing attributes in process `syz.3.666'. [ 145.332320][ T7558] netlink: 8 bytes leftover after parsing attributes in process `syz.1.676'. [ 145.349204][ T7558] netlink: 8 bytes leftover after parsing attributes in process `syz.1.676'. [ 145.481608][ T7564] loop0: detected capacity change from 0 to 1024 [ 145.524987][ T7564] EXT4-fs: Ignoring removed bh option [ 145.683128][ T7564] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 145.773410][ T7564] EXT4-fs error (device loop0): ext4_lookup:1850: inode #2: comm syz.0.685: bad inode number: 12 [ 145.805097][ T7564] EXT4-fs (loop0): Remounting filesystem read-only [ 145.911631][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.039763][ T7585] loop0: detected capacity change from 0 to 512 [ 146.053680][ T7585] EXT4-fs: Ignoring removed orlov option [ 146.090182][ T7585] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 146.118271][ T7585] ext4 filesystem being mounted at /191/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 146.220701][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.633861][ T7603] loop0: detected capacity change from 0 to 1024 [ 146.646381][ T7603] EXT4-fs: Ignoring removed bh option [ 146.719648][ T7603] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 146.792435][ T7603] EXT4-fs error (device loop0): ext4_lookup:1850: inode #2: comm syz.0.694: bad inode number: 12 [ 146.816472][ T7603] EXT4-fs (loop0): Remounting filesystem read-only [ 146.871426][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.397902][ T7628] loop2: detected capacity change from 0 to 1024 [ 147.427361][ T7628] EXT4-fs: Ignoring removed bh option [ 147.477924][ T7628] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 147.554554][ T7628] EXT4-fs error (device loop2): ext4_lookup:1850: inode #2: comm syz.2.705: bad inode number: 12 [ 147.617563][ T7628] EXT4-fs (loop2): Remounting filesystem read-only [ 147.682373][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.341926][ T7664] loop0: detected capacity change from 0 to 1024 [ 148.365505][ T7664] EXT4-fs: Ignoring removed bh option [ 148.425761][ T7664] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 148.549213][ T7664] EXT4-fs error (device loop0): ext4_lookup:1850: inode #2: comm syz.0.719: bad inode number: 12 [ 148.612798][ T7664] EXT4-fs (loop0): Remounting filesystem read-only [ 148.749784][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.532269][ T7705] loop3: detected capacity change from 0 to 1024 [ 149.558635][ T7705] EXT4-fs: Ignoring removed bh option [ 149.632095][ T7705] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 149.730867][ T7705] EXT4-fs error (device loop3): ext4_lookup:1850: inode #2: comm syz.3.736: bad inode number: 12 [ 149.810936][ T7705] EXT4-fs (loop3): Remounting filesystem read-only [ 149.974306][ T5771] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.900599][ T7873] loop2: detected capacity change from 0 to 256 [ 155.688942][ T7898] loop1: detected capacity change from 0 to 256 [ 157.495940][ T7955] loop1: detected capacity change from 0 to 256 [ 158.025699][ T7968] loop0: detected capacity change from 0 to 1024 [ 158.043217][ T7968] EXT4-fs: Ignoring removed bh option [ 158.083883][ T7968] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 158.153231][ T7968] EXT4-fs error (device loop0): ext4_lookup:1850: inode #2: comm syz.0.851: bad inode number: 12 [ 158.176906][ T7968] EXT4-fs (loop0): Remounting filesystem read-only [ 158.240433][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.359612][ T7950] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.368219][ T7950] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.555201][ T7978] loop0: detected capacity change from 0 to 256 [ 159.074706][ T7992] loop0: detected capacity change from 0 to 1024 [ 159.090415][ T7992] EXT4-fs: Ignoring removed bh option [ 159.153871][ T7992] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.218026][ T7992] EXT4-fs error (device loop0): ext4_lookup:1850: inode #2: comm syz.0.862: bad inode number: 12 [ 159.242942][ T7992] EXT4-fs (loop0): Remounting filesystem read-only [ 159.254609][ T7950] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 159.331719][ T7950] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 159.356529][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.660947][ T8007] loop0: detected capacity change from 0 to 256 [ 159.916370][ T7950] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.931379][ T7950] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.942587][ T7950] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.954389][ T7950] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.746700][ T8025] loop3: detected capacity change from 0 to 256 [ 164.234767][ T8134] pimreg3: entered allmulticast mode [ 164.731977][ T8152] loop1: detected capacity change from 0 to 256 [ 165.154606][ T8161] capability: warning: `syz.2.931' uses 32-bit capabilities (legacy support in use) [ 165.695130][ T8179] loop1: detected capacity change from 0 to 256 [ 166.671034][ T8205] loop0: detected capacity change from 0 to 256 [ 167.395083][ T8228] syzkaller0: entered promiscuous mode [ 167.404167][ T8228] syzkaller0: entered allmulticast mode [ 167.564939][ T8234] loop2: detected capacity change from 0 to 256 [ 167.998840][ T8252] process 'syz.3.972' launched './file1' with NULL argv: empty string added [ 168.159344][ T8256] loop0: detected capacity change from 0 to 256 [ 168.709338][ T8275] autofs4:pid:8275:autofs_fill_super: called with bogus options [ 169.201384][ T8287] loop3: detected capacity change from 0 to 256 [ 170.025878][ T8319] loop2: detected capacity change from 0 to 256 [ 170.426290][ T28] audit: type=1326 audit(1774814473.954:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8330 comm="syz.2.1008" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f333839c819 code=0x0 [ 170.470057][ T8332] loop2: detected capacity change from 0 to 128 [ 170.509580][ T8332] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 170.707040][ T8338] loop1: detected capacity change from 0 to 256 [ 171.004098][ T28] audit: type=1326 audit(1774814474.534:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe01c99c819 code=0x7ffc0000 [ 171.049134][ T28] audit: type=1326 audit(1774814474.534:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe01c99c819 code=0x7ffc0000 [ 171.081819][ T28] audit: type=1326 audit(1774814474.554:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe01c99c819 code=0x7ffc0000 [ 171.138141][ T28] audit: type=1326 audit(1774814474.554:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fe01c99c819 code=0x7ffc0000 [ 171.171200][ T28] audit: type=1326 audit(1774814474.554:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe01c99c819 code=0x7ffc0000 [ 171.217371][ T28] audit: type=1326 audit(1774814474.554:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe01c99c819 code=0x7ffc0000 [ 171.245177][ T28] audit: type=1326 audit(1774814474.554:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe01c99c819 code=0x7ffc0000 [ 171.297487][ T12] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 171.349466][ T28] audit: type=1326 audit(1774814474.554:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe01c99c819 code=0x7ffc0000 [ 171.401014][ T28] audit: type=1326 audit(1774814474.554:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe01c99c819 code=0x7ffc0000 [ 171.487884][ T8364] loop2: detected capacity change from 0 to 256 [ 172.048022][ T8382] loop0: detected capacity change from 0 to 256 [ 172.462193][ T8395] ieee802154 phy1 wpan1: encryption failed: -22 [ 172.768061][ T8405] loop3: detected capacity change from 0 to 256 [ 172.781362][ T8403] loop0: detected capacity change from 0 to 2048 [ 172.836474][ T8403] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 172.896459][ T8403] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 172.919670][ T8403] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 34 with error 28 [ 172.934601][ T8403] EXT4-fs (loop0): This should not happen!! Data will be lost [ 172.934601][ T8403] [ 172.947189][ T8403] EXT4-fs (loop0): Total free blocks count 0 [ 172.969616][ T8403] EXT4-fs (loop0): Free/Dirty block details [ 172.985819][ T8403] EXT4-fs (loop0): free_blocks=66060288 [ 173.000511][ T8403] EXT4-fs (loop0): dirty_blocks=48 [ 173.020713][ T8403] EXT4-fs (loop0): Block reservation details [ 173.045179][ T8403] EXT4-fs (loop0): i_reserved_data_blocks=3 [ 173.590438][ T11] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 28 [ 173.793813][ T8431] loop1: detected capacity change from 0 to 256 [ 174.077013][ T968] IPVS: starting estimator thread 0... [ 174.218767][ T8438] IPVS: using max 20 ests per chain, 48000 per kthread [ 174.547806][ T8455] loop1: detected capacity change from 0 to 256 [ 174.732090][ T8459] lo speed is unknown, defaulting to 1000 [ 176.001999][ T8502] smc: net device ip_vti0 applied user defined pnetid SYZ0 [ 176.128721][ T8504] syz.1.1081 uses obsolete (PF_INET,SOCK_PACKET) [ 176.530818][ T8519] loop2: detected capacity change from 0 to 736 [ 176.662206][ T8519] rock: directory entry would overflow storage [ 176.671461][ T8519] rock: sig=0x3b10, size=4, remaining=3 [ 177.703116][ T8545] loop0: detected capacity change from 0 to 8192 [ 178.242926][ T8562] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1107'. [ 178.893275][ T8582] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1116'. [ 179.550383][ T8607] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1127'. [ 179.857315][ T8619] loop2: detected capacity change from 0 to 256 [ 180.087472][ T8626] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1136'. [ 180.861284][ T8651] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1145'. [ 181.474537][ T8680] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1156'. [ 182.923294][ T8742] syzkaller0: entered promiscuous mode [ 182.929213][ T8742] syzkaller0: entered allmulticast mode [ 183.994862][ T8759] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1185'. [ 184.015711][ T8761] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 184.209099][ T8767] syzkaller0: entered promiscuous mode [ 184.227102][ T8767] syzkaller0: entered allmulticast mode [ 184.364360][ T8772] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1190'. [ 184.396909][ T8772] 8021q: adding VLAN 0 to HW filter on device bond1 [ 184.439408][ T8772] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1190'. [ 184.463136][ T8772] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1190'. [ 184.532061][ T8772] 8021q: adding VLAN 0 to HW filter on device bond0 [ 184.550949][ T8772] bond1: (slave bond0): making interface the new active one [ 184.568027][ T8772] bond1: (slave bond0): Enslaving as an active interface with an up link [ 184.578069][ T8777] netlink: 'syz.2.1190': attribute type 4 has an invalid length. [ 184.597636][ T8777] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1190'. [ 184.618214][ T8777] .`: renamed from bond0 (while UP) [ 184.652312][ T8772] syz.2.1190 (8772) used greatest stack depth: 19912 bytes left [ 184.733627][ T8711] bond1: (slave .`): link status definitely down, disabling slave [ 184.769908][ T8711] bond1: now running without any active interface! [ 184.917787][ T8789] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1196'. [ 185.062304][ T8793] syzkaller0: entered promiscuous mode [ 185.083078][ T8793] syzkaller0: entered allmulticast mode [ 185.239214][ T8801] hsr0: entered promiscuous mode [ 186.026902][ T8827] syzkaller0: entered promiscuous mode [ 186.035013][ T8827] syzkaller0: entered allmulticast mode [ 186.340951][ T8830] delete_channel: no stack [ 188.039646][ T8873] loop2: detected capacity change from 0 to 736 [ 188.100950][ T8873] rock: directory entry would overflow storage [ 188.111380][ T8873] rock: sig=0x3b10, size=4, remaining=3 [ 188.246010][ T8878] syzkaller0: entered promiscuous mode [ 188.254724][ T8878] syzkaller0: entered allmulticast mode [ 189.105982][ T8902] syzkaller0: entered promiscuous mode [ 189.120420][ T8902] syzkaller0: entered allmulticast mode [ 189.390781][ T8913] lo speed is unknown, defaulting to 1000 [ 189.811276][ T28] kauditd_printk_skb: 28 callbacks suppressed [ 189.811290][ T28] audit: type=1326 audit(2000000000.720:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8930 comm="syz.0.1258" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcf5919c819 code=0x0 [ 189.944765][ T8934] syzkaller0: entered promiscuous mode [ 189.954424][ T8934] syzkaller0: entered allmulticast mode [ 191.341705][ T28] audit: type=1326 audit(2000000002.250:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8978 comm="syz.1.1277" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe01c99c819 code=0x0 [ 192.420492][ T9014] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 192.800005][ T9026] loop0: detected capacity change from 0 to 128 [ 192.813130][ T9026] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 192.871888][ T77] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 193.394573][ T9045] loop2: detected capacity change from 0 to 128 [ 193.434995][ T9045] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 193.517358][ T9045] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 193.539188][ T9045] FAT-fs (loop2): Filesystem has been set read-only [ 193.679381][ T9051] loop2: detected capacity change from 0 to 512 [ 193.695871][ T9051] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 193.742308][ T9051] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.1309: bg 0: block 424: padding at end of block bitmap is not set [ 193.766216][ T9051] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6655: Corrupt filesystem [ 193.825408][ T9051] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #16: comm syz.2.1309: invalid indirect mapped block 4294967295 (level 0) [ 193.932056][ T9051] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #16: comm syz.2.1309: invalid indirect mapped block 4294967295 (level 1) [ 194.012249][ T9051] EXT4-fs (loop2): 1 orphan inode deleted [ 194.018489][ T9051] EXT4-fs (loop2): 1 truncate cleaned up [ 194.025793][ T9051] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 194.122323][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.473917][ T9079] loop3: detected capacity change from 0 to 128 [ 194.499273][ T9079] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 194.544289][ T9079] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 194.569160][ T9079] FAT-fs (loop3): Filesystem has been set read-only [ 194.613105][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.297762][ T9104] loop3: detected capacity change from 0 to 736 [ 195.392031][ T9104] rock: directory entry would overflow storage [ 195.407344][ T9104] rock: sig=0x3b10, size=4, remaining=3 [ 195.478093][ T9112] loop0: detected capacity change from 0 to 512 [ 195.493502][ T9112] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 195.552172][ T9112] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 195.571697][ T9112] EXT4-fs (loop0): 1 truncate cleaned up [ 195.581243][ T9112] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 195.660409][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 196.111337][ T9133] loop0: detected capacity change from 0 to 736 [ 196.148872][ T9133] rock: directory entry would overflow storage [ 196.156917][ T9133] rock: sig=0x3b10, size=4, remaining=3 [ 196.800877][ T9154] loop2: detected capacity change from 0 to 736 [ 196.949090][ T9154] rock: directory entry would overflow storage [ 196.963179][ T9154] rock: sig=0x3b10, size=4, remaining=3 [ 197.068249][ T9163] loop2: detected capacity change from 0 to 128 [ 197.098074][ T9163] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 197.238507][ T2974] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 197.640296][ T9180] lo speed is unknown, defaulting to 1000 [ 197.665896][ T5811] IPVS: starting estimator thread 0... [ 197.763225][ T9184] IPVS: using max 21 ests per chain, 50400 per kthread [ 198.510491][ T9204] mmap: syz.3.1374 (9204) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 198.571306][ T9211] loop1: detected capacity change from 0 to 128 [ 198.637501][ T5763] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 199.026914][ T9225] netlink: 'syz.2.1382': attribute type 1 has an invalid length. [ 199.036806][ T9225] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1382'. [ 199.194012][ T9232] loop2: detected capacity change from 0 to 2048 [ 199.244643][ T9232] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 199.344458][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.147034][ T9302] sctp: [Deprecated]: syz.2.1412 (pid 9302) Use of struct sctp_assoc_value in delayed_ack socket option. [ 201.147034][ T9302] Use struct sctp_sack_info instead [ 201.806558][ T5781] Bluetooth: hci3: command 0x0406 tx timeout [ 201.812727][ T5781] Bluetooth: hci1: command 0x0406 tx timeout [ 201.812786][ T5782] Bluetooth: hci2: command 0x0406 tx timeout [ 201.818809][ T5781] Bluetooth: hci0: command 0x0406 tx timeout [ 202.816905][ T9353] program syz.2.1434 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 203.265900][ T9371] netlink: 136 bytes leftover after parsing attributes in process `syz.3.1443'. [ 203.714416][ T9392] loop1: detected capacity change from 0 to 256 [ 203.725458][ T9392] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 204.484442][ T9421] loop1: detected capacity change from 0 to 128 [ 204.546403][ T9421] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 204.571784][ T9421] ext4 filesystem being mounted at /319/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 204.709081][ T9421] EXT4-fs error (device loop1): dx_make_map:1328: inode #2: block 18: comm syz.1.1463: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 204.732480][ T9431] loop0: detected capacity change from 0 to 512 [ 204.748926][ T9431] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 204.779907][ T9421] EXT4-fs (loop1): Remounting filesystem read-only [ 204.796763][ T9431] [ 204.799142][ T9431] ====================================================== [ 204.806189][ T9431] WARNING: possible circular locking dependency detected [ 204.813334][ T9431] syzkaller #0 Not tainted [ 204.817763][ T9431] ------------------------------------------------------ [ 204.824875][ T9431] syz.0.1468/9431 is trying to acquire lock: [ 204.830950][ T9431] ffff88802f7fabd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x1a4/0x350 [ 204.841623][ T9431] [ 204.841623][ T9431] but task is already holding lock: [ 204.849005][ T9431] ffff888076b664c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0 [ 204.859487][ T9431] [ 204.859487][ T9431] which lock already depends on the new lock. [ 204.859487][ T9431] [ 204.870006][ T9431] [ 204.870006][ T9431] the existing dependency chain (in reverse order) is: [ 204.879043][ T9431] [ 204.879043][ T9431] -> #1 (&ei->xattr_sem){++++}-{3:3}: [ 204.886894][ T9431] down_write+0x97/0x200 [ 204.891683][ T9431] ext4_destroy_inline_data+0x28/0xe0 [ 204.897598][ T9431] ext4_do_writepages+0x4f0/0x3990 [ 204.903385][ T9431] ext4_writepages+0x1dd/0x350 [ 204.908700][ T9431] do_writepages+0x3b3/0x630 [ 204.913847][ T9431] filemap_fdatawrite_wbc+0x122/0x180 [ 204.919775][ T9431] file_write_and_wait_range+0x197/0x280 [ 204.925973][ T9431] generic_buffers_fsync_noflush+0x6f/0x160 [ 204.932420][ T9431] ext4_sync_file+0x454/0xc00 [ 204.937642][ T9431] ext4_buffered_write_iter+0x2c0/0x350 [ 204.943909][ T9431] ext4_file_write_iter+0x1d9/0x1880 [ 204.949731][ T9431] vfs_write+0x46c/0x990 [ 204.954609][ T9431] __x64_sys_pwrite64+0x19b/0x230 [ 204.960170][ T9431] do_syscall_64+0x55/0xa0 [ 204.965134][ T9431] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 204.971589][ T9431] [ 204.971589][ T9431] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 204.980029][ T9431] __lock_acquire+0x2df1/0x7d40 [ 204.985411][ T9431] lock_acquire+0x19e/0x420 [ 204.990460][ T9431] percpu_down_read+0x44/0x1a0 [ 204.995761][ T9431] ext4_writepages+0x1a4/0x350 [ 205.001061][ T9431] do_writepages+0x3b3/0x630 [ 205.006191][ T9431] __writeback_single_inode+0x153/0xec0 [ 205.012337][ T9431] writeback_single_inode+0x21f/0x760 [ 205.018332][ T9431] write_inode_now+0x183/0x210 [ 205.023727][ T9431] iput+0x5ae/0x920 [ 205.028062][ T9431] ext4_xattr_block_set+0x249e/0x32b0 [ 205.033972][ T9431] ext4_expand_extra_isize_ea+0x12c5/0x1e80 [ 205.040406][ T9431] __ext4_expand_extra_isize+0x306/0x400 [ 205.046582][ T9431] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 205.052845][ T9431] ext4_evict_inode+0x7f3/0xea0 [ 205.058238][ T9431] evict+0x4ca/0x8d0 [ 205.062821][ T9431] ext4_orphan_cleanup+0xbec/0x1420 [ 205.068708][ T9431] ext4_fill_super+0x5ed0/0x6790 [ 205.074165][ T9431] get_tree_bdev+0x3f3/0x520 [ 205.079288][ T9431] vfs_get_tree+0x8c/0x280 [ 205.084297][ T9431] do_new_mount+0x24b/0xa40 [ 205.089305][ T9431] __se_sys_mount+0x2e7/0x3d0 [ 205.094493][ T9431] do_syscall_64+0x55/0xa0 [ 205.099418][ T9431] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 205.105824][ T9431] [ 205.105824][ T9431] other info that might help us debug this: [ 205.105824][ T9431] [ 205.116132][ T9431] Possible unsafe locking scenario: [ 205.116132][ T9431] [ 205.123748][ T9431] CPU0 CPU1 [ 205.129105][ T9431] ---- ---- [ 205.134540][ T9431] lock(&ei->xattr_sem); [ 205.138950][ T9431] lock(&sbi->s_writepages_rwsem); [ 205.146659][ T9431] lock(&ei->xattr_sem); [ 205.153503][ T9431] rlock(&sbi->s_writepages_rwsem); [ 205.158848][ T9431] [ 205.158848][ T9431] *** DEADLOCK *** [ 205.158848][ T9431] [ 205.166990][ T9431] 3 locks held by syz.0.1468/9431: [ 205.172351][ T9431] #0: ffff888020f380e0 (&type->s_umount_key#32){++++}-{3:3}, at: get_tree_bdev+0x353/0x520 [ 205.182629][ T9431] #1: ffff888020f38608 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2bf/0xea0 [ 205.192027][ T9431] #2: ffff888076b664c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0 [ 205.202278][ T9431] [ 205.202278][ T9431] stack backtrace: [ 205.208254][ T9431] CPU: 1 PID: 9431 Comm: syz.0.1468 Not tainted syzkaller #0 [ 205.215682][ T9431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 205.225739][ T9431] Call Trace: [ 205.229015][ T9431] [ 205.231934][ T9431] dump_stack_lvl+0x18c/0x250 [ 205.236658][ T9431] ? load_image+0x400/0x400 [ 205.241171][ T9431] ? show_regs_print_info+0x20/0x20 [ 205.246370][ T9431] ? print_circular_bug+0x12b/0x1a0 [ 205.251580][ T9431] check_noncircular+0x2fc/0x400 [ 205.256515][ T9431] ? look_up_lock_class+0x75/0x140 [ 205.261629][ T9431] ? print_deadlock_bug+0x5d0/0x5d0 [ 205.266832][ T9431] ? lockdep_lock+0xf5/0x230 [ 205.271434][ T9431] ? mark_lock+0x94/0x320 [ 205.275757][ T9431] ? _find_first_zero_bit+0xd3/0x100 [ 205.281030][ T9431] __lock_acquire+0x2df1/0x7d40 [ 205.285876][ T9431] ? mark_lock+0x94/0x320 [ 205.290189][ T9431] ? verify_lock_unused+0x140/0x140 [ 205.295374][ T9431] ? __lock_acquire+0x1347/0x7d40 [ 205.300566][ T9431] ? kernel_text_address+0xa0/0xd0 [ 205.305682][ T9431] ? __kernel_text_address+0xd/0x30 [ 205.310972][ T9431] lock_acquire+0x19e/0x420 [ 205.315478][ T9431] ? ext4_writepages+0x1a4/0x350 [ 205.320412][ T9431] ? __might_sleep+0xe0/0xe0 [ 205.325006][ T9431] ? read_lock_is_recursive+0x20/0x20 [ 205.330368][ T9431] ? mark_lock+0x94/0x320 [ 205.334690][ T9431] ? __lock_acquire+0x1347/0x7d40 [ 205.339714][ T9431] percpu_down_read+0x44/0x1a0 [ 205.344578][ T9431] ? ext4_writepages+0x1a4/0x350 [ 205.349521][ T9431] ext4_writepages+0x1a4/0x350 [ 205.354414][ T9431] ? ext4_read_folio+0x2f0/0x2f0 [ 205.359569][ T9431] ? __rwlock_init+0x150/0x150 [ 205.364333][ T9431] ? do_raw_spin_unlock+0x121/0x230 [ 205.369817][ T9431] ? ext4_read_folio+0x2f0/0x2f0 [ 205.374793][ T9431] do_writepages+0x3b3/0x630 [ 205.379491][ T9431] ? folio_clear_dirty_for_io+0xc30/0xc30 [ 205.385352][ T9431] ? writeback_single_inode+0x214/0x760 [ 205.390907][ T9431] ? __lock_acquire+0x7d40/0x7d40 [ 205.396026][ T9431] ? do_raw_spin_lock+0x11f/0x2c0 [ 205.401687][ T9431] __writeback_single_inode+0x153/0xec0 [ 205.407260][ T9431] writeback_single_inode+0x21f/0x760 [ 205.413306][ T9431] ? write_inode_now+0x210/0x210 [ 205.418609][ T9431] ? ext4_xattr_inode_update_ref+0x468/0x590 [ 205.424774][ T9431] write_inode_now+0x183/0x210 [ 205.429555][ T9431] ? bdi_split_work_to_wbs+0x910/0x910 [ 205.435031][ T9431] ? do_raw_spin_unlock+0x121/0x230 [ 205.440247][ T9431] iput+0x5ae/0x920 [ 205.444061][ T9431] ext4_xattr_block_set+0x249e/0x32b0 [ 205.449455][ T9431] ? ext4_xattr_block_find+0x350/0x350 [ 205.454929][ T9431] ? xattr_find_entry+0x2a6/0x2f0 [ 205.460138][ T9431] ? ext4_xattr_block_find+0xea/0x350 [ 205.465635][ T9431] ext4_expand_extra_isize_ea+0x12c5/0x1e80 [ 205.472079][ T9431] __ext4_expand_extra_isize+0x306/0x400 [ 205.477728][ T9431] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 205.483288][ T9431] ext4_evict_inode+0x7f3/0xea0 [ 205.488593][ T9431] ? _raw_spin_unlock+0x28/0x40 [ 205.493550][ T9431] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 205.499474][ T9431] ? do_raw_spin_unlock+0x121/0x230 [ 205.504716][ T9431] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 205.510652][ T9431] evict+0x4ca/0x8d0 [ 205.514543][ T9431] ? proc_nr_inodes+0x230/0x230 [ 205.519388][ T9431] ? do_raw_spin_unlock+0x121/0x230 [ 205.524585][ T9431] ? _raw_spin_unlock+0x28/0x40 [ 205.529443][ T9431] ? iput+0x706/0x920 [ 205.533434][ T9431] ext4_orphan_cleanup+0xbec/0x1420 [ 205.538629][ T9431] ? ext4_orphan_del+0xbf0/0xbf0 [ 205.543555][ T9431] ? ext4_register_li_request+0x183/0x940 [ 205.549371][ T9431] ? errseq_check_and_advance+0x66/0x120 [ 205.555006][ T9431] ext4_fill_super+0x5ed0/0x6790 [ 205.559943][ T9431] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 205.566267][ T9431] ? __might_sleep+0xe0/0xe0 [ 205.570846][ T9431] ? read_lock_is_recursive+0x20/0x20 [ 205.576211][ T9431] ? snprintf+0xe9/0x140 [ 205.580449][ T9431] ? down_read_killable+0x340/0x340 [ 205.585637][ T9431] ? setup_bdev_super+0x56b/0x660 [ 205.590688][ T9431] get_tree_bdev+0x3f3/0x520 [ 205.595268][ T9431] ? vfs_parse_fs_string+0x170/0x170 [ 205.600629][ T9431] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 205.606862][ T9431] ? setup_bdev_super+0x660/0x660 [ 205.611877][ T9431] ? apparmor_capable+0x137/0x1a0 [ 205.616899][ T9431] ? bpf_lsm_capable+0x9/0x10 [ 205.621576][ T9431] ? security_capable+0x89/0xb0 [ 205.626429][ T9431] vfs_get_tree+0x8c/0x280 [ 205.630842][ T9431] do_new_mount+0x24b/0xa40 [ 205.635335][ T9431] __se_sys_mount+0x2e7/0x3d0 [ 205.640004][ T9431] ? __x64_sys_mount+0xc0/0xc0 [ 205.644761][ T9431] ? lockdep_hardirqs_on+0x98/0x150 [ 205.649948][ T9431] ? __x64_sys_mount+0x20/0xc0 [ 205.654711][ T9431] do_syscall_64+0x55/0xa0 [ 205.659189][ T9431] ? clear_bhb_loop+0x40/0x90 [ 205.663860][ T9431] ? clear_bhb_loop+0x40/0x90 [ 205.668527][ T9431] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 205.674420][ T9431] RIP: 0033:0x7fcf5919da8a [ 205.678855][ T9431] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 205.698480][ T9431] RSP: 002b:00007fcf59fb7e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 205.706889][ T9431] RAX: ffffffffffffffda RBX: 00007fcf59fb7ee0 RCX: 00007fcf5919da8a [ 205.714877][ T9431] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 00007fcf59fb7ea0 [ 205.722842][ T9431] RBP: 0000200000000180 R08: 00007fcf59fb7ee0 R09: 0000000000000000 [ 205.730805][ T9431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000000 [ 205.738769][ T9431] R13: 00007fcf59fb7ea0 R14: 000000000000047a R15: 00002000000001c0 [ 205.746742][ T9431] [ 205.763698][ T5768] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 205.771017][ T9431] ------------[ cut here ]------------ [ 205.778251][ T9431] EA inode 11 i_nlink=0 [ 205.778878][ T9431] WARNING: CPU: 1 PID: 9431 at fs/ext4/xattr.c:1059 ext4_xattr_inode_update_ref+0x53c/0x590 [ 205.793792][ T9431] Modules linked in: [ 205.797714][ T9431] CPU: 1 PID: 9431 Comm: syz.0.1468 Not tainted syzkaller #0 [ 205.805535][ T9431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 205.815958][ T9431] RIP: 0010:ext4_xattr_inode_update_ref+0x53c/0x590 [ 205.822721][ T9431] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 85 d5 98 ff 49 8b 37 48 c7 c7 a0 d6 de 8a 89 da e8 94 51 0a ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 ab fe ff ff e8 6e 7d 3f 08 [ 205.842781][ T9431] RSP: 0018:ffffc900032571a0 EFLAGS: 00010246 [ 205.848875][ T9431] RAX: b4469c68c72f6b00 RBX: 0000000000000000 RCX: 0000000000080000 [ 205.857375][ T9431] RDX: ffffc9000c829000 RSI: 000000000007ffff RDI: 0000000000080000 [ 205.865504][ T9431] RBP: ffffc90003257298 R08: ffff8880b8f28c13 R09: 1ffff110171e5182 [ 205.873627][ T9431] R10: dffffc0000000000 R11: ffffed10171e5183 R12: dffffc0000000000 [ 205.881613][ T9431] R13: ffff8880769cdea8 R14: ffff8880769cdcb0 R15: ffff8880769cdd00 [ 205.889665][ T9431] FS: 00007fcf59fb86c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 205.898673][ T9431] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.905330][ T9431] CR2: 00007fe01c9e9f00 CR3: 000000002d6ad000 CR4: 00000000003506e0 [ 205.913364][ T9431] Call Trace: [ 205.916659][ T9431] [ 205.919582][ T9431] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 205.925354][ T9431] ? ext4_xattr_inode_iget+0x3df/0x600 [ 205.931033][ T9431] ext4_xattr_set_entry+0xcda/0x1e90 [ 205.936440][ T9431] ext4_xattr_ibody_set+0x254/0x6a0 [ 205.941698][ T9431] ext4_expand_extra_isize_ea+0x1398/0x1e80 [ 205.947659][ T9431] __ext4_expand_extra_isize+0x306/0x400 [ 205.953346][ T9431] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 205.958803][ T9431] ext4_evict_inode+0x7f3/0xea0 [ 205.963776][ T9431] ? _raw_spin_unlock+0x28/0x40 [ 205.968644][ T9431] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 205.974580][ T9431] ? do_raw_spin_unlock+0x121/0x230 [ 205.979790][ T9431] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 205.985723][ T9431] evict+0x4ca/0x8d0 [ 205.989650][ T9431] ? proc_nr_inodes+0x230/0x230 [ 205.994588][ T9431] ? do_raw_spin_unlock+0x121/0x230 [ 205.999814][ T9431] ? _raw_spin_unlock+0x28/0x40 [ 206.004748][ T9431] ? iput+0x706/0x920 [ 206.008750][ T9431] ext4_orphan_cleanup+0xbec/0x1420 [ 206.013996][ T9431] ? ext4_orphan_del+0xbf0/0xbf0 [ 206.018938][ T9431] ? ext4_register_li_request+0x183/0x940 [ 206.024721][ T9431] ? errseq_check_and_advance+0x66/0x120 [ 206.030754][ T9431] ext4_fill_super+0x5ed0/0x6790 [ 206.035951][ T9431] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 206.042212][ T9431] ? __might_sleep+0xe0/0xe0 [ 206.046856][ T9431] ? read_lock_is_recursive+0x20/0x20 [ 206.052236][ T9431] ? snprintf+0xe9/0x140 [ 206.056527][ T9431] ? down_read_killable+0x340/0x340 [ 206.061748][ T9431] ? setup_bdev_super+0x56b/0x660 [ 206.066826][ T9431] get_tree_bdev+0x3f3/0x520 [ 206.071436][ T9431] ? vfs_parse_fs_string+0x170/0x170 [ 206.076794][ T9431] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 206.083072][ T9431] ? setup_bdev_super+0x660/0x660 [ 206.088101][ T9431] ? apparmor_capable+0x137/0x1a0 [ 206.093182][ T9431] ? bpf_lsm_capable+0x9/0x10 [ 206.097873][ T9431] ? security_capable+0x89/0xb0 [ 206.102793][ T9431] vfs_get_tree+0x8c/0x280 [ 206.107332][ T9431] do_new_mount+0x24b/0xa40 [ 206.112105][ T9431] __se_sys_mount+0x2e7/0x3d0 [ 206.116891][ T9431] ? __x64_sys_mount+0xc0/0xc0 [ 206.121673][ T9431] ? lockdep_hardirqs_on+0x98/0x150 [ 206.126953][ T9431] ? __x64_sys_mount+0x20/0xc0 [ 206.132089][ T9431] do_syscall_64+0x55/0xa0 [ 206.136636][ T9431] ? clear_bhb_loop+0x40/0x90 [ 206.141352][ T9431] ? clear_bhb_loop+0x40/0x90 [ 206.146122][ T9431] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 206.152022][ T9431] RIP: 0033:0x7fcf5919da8a [ 206.156567][ T9431] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 206.176216][ T9431] RSP: 002b:00007fcf59fb7e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 206.184676][ T9431] RAX: ffffffffffffffda RBX: 00007fcf59fb7ee0 RCX: 00007fcf5919da8a [ 206.192704][ T9431] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 00007fcf59fb7ea0 [ 206.200688][ T9431] RBP: 0000200000000180 R08: 00007fcf59fb7ee0 R09: 0000000000000000 [ 206.208701][ T9431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000000 [ 206.216714][ T9431] R13: 00007fcf59fb7ea0 R14: 000000000000047a R15: 00002000000001c0 [ 206.225072][ T9431] [ 206.228117][ T9431] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 206.235406][ T9431] CPU: 1 PID: 9431 Comm: syz.0.1468 Not tainted syzkaller #0 [ 206.242762][ T9431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 206.252807][ T9431] Call Trace: [ 206.256076][ T9431] [ 206.258994][ T9431] dump_stack_lvl+0x18c/0x250 [ 206.263665][ T9431] ? show_regs_print_info+0x20/0x20 [ 206.268853][ T9431] ? load_image+0x400/0x400 [ 206.273344][ T9431] panic+0x2dc/0x730 [ 206.277227][ T9431] ? bpf_jit_dump+0xd0/0xd0 [ 206.281734][ T9431] __warn+0x2e0/0x470 [ 206.286011][ T9431] ? ext4_xattr_inode_update_ref+0x53c/0x590 [ 206.292019][ T9431] ? ext4_xattr_inode_update_ref+0x53c/0x590 [ 206.298002][ T9431] report_bug+0x2be/0x4f0 [ 206.302324][ T9431] ? ext4_xattr_inode_update_ref+0x53c/0x590 [ 206.308362][ T9431] ? ext4_xattr_inode_update_ref+0x53c/0x590 [ 206.314333][ T9431] ? ext4_xattr_inode_update_ref+0x53e/0x590 [ 206.320300][ T9431] handle_bug+0xcf/0x120 [ 206.324530][ T9431] exc_invalid_op+0x1a/0x50 [ 206.329019][ T9431] asm_exc_invalid_op+0x1a/0x20 [ 206.333883][ T9431] RIP: 0010:ext4_xattr_inode_update_ref+0x53c/0x590 [ 206.340468][ T9431] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 85 d5 98 ff 49 8b 37 48 c7 c7 a0 d6 de 8a 89 da e8 94 51 0a ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 ab fe ff ff e8 6e 7d 3f 08 [ 206.360065][ T9431] RSP: 0018:ffffc900032571a0 EFLAGS: 00010246 [ 206.366122][ T9431] RAX: b4469c68c72f6b00 RBX: 0000000000000000 RCX: 0000000000080000 [ 206.374081][ T9431] RDX: ffffc9000c829000 RSI: 000000000007ffff RDI: 0000000000080000 [ 206.382242][ T9431] RBP: ffffc90003257298 R08: ffff8880b8f28c13 R09: 1ffff110171e5182 [ 206.390228][ T9431] R10: dffffc0000000000 R11: ffffed10171e5183 R12: dffffc0000000000 [ 206.398188][ T9431] R13: ffff8880769cdea8 R14: ffff8880769cdcb0 R15: ffff8880769cdd00 [ 206.406156][ T9431] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 206.411790][ T9431] ? ext4_xattr_inode_iget+0x3df/0x600 [ 206.417241][ T9431] ext4_xattr_set_entry+0xcda/0x1e90 [ 206.422525][ T9431] ext4_xattr_ibody_set+0x254/0x6a0 [ 206.427715][ T9431] ext4_expand_extra_isize_ea+0x1398/0x1e80 [ 206.433611][ T9431] __ext4_expand_extra_isize+0x306/0x400 [ 206.439241][ T9431] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 206.444692][ T9431] ext4_evict_inode+0x7f3/0xea0 [ 206.449530][ T9431] ? _raw_spin_unlock+0x28/0x40 [ 206.454489][ T9431] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 206.460369][ T9431] ? do_raw_spin_unlock+0x121/0x230 [ 206.465644][ T9431] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 206.471525][ T9431] evict+0x4ca/0x8d0 [ 206.475433][ T9431] ? proc_nr_inodes+0x230/0x230 [ 206.480270][ T9431] ? do_raw_spin_unlock+0x121/0x230 [ 206.485457][ T9431] ? _raw_spin_unlock+0x28/0x40 [ 206.490304][ T9431] ? iput+0x706/0x920 [ 206.494273][ T9431] ext4_orphan_cleanup+0xbec/0x1420 [ 206.499721][ T9431] ? ext4_orphan_del+0xbf0/0xbf0 [ 206.504645][ T9431] ? ext4_register_li_request+0x183/0x940 [ 206.510374][ T9431] ? errseq_check_and_advance+0x66/0x120 [ 206.516024][ T9431] ext4_fill_super+0x5ed0/0x6790 [ 206.520968][ T9431] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 206.527223][ T9431] ? __might_sleep+0xe0/0xe0 [ 206.531827][ T9431] ? read_lock_is_recursive+0x20/0x20 [ 206.537219][ T9431] ? snprintf+0xe9/0x140 [ 206.541459][ T9431] ? down_read_killable+0x340/0x340 [ 206.546652][ T9431] ? setup_bdev_super+0x56b/0x660 [ 206.551763][ T9431] get_tree_bdev+0x3f3/0x520 [ 206.556341][ T9431] ? vfs_parse_fs_string+0x170/0x170 [ 206.561616][ T9431] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 206.567871][ T9431] ? setup_bdev_super+0x660/0x660 [ 206.572899][ T9431] ? apparmor_capable+0x137/0x1a0 [ 206.577940][ T9431] ? bpf_lsm_capable+0x9/0x10 [ 206.582718][ T9431] ? security_capable+0x89/0xb0 [ 206.587580][ T9431] vfs_get_tree+0x8c/0x280 [ 206.591997][ T9431] do_new_mount+0x24b/0xa40 [ 206.596502][ T9431] __se_sys_mount+0x2e7/0x3d0 [ 206.601164][ T9431] ? __x64_sys_mount+0xc0/0xc0 [ 206.605915][ T9431] ? lockdep_hardirqs_on+0x98/0x150 [ 206.611127][ T9431] ? __x64_sys_mount+0x20/0xc0 [ 206.615876][ T9431] do_syscall_64+0x55/0xa0 [ 206.620286][ T9431] ? clear_bhb_loop+0x40/0x90 [ 206.624952][ T9431] ? clear_bhb_loop+0x40/0x90 [ 206.629640][ T9431] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 206.635521][ T9431] RIP: 0033:0x7fcf5919da8a [ 206.639922][ T9431] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 206.659605][ T9431] RSP: 002b:00007fcf59fb7e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 206.668006][ T9431] RAX: ffffffffffffffda RBX: 00007fcf59fb7ee0 RCX: 00007fcf5919da8a [ 206.675967][ T9431] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 00007fcf59fb7ea0 [ 206.684027][ T9431] RBP: 0000200000000180 R08: 00007fcf59fb7ee0 R09: 0000000000000000 [ 206.692006][ T9431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000000 [ 206.699965][ T9431] R13: 00007fcf59fb7ea0 R14: 000000000000047a R15: 00002000000001c0 [ 206.707938][ T9431] [ 206.711069][ T9431] Kernel Offset: disabled [ 206.715376][ T9431] Rebooting in 86400 seconds..