last executing test programs: 21.075733362s ago: executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x13, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x19}]}, &(0x7f0000000100)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000040), &(0x7f0000000180)}, 0x20) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) close(r3) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10) r7 = syz_open_procfs(0x0, &(0x7f0000000200)='map_files\x00') r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='oom_score_adj\x00') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6}]}) ioctl$F2FS_IOC_GET_PIN_FILE(0xffffffffffffffff, 0x8004f50e, 0x0) pread64(r8, 0x0, 0x0, 0x0) getdents(r7, &(0x7f0000000380)=""/24, 0x18) getdents64(r7, 0xffffffffffffffff, 0x43) socket$nl_rdma(0x10, 0x3, 0x14) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000bc0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r9, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000ac0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000000000001500000020002b8008000100030000000c0005000000000000000000050002000000000008000300", @ANYRES32=r11], 0x44}}, 0x0) 20.457415366s ago: executing program 4: r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f00000006c0)={@val, @void, @eth={@broadcast, @random="91d6e8bc19e3", @void, {@ipv4={0x800, @udp={{0x7, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x2000, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private}, {0x0, 0x0, 0x8}}}}}}, 0x2e) 19.613729817s ago: executing program 0: fstat(0xffffffffffffffff, 0x0) setreuid(0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) memfd_create(0x0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000004f00), 0x2, 0x0) fgetxattr(0xffffffffffffffff, &(0x7f0000000080)=@known='trusted.overlay.redirect\x00', 0x0, 0x0) r1 = socket(0x1, 0x3, 0x0) recvmsg$inet_nvme(r1, &(0x7f00000014c0)={&(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0xd1, 0x0}, 0x0) close(r2) ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0x5450, 0x0) 18.366541112s ago: executing program 0: r0 = memfd_create(0x0, 0x6) fallocate(r0, 0x0, 0x0, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) ioprio_set$pid(0x0, 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000200), 0x101040, 0x0) preadv(r1, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0x18ffc}, {0x0}], 0x2, 0x0, 0x0) sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$reiserfs(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0xa0c003, &(0x7f0000000300)={[{@conv}, {@usrjquota}, {@barrier_flush}, {@acl}, {@data_writeback}, {@barrier_none}, {@nouser_xattr}, {@noattrs}, {@balloc_hashed_reloc}, {@balloc_no_unhash_reloc}, {@jqfmt_vfsv0}, {@tails_small}, {@tails_off}, {@jdev={'jdev', 0x3d, './cgroup'}}, {@grpquota}, {@usrjquota_file}]}, 0xfd, 0x1125, &(0x7f0000000b80)="$eJzs2L1qFFEUB/D/ncmHViOTfghoKcGw9pJCwcbC2kZCKq2ylZLCR/AhrHwD30G0sbCLD5AUAfuVGWeQXYMiWcXi94PZvefMnftRnhMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADobWT3rCQ7VdJOuSpJSbruw2YfdlP+xvu6Ssnjo4fz+8ezB/Mk9TC99E//Vf9Z2v2bbTtrZ+1+e3fn4FY7f/Hy2dO3z4+Ox2VKupxenBzm0flar1LG8/xs0SzHw7Vyfa27AwAAwP9rcWXN6pLbGdoKo62pJD9b3rde1/4AAADA7/zt/gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAn2inQZWkjOPNV+kum3ztnx0LAAAAuKKSKk+apdQiny+beTufmjK0Bab2wNetfnwnbxrdAAAAAPiV16uJL/dWEtVQa5ePU7wx1N8Za/DdbGRv73s8/uX8IKmT7R9rvBt+Ty9ODqenDO/rtd8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBv7MABCQAAAICg/6/bESgAAAAAAAAAAAAAAAAAAAAAAAAnBQAA//9KT9o6") ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0x40309410, 0x0) socket(0x2a, 0x802, 0x0) prlimit64(0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) getdents64(0xffffffffffffffff, 0xffffffffffffffff, 0x43) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) 18.223123064s ago: executing program 4: socket$nl_route(0x10, 0x3, 0x0) socketpair(0x0, 0xa, 0x3ff, 0x0) socket(0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) openat$vim2m(0xffffff9c, 0x0, 0x2, 0x0) r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f00000000c0)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$PPPIOCSFLAGS1(r2, 0x4004743a, &(0x7f0000000300)) ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000001f00)) sendmmsg(r0, &(0x7f0000001cc0)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000540)="86a8", 0x2}, {0x0}], 0x2}}], 0x1, 0x0) 17.323423146s ago: executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) r6 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) write$tcp_congestion(r6, &(0x7f0000000100)='reno\x00', 0x5) write$binfmt_misc(r4, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r3, 0x0, r5, 0x0, 0x4ffe6, 0x0) 16.547255666s ago: executing program 0: sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="01"], 0x1c}}, 0x0) syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="040e041e0b20"], 0x7) 15.951519883s ago: executing program 0: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000f, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) arch_prctl$ARCH_GET_GS(0x1004, 0x0) 11.889874538s ago: executing program 0: bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x0, 0x0, 0xb3, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48) r0 = socket$kcm(0x21, 0x2, 0x2) sendmmsg(0xffffffffffffffff, &(0x7f0000001800), 0x0, 0x0) syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='./bus\x00', 0xa10002, &(0x7f00000003c0)=ANY=[], 0x21, 0x150c, &(0x7f0000003040)="$eJzs3AuYT1XbMPD7Xmtthib9m+QwrLXuzT8NliFJDgk5JEnySJJTQmiSJCExzpKGJOQ4SQ5DSA7TmDTO50POSZI0SRISQtZ3zfP0fD3P0/O+fb1v3+f63rl/17Wv/7r/e99rrzX3zPz32nPt+bbXmHot6tduRkTw34J/e0kGgBgAGAEANwBAAACV4irF5ezPJzH5v3cS9ud6OO1aj4BdS1z/3I3rn7tx/XM3rn/uxvXP3bj+uRvXP3fj+jOWm+2cV/RG3nLvxvf/czP+/P8fJLvc1C83l7u59x9I4frnblz/3I3rn7tx/XM3rn/uxvXP3bj+uRvXn7Hc7L9+75j/dvA/YbvW33+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxnKHi/5XCgD+3r7W42KMMcYYY4wxxtifx+e91iNgjDHGGGOMMcbY/30IAiQoCCAP5IUYyAf54TqIheuhANwAEbgR4uAmKAg3QyEoDEWgKMRDMSgOGgxYIAihBJSEKNwCpeBWSIDSUAbKgoNykAjloQLcBhXhdqgEd0BluBOqQFWoBtXhLqgBd0NNqAW14R6oA3WhHtSHe6EB3AcN4X5oBA9AY3gQmsBD0BT+As3gYWgOj0ALeBRawmPQClpDG2gL7f5L+S9CP3gJ+sMASIaBMAgGwxAYCsNgOIyAl2EkvAKj4FVIgdEwBl6DsfA6jIM3YDxMgInwJkyCyTAFpsI0mA6p8BbMgLdhJrwDs2A2zIG5kAbzYD68CwtgISyC92AxvA9LYCksg+WQDh9ABqyATPgQVsJHkAWrYDWsgbWwDtbDBtgIm2AzbIGtsA22ww7YCR/DLtgNe2Av7IP9cAA+gYPwKRyCz+AwfP4H8y/8S35vBAQUKFChwjyYB2MwBvNjfozFWCyABTCCEYzDOCyIBbEQFsIiWATjMR6LY3E0aJCQsASWwChGsRSWwgRMwDJYBh06TMRErIC3YUWsiJWwElbGylgFq2JVrI7VsQbWwJpYE2tjbayDdbAe1sN78V68DxtiQ2yEjbAxNsYm2ASbYlNshs2wOTbHFtgCW2JLbIWtsA22wXbYDttje+yAHbATdsLO2Bm7YldMwiTsht2wO3bHHtgDe2JP7IW9sDf2wT74Ir6IL+FLOADriIE4CAfhEByCw3A4DseXcSS+gq/gq5iCo3EMvoav4es4Ds/jeJyAE3Ei1hCTcQpORRLTMRVTcQbOwJk4E2fhbJyNczEN5+F8nI8LcCEuxPdwMb6P7+NSXIrLMR3TMQNXYCZm4kq8gFm4ClfjGlyL63AtbsCNuAE34xbcjNtwG+7AHfgxfoy7cTfuxb24HxUAfoKf4qeYgofxMB7BI3gUj+IxPIbZmI3H8TiewBN4Ek/iKTyFp/EMnsUzeA7P4Xm8gBfxIl7CS3gFn4//uvn+0ptSQORQQok8Io+IETEiv8gvYkWsKCAKiIiIiDgRJwqKgqKQKCSKiCIiXsSL4qK4MMIIEqEoIUqIqIiKUqKUSBAJoowoI5xwIlEkigqigqgoKopK4g5RWdwpqoiqoqOrLqqLGqKTqylqidqitqgj6op6or6oLxqIBqKhaCgaiUaisWgsmoiHRFMxEIfhwyKnMi3EaGwpxmAr0Vq0EW3F6/i4aC/GYQfRUXQST4oJOB67ivYuSTwtuokp2F08K6bic6KnmI69xAuit+gj+ooXRT/RwfUXA8QsHCgGibk4RAwVw8RwsQDripyK1ROvihQxWowRr4nl+LoYJ94Q48UEMVG8KSaJyWKKmCqmiekiVbwlZoi3xUzxjpglZos5Yq5IE/PEfPGuWCAWikXiPbFYvC+WiKVimVgu0sUHIkOsEJniQ7FSfCSyxCqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQO8XHYpfYLfaIvWKf2C8OiE/EQfGpOCQ+E4fF5+KI+EIcFV+KY+IrkS2+FsfFN+KE+FacFN+JU+J7cVqcEWfFD+Kc+FGcFxfERfGTuCQuiyviZ3FVeAESpZBSKhnIPDKvjJH5ZH55nYyV18sC8gYZkTfKOHmTLChvloVkYVlEFpXxspgsLrU00kqSoSwhS8qovEWWkrfKBFlalpFlpZPlZKIsLyvI22RFebusJO+QleWdsoqsKqvJ6vIuWUPeLWvKWrK2vEfWkXVlPVlf3isbyPtkQ3m/bCQfkI3lg7KJfEg2lX+RzeTDsrl8RLaQj8qW8jHZSraWbWRb2U4+LtvLJ2QH2VF2kk/KzrKL7CqfkknyadlNPiO7y2dlj3wge8rnZS/5guwt+8i+8md5VXrZXw6QyXKgHCQHyyFyqBwmh8sR8mU5Ur4iR8lXZYocLcfI1+RY+bocJ9+Q4+UEOVG+KSfJyXKKnCqnyekyVb4lZ8i35Uz5jpwlZ8s5cq5Mk/PksF96WvR/kP/2v8kf9dez75A75cdyl9wt98i9cp/cLw/IA/KgPCgPyUPysDwsj8gj8qg8Ko/JYzJbZsvj8rg8IU/Ik/KkPCVPydPyjPxJ/iDPyR/leXlBXpA/yUvykrzyy9cAFCqhpFIqUHlUXhWj8qn86joVq65XBdQNKqJuVHHqJlVQ3awKqcKqiCqq4lUxVVxpZZRVpEJVQpVUUXUL/nJBocqossqpcipRlf8j+aqUulUlqNL/lP9742un2qn2qr3qoDqoTqqT6qw6q66qq0pSSaqb6qa6q+6qh+qheqqeqpfqpXqr3qqv6qv6qX6qv+qvklWyGqQGqyFqqBqmhqsR6mU1Uo1Uo9QolaJS1Bg1Ro1VY9U4NU6NV+PVRDVRTVKT1BQ1RU1T01SqSlUz1Aw1U81Us9QsNUfNUWkqTc1X89UCtUAtUovUYrVYLVFL1DK1TKWrdJWhMlSmylQr1UqVpVapVWqNWqPWqXVqg9qgNqlNaovaorapbSpL7VQ71S61S+1Re9Q+tU8dUAfUQXVQHVKH1GF1WB1RR9RRdVQdU8dUtspWx9VxdUKdUCfVSXVKnVKn1Wl1Vp1V59Q5dV6dVxfVRXVJXVJX1BV1VV3NuewLRCACFaggT5AniAligvxB/iA2iA0KBAWCSBAJ4oK4oGBwc1AoKBwUCYoG8UGxoHigAxPYgIIwKBGUDKLBLUGp4NYgISgdlAnKBi4oFyQG5YPLwW1BxeD2oFJwR1A5uDOoElQNqgXVg7uCGsHdQc2gVlA7uCeoE9QN6gX1g3uDBsF9QcPg/qBR8EDQOHgwaBI8FDQN/hI0Cx4OmgePBC2CR4OWwWNBq6B10CZoG7T7U/v3/nzhJ1x/PUAn64F6kB6sh+ihepgerkfol/VI/YoepV/VKXq0HqNf02P163qcfkOP1xP0RP2mnqQn6yl6qp6mp+tU/Zaeod/WM/U7epaerefouTpNz9Pz9bt6gV6oF+n39GL9vl6il+plerlO1x/oDL1CZ+oP9Ur9kc7Sq/RqvUav1ev0er1Bb9Sb9Ga9RW/V2/R2vUPv1B/rXXq33qP36n16vz6gP9EH9af6kP5MH9af6yP6C31Uf6mP6a90tv5aH9ff6BP6W31Sf6dP6e/1aX1Gn9U/6HP6R31eX9AX9U/6kr6sr+if9VXtcy7ucz7ejTLK5DF5TIyJMflNfhNrYk0BU8BETMTEmThT0BQ0hUwhU8QUMfEm3hQ3xU0OMmRKmBImaqKmlCllEkyCKWPKGGecSTSJpoKpYCqaiqaSqWQqm8qmiqliqplq5i5zl7nb3G1qmVrmHnOPqWvqmvqmvmlgGpiGpqFpZBqZxqaxaWKamKamqWlmmpnmprlpYVqYlqalaWVamTamjWln2pn2pr3pYDqYTqaT6Ww6m66mq0kySaab6Wa6m+6mh+lhepqeppfpZXqb3qav6Wv6mX6mv+lvkk2yGWQGmSFmiBlmhpkRZoQZaUaaUWaUSTEpZowZY8aasWacGWfGmwlmonnTTDKTzRQz1Uwz002qSTUzzAwz08w0s8wsM8fMMWkmzcw3880Cs8AsMovMYrPYLDFLzDKzzKSbdJNhMkymyTQrzUqTZbLMarParDVrzXqz3mw0G81ms9lsNVvNdrPd7DQ7zS6zy+wxe8w+s88cMAfMQXPQHDKHzGFz2BwxRzwCmGPmmMk22ea4OW5OmBPmpDlpTplT5rQ5bc6as+acOWfOm/PmorloLpnL5or52Vw13sTYfDa/vc7G2uttAXuD/de4iC1q420xW9xqW8gW/qfYWGsTbGlb5u9LTFveJsTkvJa1zpaziba8rWKr2mq2ur3L1rB325q/iRvY+2xDe79tZB+w9e29/xQ3tg/aJvZR29Q+ZpvZ1ra5bWtb2EdtS/uYbWVb2za2re1su9iu9imbZJ+23ewzv4kz7Aq70W6ym+0We9B+ai/an+wJ+629ZC/b/naAHWFftiPtK3aUfdWm2NG/iSfaN+0kO9lOsVPtNDv9N/EcO9em2Xl2vn3XLrALfxOn2w/sYptpl9ildpld/tc4Z0yZ9kO70n5ks+wqu9qusWvtOrvebvjfY11jt9ntdoc9YD+xu+xuu8futfvs/r/GOfM4ZD+zh+3n9rj9xh61X9pj9qTNtl//Nc6Z30n7nT1lv7en7Rl71v5gz9kf7Xl7IWf+PmfuP9if7VXrLRCSIEmKAspDeSmG8lF+uo5i6XoqQDdQhG6kOLqJCtLNVIgKUxEqSvFUjIqTJkOWiEIqQSUpSrdQKbqVEqg0laGy5KgcJVJ5qkC3UUW6nSrRHVSZ7qQqVJWqUXW6i2rQ3VSTalFtuofqUF2qR/XpXmpA91FDup8a0QPUmB6kJvQQNaW/UDN6mJrTI9SCHqWW9Bi1otbUhtpSO3qc2tMT1IE6Uid6kjpTF+pKT1ESPU3d6BnqTs9SD3qOetLz1IteoN7Uh/rSi9SPXqL+NICSaSANosE0hIbSMBpOI+hlGkmv0Ch6lVJoNI2h12gsvU7j6A0aTxNoIr1Jk2gyTaGpNI2mUyq9RTPobZpJ79Asmk1zaC6l0TyaT+/SAlpIi+g9Wkzv0xJaSstoOaXTB5RBKyiTPqSV9BFl0SpaTWtoLa2j9bSBNtIm2kxbaCtto+20g3bSx7SLdtMe2kv7aD8doE/oIOX75QfuczpCX9BR+pKO0VeUTV/TcfqGTtC3dJK+o1P0PZ2mM3SWfqBz9COdpwt0kX6iS3SZrtDPdJU8QYihCGWowiDME+YNY8J8Yf7wujA2vD4sEN4QRsIbw7jwprBgeHNYKCwcFgmLhvFhsbB4qEMT2pDCMCwRlgyj4S1hqfDWMCEsHZYJy4YuLBcmhuXDCuFtYcXw9rBSeEdYObwzrBJWDR99oHp4V1gjvDusGdYKa4f3hHXCumG9sH54b9ggvC9sGN4fNgofCCuGD4ZNwodC+OV5lebhI2GL8NGwZfhY2CpsHbYJ24btwsfD9uETYYewY9gpfDLsHHYJu4ZPhUnh02G38Jnf3Z8cDgwHhYPDwaH398tl0eXR9OgH0Yzoimhm9MPoyuhH0azoqujq6Jro2ui66ProhujG6Kbo5uiW6Nbotuj26I6o9/XzgkMnnHTKBS6Py+tiXD6X313nYt31roC7wUXcjS7O3eQKuptdIVfYFXFFXbwr5oo77YyzjlzoSriSLupucaXcrS7BlXZlXFnnXDmX6Nq6dq6da++ecB1cR9fJPemedF1cF/eUe8o97bq5Z1x396zr4Z5zPd3z7nn3guvt+ri+7kXXz73k+rsBLtklu0FukBvihrhhbpgb4Ua4kW6kG+VGuRSX4sa4MW6sG+vGuXFuvBvvJrqJbpKb5Ka4KW6am+ZSXaqb4Wa4mW6mCwBgjpvj0lyam+/muwVugVvkFrnFCYvdErfELXPLXLpLdxkuw2W6TLfSrXRZLsutdqvdWrfWrXfr3Ua30W12m91Wt9Vtd9vdTrfT7XK7clYWbp/b5w64A+6gO+gOuUPusDvsjrgj7qg76o65r1y2+9odd9+4E+5bd9J95065791pd8addT+4c+5Hd95dcBdrgbvkLrsr7md31XmXGnkrMiPydmRm5J3IrMjsyJzI3EhaZF5kfuTdyILIwsiiyHuRxZH3I0siSyPLIssj6ZEPIhmRFZHMyIeRlZGPIlmRVZHVkTWRtZF1CnyxXaEv4Uv6qL/Fl/K3+gRf2pfxZb3z5XyiL+8r+Nt8RX+7r+Tv8JX9nb6Kr+qr+cd8K9/at/FtfTv/uG/vn/AdfEffyT/pO/suvqt/yif5p303/4zv7p/1Pfxzvqd/3vfyL/jevo/v61/0/fxLvr8f4JP9QD/ID/ZD/FA/zA/3I/zLfqR/xY/yr/oUP9qP8a/5sf51P87ngfF+gp/o3/ST/GQ/xU/10/x0n+rf8jP8236mf8fP8rP9HD/Xp/l5fr5/1y/wC/0i/55f7N/3S/xSv8wv9+n+A5/hV/hM/6Ff6T/yWX6VX+3X+LV+nV/vN/iNfpPf7Lf4rX6b3+53+J3+Y7/L7/Z7/F6/z+/3B/wn/qD/1B/yn/nD/nN/xH/hj/ov/TH/lc/2X/vj/ht/wn/rT/rv/Cn/vT/tz/iz/gd/zv/oz/sL/qL/yV/yl/0V/7O/+gefWav7Z95CZ4wxxhj7/8jg39k/8N+8pwBA/NK+7L2/fnfR7H/cLwFga6G/tYeK+M4RAHh6QK+H/77VqZOcnPzLsVkSgpJLASDyLyf4JV4FnaALJEFHqPBvxzdU9LlEv9N/9A6A/P+QEwO/xr/2/8V/0P/jT07MqBxejPtP+l8KkFDy15ycVfjf41XQKWc20BEq/gf9F27/O+PP92UqQId/yIkFgA75/nX8ifAEPANJ/3QkY4wxxhhjjDH2N0NFtR6/t37OWZ/Hq19z8sKv8e+tzxljjDHGGGOMMXbtPden71OPJyV17MENbnAjlzW6/CfHXOvfTIwxxhhjjLE/268X/b++l+9aDogxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuF/l/8p7FrPUfGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsWvtfAQAA//8uTzNp") r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) r5 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmsg(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{}], 0x1, 0x0, 0x0, 0x2c}, 0x4) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) write$UHID_CREATE2(r6, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffff44}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r7}, 0x10) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IPVS_CMD_DEL_DAEMON(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)={0x28, r9, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x14, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local}]}]}, 0x28}}, 0x0) sendmsg$inet(r0, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1c0000000000", @ANYBLOB], 0x38}, 0x0) 8.895185407s ago: executing program 1: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000f, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) arch_prctl$ARCH_GET_GS(0x1004, 0x0) 8.675679359s ago: executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000009c0)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) pipe2$9p(&(0x7f00000008c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RLCREATE(r3, &(0x7f0000000900)={0x18, 0xf, 0x2, {{0x0, 0x2}, 0x6}}, 0x18) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000080)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x1}}, {@usrquota}]}, 0x1, 0x4f0, &(0x7f00000003c0)="$eJzs3c9vG1kdAPDvOL+cbHaTXfYACNiyLBRU1UncNqp6gHJCCFVC9AhSGxI3imLHUeyUJvSQ/g9IVOIER/4Azj1x54LgxqUckPgRgZpKHLya8SR1k7hJmzaO4s9HGs28N2N/36s778VfJ34B9K0LEbEVEcMRcTciJvL6JN/iZntLr3u2/XB+Z/vhfBKt1u1/J9n5tC46HpN6L3/OYkT85AcRP08Oxm1sbC7PVauVtbw81aytTjU2Ni8v1eYWK4uVlXJ5dmZ2+vqVa+W31tdPasP50Vef/mnrO79MmzWe13T2421qd31oL05qMCJ+9C6C9cBA3p/hXjeEN1KIiI8i4tPs/p+IgezVBADOs1ZrIloTnWUA4LwrZDmwpFDKcwHjUSiUSu0c3scxVqjWG81L9+rrKwvtXNlkDBXuLVUr03mucDKGkrQ8kx2/KJf3la9ExIcR8auR0axcmq9XF3r5gw8A9LH39s3//xtpz/8AwDlX3F8x0pt2AACn58D8DwCce+Z/AOg/5n8A6D/mfwDoP+Z/AOg/5n8A6Cs/vnUr3Vo7+fdfL9zfWF+u37+8UGksl2rr86X5+tpqabFeX8y+s6d21PNV6/XVmaux/mDyu6uN5lRjY/NOrb6+0ryTfa/3ncrQqfQKAHiVDz958tckIrZujGZbdKzlYK6G863Q6wYAPTPQ6wYAPWO1L+hfJ3iPLz0A58QhS/S+pBgRo/srW61W6+WaA5cAZ9fFL8n/Q7/qyP/7LWDoM/L/0L/k/6F/tVrJcdf8j+NeCACcbXL8QJfP/z/K97/PPxz42cL+Kx6/y1YBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA2ba7/m8pXwt8PAqFUini/YiYjKHk3lK1Mh0RH0TEX0aGRtLyTI/bDACcVOEfSb7+18WJz8b3nx1Ono9k+4j4xW9u//rBXLO59ue0/j979c3HeX25F+0HAI6yO09n+4438s+2H87vbqfZnn9+PyKK7fg728Oxsxd/MAazfTGGImLsv0lebks6chcnsfUoIr54WP+TGM9yIO2VT/fHT2O/f6rxCy/FL2Tn2vv03+ILrxPUos+QeZKOPzcPu/8KcSHbH37/F7MR6uTy8S99qvmdbAx8EX93/BvoMv5dOG6Mq3/8Yfto9OC5RxFfHozYjb3TMf7sxk+6xP/smPH/9pWvfdrtXOu3ERfj8PidsaaatdWpxsbm5aXa3GJlsbJSLs/OzE5fv3KtPJXlqKe6zwb/unHpg27n0v6PdYlfPKL/3zxm/3/3/7s//for4n/7G4fFL8THr4ifDuHfOmb8ubE/FLudS+MvdOn/Ua//pWPGf/r3zQPLhgMAvdPY2Fyeq1Yraw4cnP2D9L/s0RcnPWnh904r1nC81qNarTeK1W3EeBtZN+As2LvpI+J5rxsDAAAAAAAAAAAAAAAc6jT+YqnXfQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD8+jwAAP//rCPR4g==") r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000200), 0xfea7) r6 = socket$xdp(0x2c, 0x3, 0x0) mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x11, r6, 0x0) copy_file_range(r5, &(0x7f00000001c0), r4, 0x0, 0xffffffffa003e45c, 0x700000000000000) openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x5a042, 0x20) socket$nl_netfilter(0x10, 0x3, 0xc) socket$alg(0x26, 0x5, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001640)=ANY=[@ANYBLOB="c435deb82600003900100028bd7000fddbdf250d000000090086006c626c630000f3ff08002600ac1414bb08", @ANYRES32, @ANYBLOB="08004600ac1414bb8300158008003e00ac1414aa04003d0014005500000000000000000000000000000000008e9291dd34ce355b56f919ba58a96c97ff1fe323fc1ed2f15c0555beae1bb191005d97ff627f2184f305b3a2a843d25a479cc3ae1998b926d09a6e26df9ad85c3aae0a54107544b1cd81c19dd1415167946aaa688afad5770141ea69a5be2e007f021e8008000b00", @ANYRES32=0xee01, @ANYBLOB="ed24aa67cc394a87fb1fb707459891d760dd1cec05dc545295f12bb87ad0a352344164314e37356a76de58674d276762dbf4fa600ac678a013d02f44f7b308074e77ffabf854c22b16b752ab0552625300838b6120500b32513da7f3734cd4f2c7626f4867b2b3ab993998f03d3e20ae8c23ca8f09adf6cd2bbbe0b5c1232cc1e204a2004b85fdf84ad0c23838e79a67252218ac338d8ff9a3b69986692ec6bb9f840a15b6e0992da2ed767ac23c08f4cb87fe3ac70c06d7218064f9f74dfe5aa91a2d20c8899457724db7f9860f44f5f88403b0163e76de2095f538b9080d8afc4559d95686331b917ada8b70204b98eaa1e9080039007b6c000008006c00", @ANYRES32, @ANYBLOB="18dc63e8da2d8115f30854b09ae851f9ea91f620e0f93bc9f3c94df5d1b81386651b5a694f0c4fa3de9a6c6be94417d0c86503a15483941a2bf586aac20c51f3e0eb7019eaa002d9ab0a9ad6a0eaccbc941e0654f657bcf0bf7c78e2844b4d5a4157623d60c447fd5d387c7a6fcec701f4f3cd3db0d42b7ce104b360fc9e2aafe90e3302675d71a412c5589f6f21fa5ed83b7a6c8f418246a2117ba4064317e0fa070000006f0a9df5b5991a8dec8e8fb45d92a0c2a4032a6704192ff67ae3bcb602b0b700df48d6badd7a504e7d1d6b6fe7e3761fb4d85cb527df7c594bae9704a2e5ac92d7728bd29f6d1ddda69d3a21ff72d26aee506db8905784f7d8089a89224238a6401916ec6d13dc4e97c65af94585d3ad460e506427568df44a3f1a3fa77f00c1f1102d049d87df65458ed1555a175d26fffd3598c28b32789e6264a1e247ce2d467b8f792dfbe665400da5e2c35839797d3979c8bceedf875eec6b9115853764c2588837bbed3ef6b20800090070771eaf4f87d60487bc60ada850682e6b574d4db732b2307fa62c4983694f5b147c7b0bcff7806d8df3111ec312e30d0d22e029176a8a1dd215ae9fcb05ad05890dc7d16afe1b3a2205cd7ee283ab41c87567073e17f32f6b444fea138121fde9804b95723b83e3af2dd71eb0f4f5bec3c121c782c98eb1bd9095b18f7de274d85e30aeeb94a06790d73b4aa532fd3353fd9b8c9a79047868ec61938a39abe5682fb089c737fc5d58a335e8fbe7bf00462c3f887e4d46fbb0ce867ba6", @ANYRES32, @ANYBLOB="007a231180a7f8bb050c02f18c03ea92bf4487ae7dd663020093e36ecf514aa91259e356baefb0199232287abe1d97c1bf45a2c784e5dc0c81884d817865265628e61dd1f6c569b9af4d807939172f7022039c68fbb0aafa688b990fa61d072371c664876e018f313144d3230d9aaf94c76bf51b186ea940f920f33764e59e6b123a71b217a0922ee0958fef9fc7295be16697dfffae04d1d8661bc8e500165def249ce7cea0c64e5a38f9da4d6230799c8828c9dacd4a71cd7d69eae59df5d4f7e9c9cceb47ebce7d4ed9ddef22735da4ae11eb226912d94fdc359c615774fadeb0f73438f9d5bc8b00172e85a252c301aeb60400960062a5a54ca66b23248cd785f8de2fd3b0b349afe6f8720b77a3ec6c6b4e21841dc130bf95b2e9c2c5a80799d1d65c393e3afe73d48a8ab71fe2debe1c7d1f42893bd97b504f4f756b336407fd129ab3fb78cab64e773063484b12d68075417bc0094a6a8a85f891edc0189e15cda89e4efcd11b6de3422daa8f652de1f9e2aaa82206d29ae2983a8e4ca2844230ec96d35794df97956f38768206d632b414fd6a1decb44e86cfa141b63d3d6b7de79566a5683307cbd14dd934d0e7b966ce6614ee49e49fe7573b5255862c7ce1a1d486d00e10b5f51af7060ee07180fda8b27d63585f22897baab2bc9c516ca5417453387d3b8bc2083eb3a6f04ae0f20b1abebef684462fcf0008a693f42b16dfd7f33b45ec7379ece6b39db9d26b5d1f3c799377a1e85f75ba853f60db4bf2ad0eefafd7b5f6fa74424bfd64f4d8c8883f92a0deb21b3d484ed173a286c6402e3dd05dbf1ae2d21f58b9d6004db0260041abb67ed6b84004334eda0b565d2ef217dfc30add4ef95449dc97d372816c87974f678f0444e7a260c56b4faad0a97dc886b4a48f201b5bfe61e57589a21427b2ff8d06e15f11cf8768e6a509739bb0c5a86586784e5d2ceda8642703a2f2ebe92597d7ad072ad86bfc6dfb3cdcd57e3c0f55e869d8d64b3cd9bd68c09e2ef84266b5b1a3a0a595e12062f0460860fd57b74f3bbe7aeb6f7cc110abc0ee5374e23ba193b535660f6a6f2d437873a9cdd864308b73ed30146df5dd9d7dbef70227c2c2b894c550690e59104168e45780894f52e254d785c1cc2f801d11d2802ba6e4ac3ad8cc258016950ffe13ab64b5f1dbff89e7831e10561f3b6c40c73acfc9a075020cc04df543e4905bf82cdffab1f5f46665ce2b4b7cd63a4676a47fb30fd90f829f9038bb1af1e330a548dda5c6d14ddb638ece9fc142a32a6c28f0eb0603602ff4df6f91c631c5ec729b3cc7222bc9435459907417d37abd257fb41670cff3d010fd47ef1aaec1033dd04a913ae5f7b34590495882fb619bdd35bf7f275e1628824c7110da897c42abf18ac4cc99fb9449380fdd0b64263822fb1d5e6775a4048a444a8db132ff4e173ed5e9da88a3d59b8006b3e99f4014fdde410fe2c7ae152a5b456c66c37c091a5e5fcc88f8d0d26e89df47701d3981c2668d09feeca7b205dd53307488ccd189b614f57edf61e7c69ad56333bd8559de05b67f74afd183cf17521f19fcb22f9757a711c304e6627686ac33a8e19e63c7564b1c73446d964ec543e5d0bb36169269528ea3beb0c57999047b071756d8096dd11d3867b000f7a1d71c7135e52af0ac572ebb64c27a12c6fec74a9d31129c999c7e72d9a99ffb955dc3c2f1ded11b5371ccf533d9d11e0a5290ccb1813385a958e1e0a174fbf72d32a91dee4a0b6c86b38706db02a5489ea76f71bffe05e4c0183cc4599fdcf45a079746f20930abbdace206cdfb1c52e7713736165a02f00929be0e725f51dcc65872af569b7cf1d25d7e1f38af18ee01a78145242c3ca74957a1333daa7373131fc168d20d808a2263e4c04d28662cf04dcff184348cbfdd2bf7302073171d2caa40d26100fecd88d38fe3a43a4570002bc015f69a30ed8f59cfd485bd7a28c6f0ba8db92307471ed7d56bc527c16dd486101550d947e81294f8724ff989929e191b10161569846d23c3f837f0988316b12d3caca126f12b7c20cf3167cf3a60bc42abdbf92a3e7b934e73673f0f6e27e0d999fd3754769b0781a504b6796157c56c82afe2267c634f1fb32d7dd88ac5ccf4ecc118b6345c71b98a660bf785b82f6ea037ab71a021873b678d9cf43584cf1f6ac1af2eaf60d41cb2fa9e0c1999d78be5f71997d33b9b63a40525a5e2251edb6d11f179b2b05284dc356031645f11810ac166d72d320d233b2ed1f4ac82f12a268e0b307ca780cb596451b2ab777efe02f0d24bca95c6067fd4f50e9823df93e01376fddc0e97b55692ba65a1b66c928391ffb48e4d5be1c8a4582b04080e60d8c73be56dd427d5c113772c9fc004fb99e12263fefd0813d8d437bf2367014dd89670f46f3bed9772cabbc0afd536ca29efdc387d993d3f25b593dd55e6946524493ec0808a970693e1fd8ed4b20cb095d013cabdc829ab3f56ca2f1366d2cd83d888eb944e808786642d757962e23e29d1eb09638b"], 0x26b8}}, 0x0) r7 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r7, &(0x7f00000001c0)="c2", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c) shutdown(r7, 0x1) getsockopt$bt_hci(r7, 0x84, 0x80, &(0x7f0000003140)=""/4094, &(0x7f0000000e00)=0xffe) ftruncate(0xffffffffffffffff, 0x3) memfd_create(&(0x7f0000000000)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xae\xebA;Y\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2W\xc72\xea\xb7Wp\xc36\x96\xffZ\\A@\x00\x00\x00\xc9\xf3Y\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{u[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v\x1d*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5M\x9a\x9dc\xaaAU\xec\xe06\xed\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262\x00\x00\x00\x00\x00\x00\x00\x00Nz\x0eu\x8f\x01\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x10\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[\x00\x00\x00Q\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9fG\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\x94\xf3\xcc\x8d\xbb3\\\"\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82?S>\x0fP\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xe8\x89\xc4s\xb7\x14~}\xaa\x8c\xc3\x95BAE\xf2.\x8f#;a\x94\"\xd1U\xff\xe8v\xd3\x84d\xf4\x134\xa6XI\xe5h\xaa\x15\x9a\xf7Z\xe3%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x06\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9q\x12\xe3\x1a\xdc\xb7\x12\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\x10W\xbd\xa60A\xc3\x03\xfa\x890\x86#\bQ\xcb)\x00]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1\t\x00\x00\x00 \xc1\xaf\x19?\x00\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xe29\xc3}\xb9P\xd5F\xc6\x12\x8c_x\xa8\xfa\xb5K\x03\x85\x93k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x1b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\xe7]6+\\\x00\x00\x00\x00?#C.\x1dj\xd9\xc3\xdd&\x80g:N\xec\x06[\x8f\x92\xe2\xb01\xb0\xef\x10,\xde\xf3\x86D\x8b\xf7\xf1>AH\xef\\\xf9\x8b\a\xe0\xb2\xcb\xf0\x97\b\r\xd5`\xb9\xd6\xa4\x1e\xbe\x12-}\xc5\x84\xde@\x18\x87\f\x01O\xedS\x8f\x9en,\xbce\xb2\xe4\x82v\x1c\xed\x84-s\xab\x06b\x9c\xba\xec\xa5\xc9A\x84\xd0\xe0 S\xc8\xa2\xaf\x85\v\xad\xa5\x88\xcf\xb6}`\x14\'\xea\xbfN\xac)\xa1\xe8\xb2\x9f\x112TJ\x16\x8c9\xe9\xf5\x18\x15Dd\x8a%>\x91\x93\x88\xe9\x18\x82]\x9e&\xfa\xaa\xfa8Z2\x00'/1301, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_GET(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="d40000000109010400000000"], 0xd4}}, 0x0) 6.829439407s ago: executing program 3: sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYRES16, @ANYBLOB="01"], 0x1c}}, 0x0) syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="040e041e0b20"], 0x7) 6.779574098s ago: executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10) write$P9_RSTATFS(0xffffffffffffffff, 0x0, 0x0) shutdown(r0, 0x0) fstat(0xffffffffffffffff, 0x0) setuid(0x0) 6.170850183s ago: executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_emit_ethernet(0x36, 0x0, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r2 = userfaultfd(0x1) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)) r3 = io_uring_setup(0x3eae, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000080)={&(0x7f0000c15000/0x1000)=nil, &(0x7f0000508000/0x4000)=nil, 0x1000}) 6.076239918s ago: executing program 3: openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1, 0x5}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101, 0x7}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) ftruncate(r2, 0xf2d) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r4 = dup(r2) ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000002100)={{0x3, 0x1, 0x6, 0x0, 0x7fffffff}}) sendfile(r3, r4, 0x0, 0xe0000000) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x3, &(0x7f0000000080)=[{0x87}, {0x3c}, {0x6}]}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r5, 0x0) socket$alg(0x26, 0x5, 0x0) r6 = dup(r1) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r8 = socket$nl_route(0x10, 0x3, 0x0) r9 = socket$netlink(0x10, 0x3, 0x0) r10 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0) getsockname$packet(r10, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r11, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x24, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xfff1, 0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@delchain={0x24, 0x2a, 0x7d1cdc3e828018e9, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0x0, 0xffff}}}, 0x24}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KDFONTOP_GET(r5, 0x4b72, &(0x7f00000000c0)={0x1, 0x1, 0x0, 0xf, 0x1de, &(0x7f00000003c0)}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) 5.877426908s ago: executing program 4: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x13, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x19}]}, &(0x7f0000000100)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000040), &(0x7f0000000180)}, 0x20) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) close(r3) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10) r7 = syz_open_procfs(0x0, &(0x7f0000000200)='map_files\x00') r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='oom_score_adj\x00') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6}]}) ioctl$F2FS_IOC_GET_PIN_FILE(0xffffffffffffffff, 0x8004f50e, 0x0) pread64(r8, 0x0, 0x0, 0x0) getdents(r7, &(0x7f0000000380)=""/24, 0x18) getdents64(r7, 0xffffffffffffffff, 0x43) socket$nl_rdma(0x10, 0x3, 0x14) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000bc0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r9, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000ac0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000000000001500000020002b8008000100030000000c0005000000000000000000050002000000000008000300", @ANYRES32=r11], 0x44}}, 0x0) 4.901132029s ago: executing program 1: socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22}, 0x10) listen(r0, 0x0) r1 = socket$inet(0x2, 0x1, 0x0) r2 = accept4$inet(r0, 0x0, 0x0, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10) r3 = ioctl$TUNGETDEVNETNS(r2, 0x5450, 0x0) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r3, 0x8901, &(0x7f00000000c0)) 4.657847915s ago: executing program 4: getpeername(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote}, 0x1c) dup3(r1, r0, 0x0) write$P9_RVERSION(r0, 0x0, 0x0) 4.595268229s ago: executing program 2: r0 = socket$unix(0x1, 0x1, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0x5451, 0x0) ioctl$AUTOFS_IOC_EXPIRE(r0, 0x5450, 0x0) 4.484758175s ago: executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f00000006c0)={@val, @void, @eth={@broadcast, @random="91d6e8bc19e3", @void, {@ipv4={0x800, @udp={{0x7, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x2000, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private}, {0x0, 0x0, 0x8}}}}}}, 0x2e) 4.135486419s ago: executing program 2: socket$nl_route(0x10, 0x3, 0x0) socketpair(0x0, 0xa, 0x3ff, 0x0) socket(0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) openat$vim2m(0xffffff9c, 0x0, 0x2, 0x0) r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f00000000c0)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) ioctl$EVIOCGPROP(0xffffffffffffffff, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCSFLAGS1(0xffffffffffffffff, 0x4004743a, &(0x7f0000000300)) ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000001f00)) sendmmsg(r0, &(0x7f0000001cc0)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000540)="86a8", 0x2}, {0x0}], 0x2}}], 0x1, 0x0) 4.095251575s ago: executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000009c0)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) pipe2$9p(&(0x7f00000008c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RLCREATE(r3, &(0x7f0000000900)={0x18, 0xf, 0x2, {{0x0, 0x2}, 0x6}}, 0x18) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000080)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x1}}, {@usrquota}]}, 0x1, 0x4f0, &(0x7f00000003c0)="$eJzs3c9vG1kdAPDvOL+cbHaTXfYACNiyLBRU1UncNqp6gHJCCFVC9AhSGxI3imLHUeyUJvSQ/g9IVOIER/4Azj1x54LgxqUckPgRgZpKHLya8SR1k7hJmzaO4s9HGs28N2N/36s778VfJ34B9K0LEbEVEcMRcTciJvL6JN/iZntLr3u2/XB+Z/vhfBKt1u1/J9n5tC46HpN6L3/OYkT85AcRP08Oxm1sbC7PVauVtbw81aytTjU2Ni8v1eYWK4uVlXJ5dmZ2+vqVa+W31tdPasP50Vef/mnrO79MmzWe13T2421qd31oL05qMCJ+9C6C9cBA3p/hXjeEN1KIiI8i4tPs/p+IgezVBADOs1ZrIloTnWUA4LwrZDmwpFDKcwHjUSiUSu0c3scxVqjWG81L9+rrKwvtXNlkDBXuLVUr03mucDKGkrQ8kx2/KJf3la9ExIcR8auR0axcmq9XF3r5gw8A9LH39s3//xtpz/8AwDlX3F8x0pt2AACn58D8DwCce+Z/AOg/5n8A6D/mfwDoP+Z/AOg/5n8A6Cs/vnUr3Vo7+fdfL9zfWF+u37+8UGksl2rr86X5+tpqabFeX8y+s6d21PNV6/XVmaux/mDyu6uN5lRjY/NOrb6+0ryTfa/3ncrQqfQKAHiVDz958tckIrZujGZbdKzlYK6G863Q6wYAPTPQ6wYAPWO1L+hfJ3iPLz0A58QhS/S+pBgRo/srW61W6+WaA5cAZ9fFL8n/Q7/qyP/7LWDoM/L/0L/k/6F/tVrJcdf8j+NeCACcbXL8QJfP/z/K97/PPxz42cL+Kx6/y1YBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA2ba7/m8pXwt8PAqFUini/YiYjKHk3lK1Mh0RH0TEX0aGRtLyTI/bDACcVOEfSb7+18WJz8b3nx1Ono9k+4j4xW9u//rBXLO59ue0/j979c3HeX25F+0HAI6yO09n+4438s+2H87vbqfZnn9+PyKK7fg728Oxsxd/MAazfTGGImLsv0lebks6chcnsfUoIr54WP+TGM9yIO2VT/fHT2O/f6rxCy/FL2Tn2vv03+ILrxPUos+QeZKOPzcPu/8KcSHbH37/F7MR6uTy8S99qvmdbAx8EX93/BvoMv5dOG6Mq3/8Yfto9OC5RxFfHozYjb3TMf7sxk+6xP/smPH/9pWvfdrtXOu3ERfj8PidsaaatdWpxsbm5aXa3GJlsbJSLs/OzE5fv3KtPJXlqKe6zwb/unHpg27n0v6PdYlfPKL/3zxm/3/3/7s//for4n/7G4fFL8THr4ifDuHfOmb8ubE/FLudS+MvdOn/Ua//pWPGf/r3zQPLhgMAvdPY2Fyeq1Yraw4cnP2D9L/s0RcnPWnh904r1nC81qNarTeK1W3EeBtZN+As2LvpI+J5rxsDAAAAAAAAAAAAAAAc6jT+YqnXfQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD8+jwAAP//rCPR4g==") r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000200), 0xfea7) r6 = socket$xdp(0x2c, 0x3, 0x0) mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x11, r6, 0x0) copy_file_range(r5, &(0x7f00000001c0), r4, 0x0, 0xffffffffa003e45c, 0x700000000000000) openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x5a042, 0x20) socket$nl_netfilter(0x10, 0x3, 0xc) socket$alg(0x26, 0x5, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001640)=ANY=[@ANYBLOB="c435deb82600003900100028bd7000fddbdf250d000000090086006c626c630000f3ff08002600ac1414bb08", @ANYRES32, @ANYBLOB="08004600ac1414bb8300158008003e00ac1414aa04003d0014005500000000000000000000000000000000008e9291dd34ce355b56f919ba58a96c97ff1fe323fc1ed2f15c0555beae1bb191005d97ff627f2184f305b3a2a843d25a479cc3ae1998b926d09a6e26df9ad85c3aae0a54107544b1cd81c19dd1415167946aaa688afad5770141ea69a5be2e007f021e8008000b00", @ANYRES32=0xee01, @ANYBLOB="ed24aa67cc394a87fb1fb707459891d760dd1cec05dc545295f12bb87ad0a352344164314e37356a76de58674d276762dbf4fa600ac678a013d02f44f7b308074e77ffabf854c22b16b752ab0552625300838b6120500b32513da7f3734cd4f2c7626f4867b2b3ab993998f03d3e20ae8c23ca8f09adf6cd2bbbe0b5c1232cc1e204a2004b85fdf84ad0c23838e79a67252218ac338d8ff9a3b69986692ec6bb9f840a15b6e0992da2ed767ac23c08f4cb87fe3ac70c06d7218064f9f74dfe5aa91a2d20c8899457724db7f9860f44f5f88403b0163e76de2095f538b9080d8afc4559d95686331b917ada8b70204b98eaa1e9080039007b6c000008006c00", @ANYRES32, @ANYBLOB="18dc63e8da2d8115f30854b09ae851f9ea91f620e0f93bc9f3c94df5d1b81386651b5a694f0c4fa3de9a6c6be94417d0c86503a15483941a2bf586aac20c51f3e0eb7019eaa002d9ab0a9ad6a0eaccbc941e0654f657bcf0bf7c78e2844b4d5a4157623d60c447fd5d387c7a6fcec701f4f3cd3db0d42b7ce104b360fc9e2aafe90e3302675d71a412c5589f6f21fa5ed83b7a6c8f418246a2117ba4064317e0fa070000006f0a9df5b5991a8dec8e8fb45d92a0c2a4032a6704192ff67ae3bcb602b0b700df48d6badd7a504e7d1d6b6fe7e3761fb4d85cb527df7c594bae9704a2e5ac92d7728bd29f6d1ddda69d3a21ff72d26aee506db8905784f7d8089a89224238a6401916ec6d13dc4e97c65af94585d3ad460e506427568df44a3f1a3fa77f00c1f1102d049d87df65458ed1555a175d26fffd3598c28b32789e6264a1e247ce2d467b8f792dfbe665400da5e2c35839797d3979c8bceedf875eec6b9115853764c2588837bbed3ef6b20800090070771eaf4f87d60487bc60ada850682e6b574d4db732b2307fa62c4983694f5b147c7b0bcff7806d8df3111ec312e30d0d22e029176a8a1dd215ae9fcb05ad05890dc7d16afe1b3a2205cd7ee283ab41c87567073e17f32f6b444fea138121fde9804b95723b83e3af2dd71eb0f4f5bec3c121c782c98eb1bd9095b18f7de274d85e30aeeb94a06790d73b4aa532fd3353fd9b8c9a79047868ec61938a39abe5682fb089c737fc5d58a335e8fbe7bf00462c3f887e4d46fbb0ce867ba6", @ANYRES32, @ANYBLOB="007a231180a7f8bb050c02f18c03ea92bf4487ae7dd663020093e36ecf514aa91259e356baefb0199232287abe1d97c1bf45a2c784e5dc0c81884d817865265628e61dd1f6c569b9af4d807939172f7022039c68fbb0aafa688b990fa61d072371c664876e018f313144d3230d9aaf94c76bf51b186ea940f920f33764e59e6b123a71b217a0922ee0958fef9fc7295be16697dfffae04d1d8661bc8e500165def249ce7cea0c64e5a38f9da4d6230799c8828c9dacd4a71cd7d69eae59df5d4f7e9c9cceb47ebce7d4ed9ddef22735da4ae11eb226912d94fdc359c615774fadeb0f73438f9d5bc8b00172e85a252c301aeb60400960062a5a54ca66b23248cd785f8de2fd3b0b349afe6f8720b77a3ec6c6b4e21841dc130bf95b2e9c2c5a80799d1d65c393e3afe73d48a8ab71fe2debe1c7d1f42893bd97b504f4f756b336407fd129ab3fb78cab64e773063484b12d68075417bc0094a6a8a85f891edc0189e15cda89e4efcd11b6de3422daa8f652de1f9e2aaa82206d29ae2983a8e4ca2844230ec96d35794df97956f38768206d632b414fd6a1decb44e86cfa141b63d3d6b7de79566a5683307cbd14dd934d0e7b966ce6614ee49e49fe7573b5255862c7ce1a1d486d00e10b5f51af7060ee07180fda8b27d63585f22897baab2bc9c516ca5417453387d3b8bc2083eb3a6f04ae0f20b1abebef684462fcf0008a693f42b16dfd7f33b45ec7379ece6b39db9d26b5d1f3c799377a1e85f75ba853f60db4bf2ad0eefafd7b5f6fa74424bfd64f4d8c8883f92a0deb21b3d484ed173a286c6402e3dd05dbf1ae2d21f58b9d6004db0260041abb67ed6b84004334eda0b565d2ef217dfc30add4ef95449dc97d372816c87974f678f0444e7a260c56b4faad0a97dc886b4a48f201b5bfe61e57589a21427b2ff8d06e15f11cf8768e6a509739bb0c5a86586784e5d2ceda8642703a2f2ebe92597d7ad072ad86bfc6dfb3cdcd57e3c0f55e869d8d64b3cd9bd68c09e2ef84266b5b1a3a0a595e12062f0460860fd57b74f3bbe7aeb6f7cc110abc0ee5374e23ba193b535660f6a6f2d437873a9cdd864308b73ed30146df5dd9d7dbef70227c2c2b894c550690e59104168e45780894f52e254d785c1cc2f801d11d2802ba6e4ac3ad8cc258016950ffe13ab64b5f1dbff89e7831e10561f3b6c40c73acfc9a075020cc04df543e4905bf82cdffab1f5f46665ce2b4b7cd63a4676a47fb30fd90f829f9038bb1af1e330a548dda5c6d14ddb638ece9fc142a32a6c28f0eb0603602ff4df6f91c631c5ec729b3cc7222bc9435459907417d37abd257fb41670cff3d010fd47ef1aaec1033dd04a913ae5f7b34590495882fb619bdd35bf7f275e1628824c7110da897c42abf18ac4cc99fb9449380fdd0b64263822fb1d5e6775a4048a444a8db132ff4e173ed5e9da88a3d59b8006b3e99f4014fdde410fe2c7ae152a5b456c66c37c091a5e5fcc88f8d0d26e89df47701d3981c2668d09feeca7b205dd53307488ccd189b614f57edf61e7c69ad56333bd8559de05b67f74afd183cf17521f19fcb22f9757a711c304e6627686ac33a8e19e63c7564b1c73446d964ec543e5d0bb36169269528ea3beb0c57999047b071756d8096dd11d3867b000f7a1d71c7135e52af0ac572ebb64c27a12c6fec74a9d31129c999c7e72d9a99ffb955dc3c2f1ded11b5371ccf533d9d11e0a5290ccb1813385a958e1e0a174fbf72d32a91dee4a0b6c86b38706db02a5489ea76f71bffe05e4c0183cc4599fdcf45a079746f20930abbdace206cdfb1c52e7713736165a02f00929be0e725f51dcc65872af569b7cf1d25d7e1f38af18ee01a78145242c3ca74957a1333daa7373131fc168d20d808a2263e4c04d28662cf04dcff184348cbfdd2bf7302073171d2caa40d26100fecd88d38fe3a43a4570002bc015f69a30ed8f59cfd485bd7a28c6f0ba8db92307471ed7d56bc527c16dd486101550d947e81294f8724ff989929e191b10161569846d23c3f837f0988316b12d3caca126f12b7c20cf3167cf3a60bc42abdbf92a3e7b934e73673f0f6e27e0d999fd3754769b0781a504b6796157c56c82afe2267c634f1fb32d7dd88ac5ccf4ecc118b6345c71b98a660bf785b82f6ea037ab71a021873b678d9cf43584cf1f6ac1af2eaf60d41cb2fa9e0c1999d78be5f71997d33b9b63a40525a5e2251edb6d11f179b2b05284dc356031645f11810ac166d72d320d233b2ed1f4ac82f12a268e0b307ca780cb596451b2ab777efe02f0d24bca95c6067fd4f50e9823df93e01376fddc0e97b55692ba65a1b66c928391ffb48e4d5be1c8a4582b04080e60d8c73be56dd427d5c113772c9fc004fb99e12263fefd0813d8d437bf2367014dd89670f46f3bed9772cabbc0afd536ca29efdc387d993d3f25b593dd55e6946524493ec0808a970693e1fd8ed4b20cb095d013cabdc829ab3f56ca2f1366d2cd83d888eb944e808786642d757962e23e29d1eb09638b"], 0x26b8}}, 0x0) r7 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r7, &(0x7f00000001c0)="c2", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c) shutdown(r7, 0x1) getsockopt$bt_hci(r7, 0x84, 0x80, &(0x7f0000003140)=""/4094, &(0x7f0000000e00)=0xffe) ftruncate(0xffffffffffffffff, 0x3) memfd_create(&(0x7f0000000000)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xae\xebA;Y\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2W\xc72\xea\xb7Wp\xc36\x96\xffZ\\A@\x00\x00\x00\xc9\xf3Y\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{u[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v\x1d*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5M\x9a\x9dc\xaaAU\xec\xe06\xed\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262\x00\x00\x00\x00\x00\x00\x00\x00Nz\x0eu\x8f\x01\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x10\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[\x00\x00\x00Q\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9fG\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\x94\xf3\xcc\x8d\xbb3\\\"\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82?S>\x0fP\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xe8\x89\xc4s\xb7\x14~}\xaa\x8c\xc3\x95BAE\xf2.\x8f#;a\x94\"\xd1U\xff\xe8v\xd3\x84d\xf4\x134\xa6XI\xe5h\xaa\x15\x9a\xf7Z\xe3%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x06\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9q\x12\xe3\x1a\xdc\xb7\x12\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\x10W\xbd\xa60A\xc3\x03\xfa\x890\x86#\bQ\xcb)\x00]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1\t\x00\x00\x00 \xc1\xaf\x19?\x00\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xe29\xc3}\xb9P\xd5F\xc6\x12\x8c_x\xa8\xfa\xb5K\x03\x85\x93k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x1b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\xe7]6+\\\x00\x00\x00\x00?#C.\x1dj\xd9\xc3\xdd&\x80g:N\xec\x06[\x8f\x92\xe2\xb01\xb0\xef\x10,\xde\xf3\x86D\x8b\xf7\xf1>AH\xef\\\xf9\x8b\a\xe0\xb2\xcb\xf0\x97\b\r\xd5`\xb9\xd6\xa4\x1e\xbe\x12-}\xc5\x84\xde@\x18\x87\f\x01O\xedS\x8f\x9en,\xbce\xb2\xe4\x82v\x1c\xed\x84-s\xab\x06b\x9c\xba\xec\xa5\xc9A\x84\xd0\xe0 S\xc8\xa2\xaf\x85\v\xad\xa5\x88\xcf\xb6}`\x14\'\xea\xbfN\xac)\xa1\xe8\xb2\x9f\x112TJ\x16\x8c9\xe9\xf5\x18\x15Dd\x8a%>\x91\x93\x88\xe9\x18\x82]\x9e&\xfa\xaa\xfa8Z2\x00'/1301, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_GET(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="d40000000109010400000000"], 0xd4}}, 0x0) 3.824597743s ago: executing program 3: fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$TIOCGWINSZ(r0, 0x8927, &(0x7f0000000140)) 3.197209322s ago: executing program 2: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) fstat(r0, &(0x7f00000022c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r1, 0xffffffffffffffff) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) 2.832264843s ago: executing program 1: sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYRES16, @ANYBLOB="01"], 0x1c}}, 0x0) syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="040e041e0b20"], 0x7) 2.604592847s ago: executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) r6 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) write$tcp_congestion(r6, &(0x7f0000000100)='reno\x00', 0x5) write$binfmt_misc(r4, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r3, 0x0, r5, 0x0, 0x4ffe6, 0x0) 2.56341162s ago: executing program 3: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) arch_prctl$ARCH_GET_GS(0x1004, 0x0) 2.372135852s ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x13, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x19}]}, &(0x7f0000000100)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000040), &(0x7f0000000180)}, 0x20) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) close(r3) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10) r7 = syz_open_procfs(0x0, &(0x7f0000000200)='map_files\x00') r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='oom_score_adj\x00') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6}]}) ioctl$F2FS_IOC_GET_PIN_FILE(0xffffffffffffffff, 0x8004f50e, 0x0) pread64(r8, 0x0, 0x0, 0x0) getdents(r7, &(0x7f0000000380)=""/24, 0x18) getdents64(r7, 0xffffffffffffffff, 0x43) socket$nl_rdma(0x10, 0x3, 0x14) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000bc0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r9, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000ac0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000000000001500000020002b8008000100030000000c0005000000000000000000050002000000000008000300", @ANYRES32=r11], 0x44}}, 0x0) 1.125308101s ago: executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_emit_ethernet(0x36, 0x0, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r2 = userfaultfd(0x1) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)) r3 = io_uring_setup(0x3eae, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000080)={&(0x7f0000c15000/0x1000)=nil, &(0x7f0000508000/0x4000)=nil, 0x1000}) 0s ago: executing program 1: openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1, 0x5}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101, 0x7}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) ftruncate(r2, 0xf2d) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r4 = dup(r2) ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000002100)={{0x3, 0x1, 0x6, 0x0, 0x7fffffff}}) sendfile(r3, r4, 0x0, 0xe0000000) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x3, &(0x7f0000000080)=[{0x87}, {0x3c}, {0x6}]}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r5, 0x0) socket$alg(0x26, 0x5, 0x0) r6 = dup(r1) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r8 = socket$nl_route(0x10, 0x3, 0x0) r9 = socket$netlink(0x10, 0x3, 0x0) r10 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0) getsockname$packet(r10, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r11, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x24, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xfff1, 0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@delchain={0x24, 0x2a, 0x7d1cdc3e828018e9, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0x0, 0xffff}}}, 0x24}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KDFONTOP_GET(r5, 0x4b72, &(0x7f00000000c0)={0x1, 0x1, 0x0, 0xf, 0x1de, &(0x7f00000003c0)}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.2' (ED25519) to the list of known hosts. 2024/06/12 17:43:00 fuzzer started 2024/06/12 17:43:01 dialing manager at 10.128.0.169:30026 [ 163.448886][ T5045] cgroup: Unknown subsys name 'net' [ 163.707132][ T5045] cgroup: Unknown subsys name 'rlimit' 2024/06/12 17:43:49 starting 5 executor processes [ 209.844018][ T5046] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 212.104837][ T5074] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 212.133971][ T5074] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 212.145593][ T5074] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 212.186487][ T50] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 212.197640][ T50] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 212.207149][ T50] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 212.217320][ T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 212.231791][ T50] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 212.242702][ T50] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 212.253468][ T50] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 212.263371][ T50] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 212.276736][ T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 212.394395][ T4430] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 212.412131][ T5074] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 212.420295][ T5079] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 212.429727][ T5074] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 212.454240][ T5079] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 212.464836][ T5079] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 212.474383][ T5078] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 212.487544][ T5079] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 212.496449][ T5079] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 212.497438][ T5078] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 212.516364][ T5078] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 212.527310][ T5078] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 212.577645][ T5078] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 212.828497][ T5078] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 212.838401][ T5078] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 212.853217][ T5078] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 212.864557][ T5078] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 212.873932][ T5078] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 213.704854][ T5072] chnl_net:caif_netlink_parms(): no params data found [ 213.725959][ T5075] chnl_net:caif_netlink_parms(): no params data found [ 214.374352][ T50] Bluetooth: hci0: command tx timeout [ 214.406621][ T5084] chnl_net:caif_netlink_parms(): no params data found [ 214.468116][ T50] Bluetooth: hci1: command tx timeout [ 214.611288][ T50] Bluetooth: hci2: command tx timeout [ 214.662184][ T5082] chnl_net:caif_netlink_parms(): no params data found [ 214.685977][ T5081] chnl_net:caif_netlink_parms(): no params data found [ 214.884096][ T50] Bluetooth: hci3: command tx timeout [ 215.011525][ T50] Bluetooth: hci4: command tx timeout [ 215.157275][ T5075] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.165973][ T5075] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.173948][ T5075] bridge_slave_0: entered allmulticast mode [ 215.183363][ T5075] bridge_slave_0: entered promiscuous mode [ 215.392666][ T5075] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.400560][ T5075] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.410091][ T5075] bridge_slave_1: entered allmulticast mode [ 215.419469][ T5075] bridge_slave_1: entered promiscuous mode [ 215.434849][ T5084] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.445307][ T5084] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.453313][ T5084] bridge_slave_0: entered allmulticast mode [ 215.462621][ T5084] bridge_slave_0: entered promiscuous mode [ 215.523296][ T5084] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.532599][ T5084] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.540312][ T5084] bridge_slave_1: entered allmulticast mode [ 215.549601][ T5084] bridge_slave_1: entered promiscuous mode [ 215.560157][ T5072] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.568007][ T5072] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.576036][ T5072] bridge_slave_0: entered allmulticast mode [ 215.584191][ T5072] bridge_slave_0: entered promiscuous mode [ 215.690228][ T5075] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 215.757315][ T5072] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.767989][ T5072] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.775992][ T5072] bridge_slave_1: entered allmulticast mode [ 215.785139][ T5072] bridge_slave_1: entered promiscuous mode [ 215.840450][ T5075] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 216.010025][ T5084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 216.057344][ T5082] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.065359][ T5082] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.073204][ T5082] bridge_slave_0: entered allmulticast mode [ 216.083054][ T5082] bridge_slave_0: entered promiscuous mode [ 216.163946][ T5084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 216.173914][ T5081] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.181792][ T5081] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.189515][ T5081] bridge_slave_0: entered allmulticast mode [ 216.198726][ T5081] bridge_slave_0: entered promiscuous mode [ 216.220394][ T5072] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 216.230375][ T5081] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.241096][ T5081] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.248936][ T5081] bridge_slave_1: entered allmulticast mode [ 216.258182][ T5081] bridge_slave_1: entered promiscuous mode [ 216.267650][ T5082] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.275583][ T5082] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.283482][ T5082] bridge_slave_1: entered allmulticast mode [ 216.292436][ T5082] bridge_slave_1: entered promiscuous mode [ 216.310195][ T5075] team0: Port device team_slave_0 added [ 216.454609][ T5072] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 216.464670][ T50] Bluetooth: hci0: command tx timeout [ 216.541281][ T50] Bluetooth: hci1: command tx timeout [ 216.546188][ T5075] team0: Port device team_slave_1 added [ 216.701352][ T50] Bluetooth: hci2: command tx timeout [ 216.752231][ T5084] team0: Port device team_slave_0 added [ 216.761947][ T5075] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 216.769114][ T5075] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 216.795508][ T5075] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 216.853985][ T5081] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 216.873940][ T5082] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 216.891961][ T5084] team0: Port device team_slave_1 added [ 216.901813][ T5075] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 216.908950][ T5075] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 216.935714][ T5075] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 216.944149][ T50] Bluetooth: hci3: command tx timeout [ 216.955542][ T5072] team0: Port device team_slave_0 added [ 216.986428][ T5081] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 217.005203][ T5082] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 217.084442][ T5072] team0: Port device team_slave_1 added [ 217.098291][ T50] Bluetooth: hci4: command tx timeout [ 217.197068][ T5084] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 217.204355][ T5084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.231997][ T5084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 217.388359][ T5084] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 217.396333][ T5084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.424435][ T5084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 217.438949][ T5072] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 217.446355][ T5072] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.472786][ T5072] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 217.513021][ T5081] team0: Port device team_slave_0 added [ 217.547542][ T5082] team0: Port device team_slave_0 added [ 217.591972][ T5072] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 217.599134][ T5072] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.626583][ T5072] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 217.667198][ T5081] team0: Port device team_slave_1 added [ 217.683124][ T5082] team0: Port device team_slave_1 added [ 217.733909][ T5075] hsr_slave_0: entered promiscuous mode [ 217.743902][ T5075] hsr_slave_1: entered promiscuous mode [ 217.988298][ T5084] hsr_slave_0: entered promiscuous mode [ 217.999532][ T5084] hsr_slave_1: entered promiscuous mode [ 218.009815][ T5084] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 218.017939][ T5084] Cannot create hsr debugfs directory [ 218.082662][ T5081] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 218.089827][ T5081] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.116249][ T5081] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 218.133699][ T5082] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 218.140963][ T5082] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.175363][ T5082] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 218.235626][ T5081] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 218.242904][ T5081] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.269228][ T5081] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 218.318448][ T5082] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 218.327135][ T5082] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.354795][ T5082] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 218.377000][ T5072] hsr_slave_0: entered promiscuous mode [ 218.387219][ T5072] hsr_slave_1: entered promiscuous mode [ 218.395807][ T5072] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 218.403718][ T5072] Cannot create hsr debugfs directory [ 218.541673][ T50] Bluetooth: hci0: command tx timeout [ 218.611731][ T50] Bluetooth: hci1: command tx timeout [ 218.784586][ T50] Bluetooth: hci2: command tx timeout [ 218.997566][ T5081] hsr_slave_0: entered promiscuous mode [ 219.007808][ T5081] hsr_slave_1: entered promiscuous mode [ 219.020634][ T5081] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 219.021350][ T50] Bluetooth: hci3: command tx timeout [ 219.028525][ T5081] Cannot create hsr debugfs directory [ 219.079810][ T5082] hsr_slave_0: entered promiscuous mode [ 219.089164][ T5082] hsr_slave_1: entered promiscuous mode [ 219.111656][ T1217] ieee802154 phy0 wpan0: encryption failed: -22 [ 219.118342][ T1217] ieee802154 phy1 wpan1: encryption failed: -22 [ 219.129918][ T5082] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 219.137823][ T5082] Cannot create hsr debugfs directory [ 219.172662][ T50] Bluetooth: hci4: command tx timeout [ 219.736451][ T5075] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 219.840095][ T5075] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 219.914164][ T5084] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 219.956478][ T5075] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 220.007431][ T5084] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 220.079826][ T5075] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 220.117936][ T5084] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 220.294161][ T5084] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 220.328347][ T5072] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 220.365977][ T5072] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 220.476705][ T5072] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 220.516401][ T5072] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 220.611642][ T50] Bluetooth: hci0: command tx timeout [ 220.670004][ T5081] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 220.691567][ T50] Bluetooth: hci1: command tx timeout [ 220.727533][ T5081] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 220.798605][ T5081] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 220.860265][ T50] Bluetooth: hci2: command tx timeout [ 220.877180][ T5081] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 221.088394][ T5082] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 221.093142][ T50] Bluetooth: hci3: command tx timeout [ 221.124530][ T5082] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 221.149915][ T5082] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 221.199757][ T5082] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 221.257854][ T50] Bluetooth: hci4: command tx timeout [ 221.663063][ T5084] 8021q: adding VLAN 0 to HW filter on device bond0 [ 221.750635][ T5075] 8021q: adding VLAN 0 to HW filter on device bond0 [ 221.895133][ T5084] 8021q: adding VLAN 0 to HW filter on device team0 [ 221.955166][ T5075] 8021q: adding VLAN 0 to HW filter on device team0 [ 222.002880][ T5132] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.010599][ T5132] bridge0: port 1(bridge_slave_0) entered forwarding state [ 222.127937][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.135831][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 222.152925][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.160684][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 222.295291][ T778] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.303121][ T778] bridge0: port 2(bridge_slave_1) entered forwarding state [ 222.554256][ T5081] 8021q: adding VLAN 0 to HW filter on device bond0 [ 222.683432][ T5072] 8021q: adding VLAN 0 to HW filter on device bond0 [ 222.905905][ T5081] 8021q: adding VLAN 0 to HW filter on device team0 [ 222.966222][ T5072] 8021q: adding VLAN 0 to HW filter on device team0 [ 223.025590][ T5133] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.033438][ T5133] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.170265][ T5133] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.178183][ T5133] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.282271][ T5082] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.299013][ T5133] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.307002][ T5133] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.323753][ T5133] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.332144][ T5133] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.500349][ T5082] 8021q: adding VLAN 0 to HW filter on device team0 [ 223.767842][ T5133] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.775681][ T5133] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.856819][ T5072] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 223.932602][ T5133] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.940317][ T5133] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.950108][ T5084] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 224.979401][ T5075] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 225.706874][ T5084] veth0_vlan: entered promiscuous mode [ 225.860465][ T5084] veth1_vlan: entered promiscuous mode [ 226.024882][ T5072] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 226.122983][ T5081] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 226.340093][ T5082] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 226.382344][ T5084] veth0_macvtap: entered promiscuous mode [ 226.474128][ T5084] veth1_macvtap: entered promiscuous mode [ 226.784072][ T5081] veth0_vlan: entered promiscuous mode [ 226.806095][ T5084] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 226.878987][ T5072] veth0_vlan: entered promiscuous mode [ 226.903705][ T5081] veth1_vlan: entered promiscuous mode [ 226.991496][ T5084] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 227.036998][ T5072] veth1_vlan: entered promiscuous mode [ 227.071433][ T5084] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.080490][ T5084] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.089733][ T5084] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.101791][ T5084] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.236099][ T5082] veth0_vlan: entered promiscuous mode [ 227.424618][ T5072] veth0_macvtap: entered promiscuous mode [ 227.454306][ T5082] veth1_vlan: entered promiscuous mode [ 227.510764][ T5081] veth0_macvtap: entered promiscuous mode [ 227.539367][ T5072] veth1_macvtap: entered promiscuous mode [ 227.583931][ T5081] veth1_macvtap: entered promiscuous mode [ 227.870424][ T5072] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 227.882254][ T5072] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 227.897400][ T5072] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 227.921797][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 227.932588][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 227.942791][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 227.953515][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 227.968733][ T5081] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 228.042440][ T5072] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.053324][ T5072] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.068595][ T5072] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 228.126385][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.137253][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.147478][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.158303][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.173700][ T5081] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 228.204468][ T5075] veth0_vlan: entered promiscuous mode [ 228.253935][ T5072] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.265465][ T5072] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.274891][ T5072] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.284019][ T5072] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.349131][ T5082] veth0_macvtap: entered promiscuous mode [ 228.403567][ T5081] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.412829][ T5081] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.422136][ T5081] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.431429][ T5081] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.479632][ T5082] veth1_macvtap: entered promiscuous mode [ 228.558751][ T5075] veth1_vlan: entered promiscuous mode [ 228.689422][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.700265][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.710448][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.721215][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.731488][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.742214][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.757609][ T5082] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 228.938159][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.950810][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.961261][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.972193][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.982336][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.993183][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.008550][ T5082] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 229.156068][ T5075] veth0_macvtap: entered promiscuous mode [ 229.240828][ T5075] veth1_macvtap: entered promiscuous mode [ 229.263134][ T5082] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.272358][ T5082] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.281627][ T5082] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.290672][ T5082] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.564983][ T5075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 229.577089][ T5075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.587342][ T5075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 229.598123][ T5075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.608270][ T5075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 229.619098][ T5075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.629228][ T5075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 229.640088][ T5075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.655903][ T5075] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 229.867205][ T5075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 229.878105][ T5075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.888393][ T5075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 229.899168][ T5075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.909410][ T5075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 229.920540][ T5075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.930783][ T5075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 229.942507][ T5075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.957703][ T5075] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 230.262745][ T5075] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.272032][ T5075] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.281229][ T5075] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.290275][ T5075] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.302861][ T3282] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.310958][ T3282] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 234.543666][ T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.552199][ T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.232825][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.242383][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.487532][ T1082] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.497062][ T1082] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.616661][ T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.625467][ T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.719600][ T3282] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.727993][ T3282] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.151874][ T5139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.159950][ T5139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.410818][ T3505] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.421835][ T3505] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 237.162538][ T950] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 237.170615][ T950] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 237.490703][ T950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 237.500737][ T950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 241.440562][ C0] net_ratelimit: 44 callbacks suppressed [ 241.440636][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 249.770928][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 255.033413][ T5396] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 255.290723][ T29] audit: type=1326 audit(1718214274.414:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5395 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c8579 code=0x0 [ 255.530369][ T5398] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 262.338335][ T29] audit: type=1326 audit(1718214281.314:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5433 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0 [ 262.515172][ T5438] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 263.902900][ T5443] loop4: detected capacity change from 0 to 1024 [ 264.326763][ T3282] hfsplus: b-tree write err: -5, ino 4 [ 266.181407][ T29] audit: type=1326 audit(1718214285.264:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5467 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 268.467497][ T5488] loop0: detected capacity change from 0 to 1024 [ 269.011876][ T3367] hfsplus: b-tree write err: -5, ino 4 [ 271.379820][ T29] audit: type=1326 audit(1718214290.474:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5504 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 271.484478][ T5509] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 272.645807][ T5524] loop2: detected capacity change from 0 to 1024 [ 273.158299][ T1082] hfsplus: b-tree write err: -5, ino 4 [ 275.282519][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 277.542871][ T29] audit: type=1326 audit(1718214296.594:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 277.690262][ T5551] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 278.964268][ T5565] loop4: detected capacity change from 0 to 1024 [ 279.586491][ T1082] hfsplus: b-tree write err: -5, ino 4 [ 280.574081][ T1217] ieee802154 phy0 wpan0: encryption failed: -22 [ 280.580781][ T1217] ieee802154 phy1 wpan1: encryption failed: -22 [ 281.199831][ T29] audit: type=1326 audit(1718214300.274:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5585 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 281.305600][ T5589] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 283.203979][ T5595] Zero length message leads to an empty skb [ 285.087720][ T5604] loop0: detected capacity change from 0 to 1024 [ 285.372944][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 285.655061][ T950] hfsplus: b-tree write err: -5, ino 4 [ 286.824041][ T29] audit: type=1326 audit(1718214305.904:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5617 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 286.925310][ T5620] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 287.468344][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 289.127539][ T5641] loop3: detected capacity change from 0 to 1024 [ 289.661973][ T3505] hfsplus: b-tree write err: -5, ino 4 [ 290.519360][ T5666] binder: 5665:5666 ioctl 8901 20000040 returned -22 [ 291.252306][ T29] audit: type=1326 audit(1718214310.344:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5667 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0 [ 291.957366][ T5677] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 293.340892][ T5697] loop2: detected capacity change from 0 to 256 [ 293.475513][ T5697] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xfff32d8b, utbl_chksum : 0xe619d30d) [ 293.780028][ T5699] loop4: detected capacity change from 0 to 1024 [ 294.823996][ T29] audit: type=1326 audit(1718214313.894:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5706 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 294.961390][ T5712] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 296.342958][ T29] audit: type=1326 audit(1718214315.454:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5726 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 296.473451][ T5731] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 297.129789][ T5735] IPVS: Scheduler module ip_vs_sip not found [ 298.240145][ T5746] loop1: detected capacity change from 0 to 128 [ 298.293006][ T5746] ======================================================= [ 298.293006][ T5746] WARNING: The mand mount option has been deprecated and [ 298.293006][ T5746] and is ignored by this kernel. Remove the mand [ 298.293006][ T5746] option from the mount to silence this warning. [ 298.293006][ T5746] ======================================================= [ 298.421399][ T5746] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 298.476598][ T5746] UDF-fs: warning (device loop1): udf_fill_super: No partition found (2) [ 298.586190][ T5520] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 298.654322][ T8] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 299.094488][ T8] usb 3-1: config index 0 descriptor too short (expected 68, got 36) [ 299.103197][ T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 299.114724][ T8] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 299.128274][ T8] usb 3-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00 [ 299.147031][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.264514][ T8] usb 3-1: config 0 descriptor?? [ 299.399643][ T8] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 299.553786][ T50] Bluetooth: hci0: Unknown advertising packet type: 0x70 [ 299.553944][ T50] Bluetooth: hci0: Malformed LE Event: 0x0d [ 299.560687][ T8] usb 3-1: USB disconnect, device number 2 [ 300.807569][ T5760] loop4: detected capacity change from 0 to 764 [ 300.894948][ T5760] rock: directory entry would overflow storage [ 300.901772][ T5760] rock: sig=0x4654, size=5, remaining=4 [ 300.926714][ T29] audit: type=1326 audit(1718214319.984:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5762 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 301.195379][ T5766] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 302.115595][ T29] audit: type=1800 audit(1718214321.214:13): pid=5776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=1966 res=0 errno=0 [ 302.510037][ T5779] loop4: detected capacity change from 0 to 256 [ 302.716941][ T5776] loop0: detected capacity change from 0 to 4096 [ 302.811936][ T5776] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 303.295519][ T5783] loop2: detected capacity change from 0 to 8 [ 303.388167][ T5776] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 303.768916][ T5788] loop3: detected capacity change from 0 to 512 [ 303.944587][ T5788] EXT4-fs warning (device loop3): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 303.959782][ T5788] EXT4-fs warning (device loop3): dx_probe:880: Enable large directory feature to access it [ 303.971394][ T5788] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 304.141961][ T5788] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 304.181594][ T5788] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.3: corrupted in-inode xattr: invalid ea_ino [ 304.220824][ T5788] EXT4-fs (loop3): Remounting filesystem read-only [ 304.228865][ T5788] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 304.255361][ T5788] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 304.659465][ T5081] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 304.806978][ T8] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 304.995488][ T5238] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 305.204980][ T8] usb 3-1: config index 0 descriptor too short (expected 68, got 36) [ 305.213986][ T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 305.224630][ T8] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 305.238033][ T8] usb 3-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00 [ 305.247653][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 305.294071][ T8] usb 3-1: config 0 descriptor?? [ 305.423225][ T8] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 305.585755][ T29] audit: type=1326 audit(1718214324.664:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5802 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c8579 code=0x0 [ 305.664120][ T50] Bluetooth: hci0: Unknown advertising packet type: 0x70 [ 305.664273][ T50] Bluetooth: hci0: Malformed LE Event: 0x0d [ 305.671959][ T8] usb 3-1: USB disconnect, device number 3 [ 305.771493][ T5809] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 306.720538][ T29] audit: type=1800 audit(1718214325.784:15): pid=5821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=1953 res=0 errno=0 [ 307.192993][ T5828] pim6reg1: entered promiscuous mode [ 307.198809][ T5828] pim6reg1: entered allmulticast mode [ 307.403885][ T5821] loop3: detected capacity change from 0 to 4096 [ 307.457808][ T5821] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 307.793057][ T5821] ntfs3: loop3: Failed to initialize $Extend/$Reparse. [ 308.851520][ T5139] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 309.249990][ T5139] usb 3-1: config index 0 descriptor too short (expected 68, got 36) [ 309.259200][ T5139] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 309.269845][ T5139] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 309.289080][ T5139] usb 3-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00 [ 309.300463][ T5139] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 309.334044][ T5139] usb 3-1: config 0 descriptor?? [ 309.372449][ T29] audit: type=1326 audit(1718214328.364:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5848 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0 [ 309.396018][ T5139] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 309.550499][ T5854] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 309.681623][ T50] Bluetooth: hci0: Unknown advertising packet type: 0x70 [ 309.681963][ T50] Bluetooth: hci0: Malformed LE Event: 0x0d [ 309.691208][ T43] usb 3-1: USB disconnect, device number 4 [ 310.411390][ T29] audit: type=1800 audit(1718214329.474:17): pid=5870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="sda1" ino=1946 res=0 errno=0 [ 311.114083][ T5870] loop4: detected capacity change from 0 to 4096 [ 311.197086][ T5870] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 311.522596][ T5870] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 312.831545][ T29] audit: type=1326 audit(1718214331.904:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5895 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 312.979823][ T5898] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 313.417880][ T43] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 313.822054][ T43] usb 1-1: config index 0 descriptor too short (expected 68, got 36) [ 313.830660][ T43] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 313.842865][ T43] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 313.856256][ T43] usb 1-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00 [ 313.866017][ T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 313.954257][ T43] usb 1-1: config 0 descriptor?? [ 314.024889][ T43] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 314.285296][ T50] Bluetooth: hci3: Unknown advertising packet type: 0x70 [ 314.285452][ T50] Bluetooth: hci3: Malformed LE Event: 0x0d [ 314.291635][ T43] usb 1-1: USB disconnect, device number 2 [ 314.716111][ T5922] loop4: detected capacity change from 0 to 4096 [ 314.749428][ T5922] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 315.091411][ T5922] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 315.548379][ T5933] Illegal XDP return value 4294967294 on prog (id 42) dev N/A, expect packet loss! [ 316.479042][ T29] audit: type=1326 audit(1718214335.534:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5939 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c8579 code=0x0 [ 316.623925][ T5947] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 316.837816][ T5951] loop2: detected capacity change from 0 to 8 [ 317.166134][ T5953] loop0: detected capacity change from 0 to 2048 [ 317.338810][ T5953] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 317.414307][ T50] Bluetooth: hci3: unexpected cc 0x0402 length: 65 > 1 [ 318.563068][ T5961] loop3: detected capacity change from 0 to 4096 [ 318.609392][ T5961] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 318.938553][ T5973] dccp_invalid_packet: pskb_may_pull failed [ 318.963026][ T5967] loop0: detected capacity change from 0 to 4096 [ 319.003364][ T5961] ntfs3: loop3: Failed to initialize $Extend/$Reparse. [ 320.962793][ T5994] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 321.277465][ T5994] loop0: detected capacity change from 0 to 2048 [ 321.482562][ T6000] loop1: detected capacity change from 0 to 512 [ 321.492891][ T50] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 321.494924][ T5994] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 321.501660][ T50] Bluetooth: hci3: Injecting HCI hardware error event [ 321.545704][ T50] Bluetooth: hci3: hardware error 0x00 [ 321.716176][ T29] audit: type=1326 audit(1718214340.728:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0 [ 321.811554][ T29] audit: type=1326 audit(1718214340.888:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6002 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 322.021592][ T29] audit: type=1326 audit(1718214341.128:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6005 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 322.257514][ T6008] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 323.651805][ T50] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 324.017160][ T6020] loop2: detected capacity change from 0 to 4096 [ 324.145639][ T6020] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 324.366700][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 324.391469][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 324.483973][ T6020] ntfs3: loop2: Failed to initialize $Extend/$Reparse. [ 325.916947][ T6034] loop2: detected capacity change from 0 to 2048 [ 326.116016][ T6034] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 326.383038][ T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!! [ 326.438864][ T29] audit: type=1800 audit(1718214345.458:23): pid=6038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1965 res=0 errno=0 [ 326.460465][ T29] audit: type=1804 audit(1718214345.498:24): pid=6038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3274436581/syzkaller.2WLLUh/78/bus" dev="sda1" ino=1965 res=1 errno=0 [ 328.182015][ T6052] overlayfs: failed to resolve './file1': -2 [ 328.389565][ T29] audit: type=1326 audit(1718214347.458:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=20 compat=1 ip=0xf7470579 code=0x0 [ 328.612451][ T6050] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 330.682061][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 332.170167][ T6059] loop1: detected capacity change from 0 to 32768 [ 332.239001][ T6059] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (6059) [ 332.313182][ T6063] loop3: detected capacity change from 0 to 4096 [ 332.328562][ T6059] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 332.339500][ T6059] BTRFS info (device loop1): using sha256 (sha256-generic) checksum algorithm [ 332.344246][ T6063] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 332.350644][ T6059] BTRFS info (device loop1): using free-space-tree [ 332.463146][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR [ 332.464382][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR [ 332.474976][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR [ 332.485702][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR [ 332.495855][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR [ 332.505849][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 332.515938][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 332.529526][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 332.541284][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 332.551881][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 332.563080][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 332.573823][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 332.649714][ T6063] ntfs3: loop3: Failed to initialize $Extend/$Reparse. [ 332.861857][ T6059] BTRFS error (device loop1): open_ctree failed [ 333.322130][ T43] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 333.711557][ T43] usb 3-1: config index 0 descriptor too short (expected 68, got 36) [ 333.720070][ T43] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 333.730621][ T43] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 333.744144][ T43] usb 3-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00 [ 333.755957][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 333.843181][ T43] usb 3-1: config 0 descriptor?? [ 333.932709][ T43] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 334.103832][ T50] Bluetooth: hci0: Unknown advertising packet type: 0x70 [ 334.103979][ T50] Bluetooth: hci0: Malformed LE Event: 0x0d [ 334.121425][ T43] usb 3-1: USB disconnect, device number 5 [ 335.281892][ T29] audit: type=1326 audit(1718214354.338:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 335.412357][ T6096] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 335.528400][ T6098] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 336.188865][ T6104] loop4: detected capacity change from 0 to 4096 [ 336.260183][ T6104] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 336.339863][ T29] audit: type=1326 audit(1718214355.438:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6105 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 336.363012][ T29] audit: type=1326 audit(1718214355.468:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6107 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x7ffc0000 [ 336.386023][ T29] audit: type=1326 audit(1718214355.498:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6107 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x7ffc0000 [ 336.462171][ T29] audit: type=1326 audit(1718214355.558:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6107 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf7470579 code=0x7ffc0000 [ 336.486601][ T29] audit: type=1326 audit(1718214355.558:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6107 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x7ffc0000 [ 336.509546][ T29] audit: type=1326 audit(1718214355.558:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6107 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x7ffc0000 [ 336.522379][ T6109] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 336.737177][ T6104] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 337.236180][ T5127] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 337.451382][ T5127] usb 4-1: device descriptor read/64, error -71 [ 337.762813][ T5127] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 337.983326][ T5127] usb 4-1: device descriptor read/64, error -71 [ 338.133656][ T5127] usb usb4-port1: attempt power cycle [ 338.584143][ T29] audit: type=1326 audit(1718214357.718:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6135 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 338.606637][ T5127] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 338.653101][ T8] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 338.702290][ T5127] usb 4-1: device descriptor read/8, error -71 [ 338.703422][ T6142] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 338.841375][ T5139] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 338.932736][ T6115] Bluetooth: hci0: command 0x0406 tx timeout [ 338.933189][ T5087] Bluetooth: hci2: command 0x0406 tx timeout [ 338.938992][ T6115] Bluetooth: hci4: command 0x0406 tx timeout [ 338.939097][ T6115] Bluetooth: hci1: command 0x0406 tx timeout [ 338.971605][ T5127] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 339.081918][ T5127] usb 4-1: device descriptor read/8, error -71 [ 339.082713][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 339.099993][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 339.110144][ T8] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 339.123517][ T8] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 339.133111][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.155224][ T8] usb 2-1: config 0 descriptor?? [ 339.172657][ T5139] usb 5-1: Using ep0 maxpacket: 32 [ 339.205153][ T5127] usb usb4-port1: unable to enumerate USB device [ 339.266599][ T6146] capability: warning: `syz-executor.0' uses deprecated v2 capabilities in a way that may be insecure [ 339.321693][ T5139] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 339.333424][ T5139] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 339.343773][ T5139] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 339.353203][ T5139] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.395981][ T5139] usb 5-1: config 0 descriptor?? [ 339.455937][ T5139] hub 5-1:0.0: USB hub found [ 339.637926][ T8] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 339.645858][ T8] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 339.699427][ T8] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 339.720180][ T5139] hub 5-1:0.0: 1 port detected [ 339.742651][ T6148] loop0: detected capacity change from 0 to 4096 [ 339.762106][ T8] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 339.784787][ T6148] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 339.966997][ T8] usb 2-1: USB disconnect, device number 2 [ 339.967166][ T6148] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 340.057848][ T29] audit: type=1326 audit(1718214359.138:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 340.175469][ T6151] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 340.690150][ T5139] hub 5-1:0.0: activate --> -90 [ 341.043302][ T6162] loop1: detected capacity change from 0 to 1024 [ 341.046173][ T6157] loop0: detected capacity change from 0 to 8192 [ 341.082969][ T6157] REISERFS warning (device loop0): super-6515 reiserfs_parse_options: journaled quota format not specified. [ 341.087401][ T6162] EXT4-fs: Ignoring removed i_version option [ 341.102244][ T6162] EXT4-fs: Ignoring removed orlov option [ 341.108211][ T6162] EXT4-fs: Invalid commit interval 2026860225, must be smaller than 21474836 [ 341.821663][ T5139] hub 5-1:0.0: hub_ext_port_status failed (err = -32) [ 341.830880][ T29] audit: type=1800 audit(1718214360.898:35): pid=6171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1948 res=0 errno=0 [ 341.854639][ T29] audit: type=1800 audit(1718214360.928:36): pid=6171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1948 res=0 errno=0 [ 341.997249][ T1217] ieee802154 phy0 wpan0: encryption failed: -22 [ 342.004252][ T1217] ieee802154 phy1 wpan1: encryption failed: -22 [ 342.367929][ T29] audit: type=1326 audit(1718214361.448:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0 [ 342.568240][ T6180] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 342.663984][ T5127] usb 5-1: USB disconnect, device number 2 [ 342.933742][ T6179] loop1: detected capacity change from 0 to 4096 [ 342.990509][ T6179] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 343.346700][ T6179] ntfs3: loop1: Failed to initialize $Extend/$Reparse. [ 343.471743][ T29] audit: type=1326 audit(1718214362.548:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6188 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c8579 code=0x0 [ 343.558234][ T6191] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 344.517106][ T6202] loop0: detected capacity change from 0 to 2048 [ 344.592335][ T6202] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 344.651769][ T6206] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.3'. [ 344.687071][ T6208] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 344.729121][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 344.740499][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 344.784426][ T6202] Remounting filesystem read-only [ 344.823244][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 344.834470][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 344.851662][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 344.862753][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 344.941701][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 344.952634][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 344.967471][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 344.978469][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 345.031728][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 345.042949][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 345.193991][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 345.205005][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 345.238563][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 345.251698][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 345.312612][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 345.332736][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 345.399620][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 345.412116][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 345.551435][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 345.562470][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 345.641673][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 345.652630][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 345.726778][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 345.746350][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 345.809217][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 345.820454][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 345.881589][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 345.892611][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 345.939603][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 345.950614][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 345.986506][ T29] audit: type=1800 audit(1718214365.098:39): pid=6202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 346.125789][ T6202] syz-executor.0 (6202) used greatest stack depth: 3960 bytes left [ 346.171467][ T29] audit: type=1326 audit(1718214365.238:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6218 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 346.292625][ T6223] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 346.604724][ T6224] loop4: detected capacity change from 0 to 4096 [ 346.640222][ T6224] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 346.946859][ T6224] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 347.149340][ T29] audit: type=1326 audit(1718214366.178:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6228 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0 [ 347.222761][ T6230] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 348.258071][ T6241] loop3: detected capacity change from 0 to 512 [ 348.320031][ T6241] ext4: Unknown parameter 'euid' [ 349.329901][ T6254] loop3: detected capacity change from 0 to 2048 [ 349.378239][ T6254] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 349.440416][ T29] audit: type=1326 audit(1718214368.568:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6255 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0 [ 349.478351][ T6262] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 349.575649][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 349.586734][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 349.661522][ T6254] Remounting filesystem read-only [ 349.721716][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 349.742138][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 349.786452][ T6265] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 349.792296][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 349.807103][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 349.900083][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 349.911572][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 349.987426][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 349.998395][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 350.047179][ T6260] loop2: detected capacity change from 0 to 4096 [ 350.073672][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 350.084756][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 350.149878][ T6260] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 350.159654][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 350.171729][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 350.377262][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 350.388286][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 350.447987][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 350.459117][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 350.463678][ T6260] ntfs3: loop2: Failed to initialize $Extend/$Reparse. [ 350.505476][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 350.516365][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 350.566423][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 350.577510][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 350.591524][ T29] audit: type=1326 audit(1718214369.668:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6268 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0 [ 350.615559][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 350.628611][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 350.685432][ T6270] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 350.699786][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 350.711636][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 350.742192][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 350.757185][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 350.830445][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 350.841519][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 350.892133][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 350.903124][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 350.943433][ T29] audit: type=1800 audit(1718214370.058:44): pid=6254 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 351.958364][ T29] audit: type=1326 audit(1718214371.028:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 351.984299][ T29] audit: type=1326 audit(1718214371.028:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 352.007997][ T29] audit: type=1326 audit(1718214371.038:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 352.030929][ T29] audit: type=1326 audit(1718214371.048:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 352.054517][ T29] audit: type=1326 audit(1718214371.048:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 352.077365][ T29] audit: type=1326 audit(1718214371.048:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 352.152630][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 352.152705][ T29] audit: type=1326 audit(1718214371.248:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 352.182305][ T29] audit: type=1326 audit(1718214371.268:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 352.207630][ T29] audit: type=1326 audit(1718214371.268:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 352.244857][ T29] audit: type=1326 audit(1718214371.268:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 352.273551][ T29] audit: type=1326 audit(1718214371.288:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 352.298828][ T29] audit: type=1326 audit(1718214371.288:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 352.322752][ T29] audit: type=1326 audit(1718214371.408:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=16 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 352.345502][ T29] audit: type=1326 audit(1718214371.408:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 352.368360][ T29] audit: type=1326 audit(1718214371.458:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 352.749362][ T29] audit: type=1326 audit(1718214371.858:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6284 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x7ffc0000 [ 353.162530][ T6294] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 353.395666][ T6299] syz-executor.2[6299] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 353.396247][ T6299] syz-executor.2[6299] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 353.561816][ T6297] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 353.999377][ T6302] loop3: detected capacity change from 0 to 2048 [ 354.044066][ T6302] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 354.109959][ T6308] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 354.199291][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 354.210299][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 354.252881][ T6302] Remounting filesystem read-only [ 354.273085][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 354.284119][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 354.311334][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 354.322267][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 354.415296][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 354.426238][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 354.531701][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 354.552239][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 354.576279][ T6309] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 354.615064][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 354.626087][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 354.665687][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 354.677074][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 354.791401][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 354.802628][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 354.908214][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 354.919729][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 355.001806][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 355.012871][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 355.048084][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 355.070567][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 355.095483][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 355.108744][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 355.171632][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 355.182589][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 355.239116][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 355.249960][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 355.317455][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 355.328734][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 355.406686][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 355.417683][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 355.431668][ T6319] veth0_vlan: entered allmulticast mode [ 355.649538][ T6320] veth0_vlan: left promiscuous mode [ 355.659364][ T6320] veth0_vlan: entered promiscuous mode [ 357.061862][ T6342] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 358.051429][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 358.051503][ T29] audit: type=1326 audit(1718214377.178:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6344 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 358.183447][ T6346] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 359.180734][ T6354] loop1: detected capacity change from 0 to 2048 [ 359.260603][ T6354] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 359.391344][ T6362] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 359.482380][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 359.496411][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 359.525566][ T6354] Remounting filesystem read-only [ 359.554420][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 359.569704][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 359.606730][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 359.617733][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 359.638947][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 359.650033][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 359.685342][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 359.696317][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 359.746520][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 359.757453][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 359.776901][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 359.787981][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 359.803672][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 359.814663][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 359.840378][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 359.851415][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 359.878656][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 359.889567][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 359.911479][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 359.922526][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 359.977557][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 359.988444][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 360.073103][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 360.087245][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 360.143127][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 360.154113][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 360.226356][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 360.239574][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 360.306321][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 360.319697][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 360.370911][ T29] audit: type=1800 audit(1718214379.468:80): pid=6354 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.1" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 360.557542][ T6366] loop3: detected capacity change from 0 to 512 [ 360.577831][ T29] audit: type=1326 audit(1718214379.658:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6365 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 360.604603][ T29] audit: type=1326 audit(1718214379.658:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6365 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 360.629257][ T29] audit: type=1326 audit(1718214379.678:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6365 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 360.652478][ T29] audit: type=1326 audit(1718214379.678:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6365 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 360.675357][ T29] audit: type=1326 audit(1718214379.708:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6365 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 360.701805][ T29] audit: type=1326 audit(1718214379.708:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6365 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 360.725650][ T29] audit: type=1326 audit(1718214379.708:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6365 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 360.728479][ T6366] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 360.748349][ T29] audit: type=1326 audit(1718214379.708:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6365 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73f75a7 code=0x7ffc0000 [ 360.868248][ T6366] EXT4-fs (loop3): orphan cleanup on readonly fs [ 360.876653][ T6366] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #3: comm syz-executor.3: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0) [ 360.941728][ T6366] EXT4-fs error (device loop3): ext4_quota_enable:7059: comm syz-executor.3: Bad quota inode: 3, type: 0 [ 360.981389][ T6366] EXT4-fs warning (device loop3): ext4_enable_quotas:7100: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 360.999587][ T6366] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 361.007705][ T6366] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 361.056171][ T6366] fuse: Bad value for 'fd' [ 361.271451][ T5127] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 361.337298][ T5081] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.366156][ T6374] loop0: detected capacity change from 0 to 512 [ 361.448655][ T6374] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2250: inode #12: comm syz-executor.0: corrupted in-inode xattr: invalid ea_ino [ 361.469742][ T6374] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 12 (err -117) [ 361.516181][ T6374] EXT4-fs (loop0): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 361.542661][ T5127] usb 5-1: Using ep0 maxpacket: 8 [ 361.742864][ T5127] usb 5-1: config 0 has no interfaces? [ 361.915933][ T5127] usb 5-1: New USB device found, idVendor=172f, idProduct=0032, bcdDevice= 0.40 [ 361.925568][ T5127] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 361.934116][ T5127] usb 5-1: Product: syz [ 361.938536][ T5127] usb 5-1: Manufacturer: syz [ 361.943605][ T5127] usb 5-1: SerialNumber: syz [ 362.024056][ T5127] usb 5-1: config 0 descriptor?? [ 362.243286][ T6383] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 362.315138][ T5139] usb 5-1: USB disconnect, device number 3 [ 363.194217][ T5084] EXT4-fs (loop0): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 363.585265][ T29] kauditd_printk_skb: 25 callbacks suppressed [ 363.585341][ T29] audit: type=1326 audit(1718214382.718:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c8579 code=0x0 [ 363.723692][ T6396] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 363.921851][ T29] audit: type=1804 audit(1718214382.988:115): pid=6400 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3274436581/syzkaller.2WLLUh/113/file0" dev="sda1" ino=1942 res=1 errno=0 [ 363.948758][ T29] audit: type=1326 audit(1718214383.008:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x7ffc0000 [ 363.977886][ T29] audit: type=1326 audit(1718214383.008:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x7ffc0000 [ 364.002705][ T29] audit: type=1326 audit(1718214383.028:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=187 compat=1 ip=0xf7468579 code=0x7ffc0000 [ 364.025692][ T29] audit: type=1326 audit(1718214383.028:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x7ffc0000 [ 365.022170][ T29] audit: type=1800 audit(1718214384.088:120): pid=6415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1954 res=0 errno=0 [ 365.365969][ T29] audit: type=1326 audit(1718214384.408:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6417 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 365.799983][ T6424] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 366.228455][ T6430] loop2: detected capacity change from 0 to 2048 [ 366.295247][ T6430] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 366.471845][ T6437] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 366.591218][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 366.600084][ T29] audit: type=1804 audit(1718214385.698:122): pid=6438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3636858667/syzkaller.zqmAzA/82/file0" dev="sda1" ino=1969 res=1 errno=0 [ 366.602102][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 366.634231][ T29] audit: type=1326 audit(1718214385.708:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6436 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x7ffc0000 [ 366.770717][ T6430] Remounting filesystem read-only [ 366.835821][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 366.846732][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 366.952728][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 366.963847][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 367.061416][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 367.072587][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 367.147929][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 367.159220][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 367.233314][ T6434] loop4: detected capacity change from 0 to 1024 [ 367.311682][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 367.322728][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 367.324809][ T6443] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 367.355246][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 367.366380][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 367.409563][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 367.420518][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 367.436853][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 367.452686][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 367.471648][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 367.482529][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 367.517971][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 367.529200][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 367.594553][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 367.606616][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 367.695281][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 367.707750][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 367.769507][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 367.780739][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 367.796748][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 367.807819][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 367.825837][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 367.837132][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 368.615050][ T6454] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 368.636366][ T29] kauditd_printk_skb: 5 callbacks suppressed [ 368.636437][ T29] audit: type=1800 audit(1718214387.768:129): pid=6453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1962 res=0 errno=0 [ 368.746789][ T6454] bond1: entered promiscuous mode [ 369.470914][ T6467] syz-executor.0 uses obsolete (PF_INET,SOCK_PACKET) [ 369.893494][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 369.984320][ T29] audit: type=1326 audit(1718214388.968:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6469 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 370.012065][ T6471] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 370.132374][ T29] audit: type=1804 audit(1718214389.218:131): pid=6475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3636858667/syzkaller.zqmAzA/85/file0" dev="sda1" ino=1961 res=1 errno=0 [ 370.158145][ T29] audit: type=1326 audit(1718214389.238:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6474 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x7ffc0000 [ 370.181193][ T29] audit: type=1326 audit(1718214389.278:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6474 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x7ffc0000 [ 370.739805][ T29] audit: type=1326 audit(1718214389.818:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 370.832172][ T6483] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 370.927724][ T29] audit: type=1326 audit(1718214390.018:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0 [ 371.093645][ T6489] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 372.006383][ T29] audit: type=1800 audit(1718214391.088:136): pid=6498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1945 res=0 errno=0 [ 372.375830][ T3505] hfsplus: b-tree write err: -5, ino 4 [ 372.621408][ T29] audit: type=1804 audit(1718214391.698:137): pid=6510 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir4216955046/syzkaller.tuIwHc/87/file0" dev="sda1" ino=1962 res=1 errno=0 [ 372.647191][ T29] audit: type=1326 audit(1718214391.708:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000 [ 373.383923][ T6517] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.2'. [ 373.393821][ T6517] bridge_slave_1: left allmulticast mode [ 373.399685][ T6517] bridge_slave_1: left promiscuous mode [ 373.406621][ T6517] bridge0: port 2(bridge_slave_1) entered disabled state [ 373.502311][ T6517] bridge_slave_0: left allmulticast mode [ 373.508228][ T6517] bridge_slave_0: left promiscuous mode [ 373.515305][ T6517] bridge0: port 1(bridge_slave_0) entered disabled state [ 373.833026][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 373.833101][ T29] audit: type=1326 audit(1718214392.938:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6522 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 373.956736][ T6526] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 374.026429][ T6524] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 374.905332][ T6534] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 375.036228][ T6534] bond0: (slave netdevsim3): Enslaving as an active interface with an up link [ 375.273855][ T29] audit: type=1326 audit(1718214394.328:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6535 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 375.804029][ T6545] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 376.096162][ T29] audit: type=1800 audit(1718214395.168:144): pid=6549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1955 res=0 errno=0 [ 377.307215][ T29] audit: type=1326 audit(1718214396.388:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0 [ 377.464224][ T6574] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 377.488474][ T29] audit: type=1326 audit(1718214396.558:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6571 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 377.569970][ T6579] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 378.471621][ T29] audit: type=1800 audit(1718214397.548:147): pid=6588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1956 res=0 errno=0 [ 378.642456][ T6599] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 378.658885][ T29] audit: type=1326 audit(1718214397.748:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6585 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c8579 code=0x0 [ 379.564265][ T6615] IPv6: NLM_F_REPLACE set, but no existing node found! [ 380.296366][ T29] audit: type=1326 audit(1718214399.358:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6621 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 380.413785][ T6623] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 380.893847][ T29] audit: type=1326 audit(1718214399.958:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6624 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0 [ 380.966634][ T4430] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 380.976712][ T4430] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 380.986973][ T4430] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 381.006024][ T4430] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 381.021520][ T4430] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 381.070425][ T4430] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 381.166646][ T6627] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 381.912833][ T29] audit: type=1800 audit(1718214400.968:151): pid=6638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1958 res=0 errno=0 [ 381.995720][ T6641] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 382.403687][ T3367] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 382.542662][ T3367] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 382.759687][ T3367] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 382.947234][ T3367] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 383.096767][ T6630] chnl_net:caif_netlink_parms(): no params data found [ 383.194725][ T5074] Bluetooth: hci5: command tx timeout [ 383.354101][ T3367] bridge_slave_1: left allmulticast mode [ 383.360021][ T3367] bridge_slave_1: left promiscuous mode [ 383.366942][ T3367] bridge0: port 2(bridge_slave_1) entered disabled state [ 383.402735][ T3367] bridge_slave_0: left allmulticast mode [ 383.408646][ T3367] bridge_slave_0: left promiscuous mode [ 383.424014][ T3367] bridge0: port 1(bridge_slave_0) entered disabled state [ 384.010550][ T3367] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 384.084880][ T3367] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 384.155766][ T3367] bond0 (unregistering): Released all slaves [ 384.203987][ T6656] veth0Wvlan: renamed from geneve0 (while UP) [ 384.492405][ T29] audit: type=1326 audit(1718214403.558:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6665 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 384.515732][ T29] audit: type=1326 audit(1718214403.568:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6667 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 384.615961][ T6666] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 384.776932][ T6671] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 384.947220][ T29] audit: type=1800 audit(1718214404.048:154): pid=6678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1959 res=0 errno=0 [ 385.042107][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 385.159542][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 385.251312][ T5074] Bluetooth: hci5: command tx timeout [ 385.340961][ T3367] hsr_slave_0: left promiscuous mode [ 385.389466][ T3367] hsr_slave_1: left promiscuous mode [ 385.452622][ T3367] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 385.460592][ T3367] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 385.525996][ T3367] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 385.535516][ T3367] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 385.668595][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 385.721896][ T3367] veth1_macvtap: left promiscuous mode [ 385.727638][ T3367] veth0_macvtap: left promiscuous mode [ 385.733773][ T3367] veth1_vlan: left promiscuous mode [ 385.739213][ T3367] veth0_vlan: left promiscuous mode [ 386.704509][ T3367] team0 (unregistering): Port device team_slave_1 removed [ 386.863950][ T3367] team0 (unregistering): Port device team_slave_0 removed [ 387.352900][ T5074] Bluetooth: hci5: command tx timeout [ 387.685643][ T6630] bridge0: port 1(bridge_slave_0) entered blocking state [ 387.693488][ T6630] bridge0: port 1(bridge_slave_0) entered disabled state [ 387.701402][ T6630] bridge_slave_0: entered allmulticast mode [ 387.710563][ T6630] bridge_slave_0: entered promiscuous mode [ 387.847936][ T6630] bridge0: port 2(bridge_slave_1) entered blocking state [ 387.856038][ T6630] bridge0: port 2(bridge_slave_1) entered disabled state [ 387.864083][ T6630] bridge_slave_1: entered allmulticast mode [ 387.873505][ T6630] bridge_slave_1: entered promiscuous mode [ 387.873541][ T29] audit: type=1326 audit(1718214406.948:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6708 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 387.957660][ T6716] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 388.044371][ T29] audit: type=1326 audit(1718214407.098:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0 [ 388.161478][ T6715] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 388.313089][ T6630] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 388.394846][ T6630] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 388.745986][ T6630] team0: Port device team_slave_0 added [ 388.831209][ T6630] team0: Port device team_slave_1 added [ 389.101263][ T6630] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 389.108430][ T6630] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 389.136583][ T6630] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 389.303098][ T6630] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 389.310283][ T6630] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 389.337140][ T6630] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 389.412162][ T5074] Bluetooth: hci5: command tx timeout [ 389.815626][ T6630] hsr_slave_0: entered promiscuous mode [ 389.871754][ T6630] hsr_slave_1: entered promiscuous mode [ 391.653446][ T29] audit: type=1326 audit(1718214410.728:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6746 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 391.678786][ T29] audit: type=1326 audit(1718214410.728:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6748 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0 [ 391.774749][ T6751] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 391.872165][ T6752] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 392.338726][ T6630] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 392.417804][ T6630] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 392.512176][ T6630] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 392.581833][ T6630] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 393.671985][ T6630] 8021q: adding VLAN 0 to HW filter on device bond0 [ 393.828514][ T6630] 8021q: adding VLAN 0 to HW filter on device team0 [ 393.909389][ T5132] bridge0: port 1(bridge_slave_0) entered blocking state [ 393.917216][ T5132] bridge0: port 1(bridge_slave_0) entered forwarding state [ 393.991807][ T5132] bridge0: port 2(bridge_slave_1) entered blocking state [ 393.999507][ T5132] bridge0: port 2(bridge_slave_1) entered forwarding state [ 394.777923][ T29] audit: type=1326 audit(1718214413.848:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6786 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0 [ 394.865817][ T6789] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 394.997446][ T29] audit: type=1326 audit(1718214414.108:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6791 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 395.126317][ T6796] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 396.245079][ T6630] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 397.612940][ T29] audit: type=1326 audit(1718214416.708:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6837 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0 [ 397.728355][ T6844] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 398.103226][ T29] audit: type=1326 audit(1718214417.188:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6847 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 398.253825][ T6854] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 398.897767][ T6630] veth0_vlan: entered promiscuous mode [ 399.049637][ T6630] veth1_vlan: entered promiscuous mode [ 399.484550][ T6630] veth0_macvtap: entered promiscuous mode [ 399.584425][ T6630] veth1_macvtap: entered promiscuous mode [ 399.782761][ T6630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 399.794584][ T6630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.806943][ T6630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 399.819112][ T6630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.831936][ T6630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 399.842799][ T6630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.854864][ T6630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 399.865676][ T6630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.881107][ T6630] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 400.070053][ T6630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 400.081375][ T6630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 400.091640][ T6630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 400.102448][ T6630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 400.114659][ T6630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 400.126301][ T6630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 400.136672][ T6630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 400.147537][ T6630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 400.163443][ T6630] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 400.240506][ T6630] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 400.250013][ T6630] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 400.259277][ T6630] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 400.268456][ T6630] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 401.248518][ T29] audit: type=1326 audit(1718214420.368:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0 [ 401.413066][ T6900] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 401.921644][ T29] audit: type=1326 audit(1718214421.008:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6902 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 402.118447][ T6910] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 403.444740][ T1217] ieee802154 phy0 wpan0: encryption failed: -22 [ 403.451617][ T1217] ieee802154 phy1 wpan1: encryption failed: -22 [ 404.989387][ T29] audit: type=1326 audit(1718214424.078:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6945 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0 [ 405.091781][ T6951] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 405.765098][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 405.773449][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 405.907446][ T3505] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 405.916243][ T3505] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 405.984718][ T29] audit: type=1326 audit(1718214425.018:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6959 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 406.095234][ T6965] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 406.880884][ T6979] loop3: detected capacity change from 0 to 16 [ 406.983644][ T6979] erofs: (device loop3): mounted with root inode @ nid 36. [ 407.057034][ T5074] Bluetooth: hci2: unexpected event for opcode 0x2012 [ 408.170606][ T29] audit: type=1326 audit(1718214427.278:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6992 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 408.241624][ T6998] netlink: 'syz-executor.3': attribute type 5 has an invalid length. [ 408.296964][ T6999] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 408.424817][ T7003] loop4: detected capacity change from 0 to 8 [ 408.562950][ T7003] SQUASHFS error: Failed to read block 0x1ec: -5 [ 408.569669][ T7003] SQUASHFS error: Unable to read metadata cache entry [1ea] [ 409.286282][ T29] audit: type=1326 audit(1718214428.328:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0 [ 409.447596][ T7016] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 411.091686][ T5074] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 411.100392][ T5074] Bluetooth: hci2: Injecting HCI hardware error event [ 411.108108][ T5074] Bluetooth: hci2: hardware error 0x00 [ 411.206599][ T29] audit: type=1326 audit(1718214430.268:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7042 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0 [ 411.313940][ T7047] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 411.554139][ T4430] Bluetooth: hci2: unexpected event for opcode 0x200b [ 413.049937][ T29] audit: type=1326 audit(1718214432.118:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7064 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0 [ 413.163929][ T7069] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 413.180370][ T5074] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 413.252422][ T7035] loop2: detected capacity change from 0 to 32768 [ 413.269421][ T7035] XFS: ikeep mount option is deprecated. [ 413.345969][ T7035] workqueue: Failed to create a rescuer kthread for wq "xfs-blockgc/loop2": -EINTR [ 414.312596][ T5074] Bluetooth: hci4: unexpected event for opcode 0x200b [ 414.673475][ T29] audit: type=1326 audit(1718214433.738:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7086 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0 [ 414.703672][ T7089] loop3: detected capacity change from 0 to 256 [ 414.813014][ T7090] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 415.497919][ T7099] loop1: detected capacity change from 0 to 64 [ 416.771535][ T29] audit: type=1326 audit(1718214435.858:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0 [ 416.893410][ T7121] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 417.439948][ T5074] Bluetooth: hci0: unexpected event for opcode 0x200b [ 418.171995][ T29] audit: type=1326 audit(1718214437.268:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7134 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 418.253916][ T7141] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 418.871362][ T7146] loop0: detected capacity change from 0 to 512 [ 419.173792][ T7146] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 419.187267][ T7146] ext4 filesystem being mounted at /root/syzkaller-testdir4216955046/syzkaller.tuIwHc/134/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 420.000057][ T7162] netlink: 192 bytes leftover after parsing attributes in process `syz-executor.0'. [ 421.274209][ T7171] netlink: 192 bytes leftover after parsing attributes in process `syz-executor.2'. [ 421.681215][ T29] audit: type=1326 audit(1718214440.768:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7173 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744f579 code=0x0 [ 421.821552][ T7176] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 426.326970][ T29] audit: type=1326 audit(1718214445.408:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7190 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744f579 code=0x0 [ 426.502236][ T7192] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 427.288250][ T5084] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 429.437624][ T29] audit: type=1326 audit(1718214448.538:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7218 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0 [ 429.587752][ T7223] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 430.968298][ T7236] loop3: detected capacity change from 0 to 256 [ 431.256838][ T29] audit: type=1326 audit(1718214450.298:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7238 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0 [ 431.353033][ T7244] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 431.409060][ T7243] loop1: detected capacity change from 0 to 512 [ 431.677838][ T7243] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 431.691352][ T7243] ext4 filesystem being mounted at /root/syzkaller-testdir3636858667/syzkaller.zqmAzA/141/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 431.900952][ T7230] loop2: detected capacity change from 0 to 8192 [ 431.961341][ T7230] REISERFS warning (device loop2): super-6504 reiserfs_getopt: the option "usrjquota" requires an argument [ 431.961341][ T7230] [ 433.003142][ T7243] netlink: 192 bytes leftover after parsing attributes in process `syz-executor.1'. [ 435.768043][ T29] audit: type=1326 audit(1718214454.848:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7282 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 435.879412][ T7286] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 436.184224][ T29] audit: type=1326 audit(1718214455.268:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7290 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 436.273074][ T7292] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 439.919410][ T5082] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 441.194884][ T29] audit: type=1326 audit(1718214460.268:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 441.247519][ T7335] loop0: detected capacity change from 0 to 256 [ 441.395388][ T7332] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 441.411765][ T29] audit: type=1326 audit(1718214460.478:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7331 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0 [ 441.509050][ T7336] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 443.270660][ T7355] loop3: detected capacity change from 0 to 512 [ 443.515845][ T7355] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 443.532999][ T7355] ext4 filesystem being mounted at /root/syzkaller-testdir3274436581/syzkaller.2WLLUh/184/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 444.156278][ T7353] netlink: 192 bytes leftover after parsing attributes in process `syz-executor.3'. [ 444.665629][ T5081] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 446.069158][ T29] audit: type=1326 audit(1718214465.058:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0 [ 446.103109][ T29] audit: type=1326 audit(1718214465.088:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7376 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744f579 code=0x0 [ 446.350211][ T7379] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 446.407223][ T7380] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 448.220910][ T7397] loop4: detected capacity change from 0 to 512 [ 448.291978][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 0.0.0.0:20002. Sending cookies. [ 448.487492][ T7397] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 448.500924][ T7397] ext4 filesystem being mounted at /root/syzkaller-testdir1374071609/syzkaller.4Srulv/20/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 448.924151][ T5074] Bluetooth: hci4: unexpected event for opcode 0x200b [ 449.688823][ T29] audit: type=1326 audit(1718214468.748:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7414 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0 [ 449.742358][ T7417] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 449.802422][ T7397] netlink: 192 bytes leftover after parsing attributes in process `syz-executor.4'. [ 451.891833][ T29] audit: type=1326 audit(1718214470.948:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7424 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0 [ 452.014609][ T7428] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 452.381021][ T54] ===================================================== [ 452.388333][ T54] BUG: KMSAN: uninit-value in virtqueue_add+0x1e86/0x65c0 [ 452.395674][ T54] virtqueue_add+0x1e86/0x65c0 [ 452.400641][ T54] virtqueue_add_sgs+0x186/0x1b0 [ 452.405778][ T54] virtscsi_add_cmd+0x838/0xad0 [ 452.410825][ T54] virtscsi_queuecommand+0x898/0xa60 [ 452.416310][ T54] scsi_queue_rq+0x4cc7/0x5a80 [ 452.421263][ T54] blk_mq_dispatch_rq_list+0x79b/0x3440 [ 452.427040][ T54] __blk_mq_sched_dispatch_requests+0x11b7/0x26e0 [ 452.433697][ T54] blk_mq_sched_dispatch_requests+0x12f/0x270 [ 452.440031][ T54] blk_mq_run_work_fn+0xd0/0x280 [ 452.445170][ T54] process_scheduled_works+0xa81/0x1bd0 [ 452.450920][ T54] worker_thread+0xea5/0x1560 [ 452.455808][ T54] kthread+0x3e2/0x540 [ 452.460079][ T54] ret_from_fork+0x6d/0x90 [ 452.464683][ T54] ret_from_fork_asm+0x1a/0x30 [ 452.469644][ T54] [ 452.472042][ T54] Uninit was stored to memory at: [ 452.477401][ T54] copy_page_from_iter_atomic+0x12b7/0x2ae0 [ 452.483526][ T54] generic_perform_write+0x4c1/0xc60 [ 452.489059][ T54] ext4_buffered_write_iter+0x564/0xaa0 [ 452.494788][ T54] ext4_file_write_iter+0x208/0x3450 [ 452.500243][ T54] __kernel_write_iter+0x64d/0xc80 [ 452.505558][ T54] dump_user_range+0x8dc/0xee0 [ 452.510510][ T54] elf_core_dump+0x59f5/0x5d50 [ 452.515479][ T54] do_coredump+0x32d5/0x4920 [ 452.520273][ T54] get_signal+0x267e/0x2d00 [ 452.524964][ T54] arch_do_signal_or_restart+0x53/0xcb0 [ 452.530731][ T54] syscall_exit_to_user_mode+0x5d/0x160 [ 452.536568][ T54] __do_fast_syscall_32+0xc4/0x120 [ 452.541888][ T54] do_fast_syscall_32+0x38/0x80 [ 452.546983][ T54] do_SYSENTER_32+0x1f/0x30 [ 452.551676][ T54] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 452.558281][ T54] [ 452.560683][ T54] Uninit was created at: [ 452.565146][ T54] __alloc_pages+0x9d6/0xe70 [ 452.569904][ T54] alloc_pages_mpol+0x299/0x990 [ 452.574948][ T54] alloc_pages+0x1bf/0x1e0 [ 452.579525][ T54] dump_user_range+0x4a/0xee0 [ 452.584481][ T54] elf_core_dump+0x59f5/0x5d50 [ 452.589448][ T54] do_coredump+0x32d5/0x4920 [ 452.594219][ T54] get_signal+0x267e/0x2d00 [ 452.598981][ T54] arch_do_signal_or_restart+0x53/0xcb0 [ 452.604746][ T54] syscall_exit_to_user_mode+0x5d/0x160 [ 452.610495][ T54] __do_fast_syscall_32+0xc4/0x120 [ 452.615819][ T54] do_fast_syscall_32+0x38/0x80 [ 452.620913][ T54] do_SYSENTER_32+0x1f/0x30 [ 452.625606][ T54] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 452.632152][ T54] [ 452.634558][ T54] Bytes 0-4095 of 4096 are uninitialized [ 452.640299][ T54] Memory access of size 4096 starts at ffff888041268000 [ 452.647431][ T54] [ 452.649852][ T54] CPU: 0 PID: 54 Comm: kworker/0:1H Not tainted 6.9.0-syzkaller-02339-g101b7a97143a #0 [ 452.659821][ T54] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 452.670029][ T54] Workqueue: kblockd blk_mq_run_work_fn [ 452.675783][ T54] ===================================================== [ 452.682808][ T54] Disabling lock debugging due to kernel taint [ 452.689068][ T54] Kernel panic - not syncing: kmsan.panic set ... [ 452.695596][ T54] CPU: 0 PID: 54 Comm: kworker/0:1H Tainted: G B 6.9.0-syzkaller-02339-g101b7a97143a #0 [ 452.706885][ T54] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 452.717099][ T54] Workqueue: kblockd blk_mq_run_work_fn [ 452.722840][ T54] Call Trace: [ 452.726228][ T54] [ 452.729257][ T54] dump_stack_lvl+0x216/0x2d0 [ 452.734251][ T54] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 452.740336][ T54] dump_stack+0x1e/0x30 [ 452.744676][ T54] panic+0x4e2/0xcd0 [ 452.748795][ T54] ? kmsan_get_metadata+0xf1/0x1d0 [ 452.754096][ T54] kmsan_report+0x2d5/0x2e0 [ 452.758761][ T54] ? kmsan_get_metadata+0x146/0x1d0 [ 452.764130][ T54] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 452.770590][ T54] ? kmsan_internal_check_memory+0x48c/0x560 [ 452.776782][ T54] ? kmsan_handle_dma+0xac/0xc0 [ 452.781799][ T54] ? virtqueue_add+0x1e86/0x65c0 [ 452.786932][ T54] ? virtqueue_add_sgs+0x186/0x1b0 [ 452.792221][ T54] ? virtscsi_add_cmd+0x838/0xad0 [ 452.797426][ T54] ? virtscsi_queuecommand+0x898/0xa60 [ 452.803163][ T54] ? scsi_queue_rq+0x4cc7/0x5a80 [ 452.808273][ T54] ? blk_mq_dispatch_rq_list+0x79b/0x3440 [ 452.814204][ T54] ? __blk_mq_sched_dispatch_requests+0x11b7/0x26e0 [ 452.821015][ T54] ? blk_mq_sched_dispatch_requests+0x12f/0x270 [ 452.827468][ T54] ? blk_mq_run_work_fn+0xd0/0x280 [ 452.832768][ T54] ? process_scheduled_works+0xa81/0x1bd0 [ 452.838697][ T54] ? worker_thread+0xea5/0x1560 [ 452.843719][ T54] ? kthread+0x3e2/0x540 [ 452.848144][ T54] ? ret_from_fork+0x6d/0x90 [ 452.852901][ T54] ? ret_from_fork_asm+0x1a/0x30 [ 452.858121][ T54] ? scsi_queue_rq+0x4335/0x5a80 [ 452.863255][ T54] ? blk_mq_dispatch_rq_list+0x79b/0x3440 [ 452.869179][ T54] ? __blk_mq_sched_dispatch_requests+0x11b7/0x26e0 [ 452.875994][ T54] ? blk_mq_sched_dispatch_requests+0x12f/0x270 [ 452.882444][ T54] ? blk_mq_run_work_fn+0xd0/0x280 [ 452.887723][ T54] ? process_scheduled_works+0xa81/0x1bd0 [ 452.893728][ T54] ? worker_thread+0xea5/0x1560 [ 452.898770][ T54] ? kthread+0x3e2/0x540 [ 452.903272][ T54] ? ret_from_fork+0x6d/0x90 [ 452.908024][ T54] ? ret_from_fork_asm+0x1a/0x30 [ 452.913165][ T54] ? ___slab_alloc+0xd41/0x34a0 [ 452.918187][ T54] ? kmsan_get_metadata+0x146/0x1d0 [ 452.923563][ T54] ? mempool_alloc_slab+0x36/0x50 [ 452.928764][ T54] ? should_fail_ex+0x4a/0x800 [ 452.933720][ T54] ? kmsan_get_metadata+0x146/0x1d0 [ 452.939204][ T54] kmsan_internal_check_memory+0x48c/0x560 [ 452.945249][ T54] kmsan_handle_dma+0xac/0xc0 [ 452.950088][ T54] virtqueue_add+0x1e86/0x65c0 [ 452.955042][ T54] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 452.961028][ T54] ? kmsan_get_metadata+0x146/0x1d0 [ 452.966396][ T54] ? kmsan_get_metadata+0x146/0x1d0 [ 452.971770][ T54] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 452.977786][ T54] virtqueue_add_sgs+0x186/0x1b0 [ 452.982936][ T54] virtscsi_add_cmd+0x838/0xad0 [ 452.988011][ T54] virtscsi_queuecommand+0x898/0xa60 [ 452.993499][ T54] ? __pfx_virtscsi_queuecommand+0x10/0x10 [ 452.999494][ T54] scsi_queue_rq+0x4cc7/0x5a80 [ 453.004467][ T54] ? __pfx_scsi_queue_rq+0x10/0x10 [ 453.009756][ T54] blk_mq_dispatch_rq_list+0x79b/0x3440 [ 453.015520][ T54] ? sbitmap_get+0x431/0x670 [ 453.020288][ T54] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 453.026304][ T54] ? dd_dispatch_request+0x9a1/0xa20 [ 453.031796][ T54] __blk_mq_sched_dispatch_requests+0x11b7/0x26e0 [ 453.038452][ T54] ? finish_task_switch+0x7bb/0x8f0 [ 453.043862][ T54] ? __blk_mq_sched_dispatch_requests+0x1031/0x26e0 [ 453.050706][ T54] blk_mq_sched_dispatch_requests+0x12f/0x270 [ 453.057005][ T54] blk_mq_run_work_fn+0xd0/0x280 [ 453.062118][ T54] ? __pfx_blk_mq_run_work_fn+0x10/0x10 [ 453.067839][ T54] process_scheduled_works+0xa81/0x1bd0 [ 453.073611][ T54] worker_thread+0xea5/0x1560 [ 453.078484][ T54] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 453.084490][ T54] kthread+0x3e2/0x540 [ 453.088769][ T54] ? __pfx_worker_thread+0x10/0x10 [ 453.094075][ T54] ? __pfx_kthread+0x10/0x10 [ 453.098855][ T54] ret_from_fork+0x6d/0x90 [ 453.103439][ T54] ? __pfx_kthread+0x10/0x10 [ 453.108312][ T54] ret_from_fork_asm+0x1a/0x30 [ 453.113283][ T54] [ 454.521151][ T54] Shutting down cpus with NMI [ 454.526244][ T54] Kernel Offset: disabled [ 454.530627][ T54] Rebooting in 86400 seconds..