last executing test programs: 1.935724482s ago: executing program 2 (id=3): ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r6], 0x4c}}, 0x0) 900.488183ms ago: executing program 2 (id=6): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000400)='./file0\x00', 0x4000, &(0x7f0000000e00)=ANY=[], 0x2, 0xc2f, &(0x7f00000011c0)="$eJzs3U9sHNd9B/DfGy3Fld1WTOwoThoXm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRMSOKEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8eun0mfSwWwEAPEhXxr58+qz7PwA8Vq76/38AAAAAAAAAAAAAADjsUhTxVKSYv7KeJqr3HfXL7b5bt8eHR3as1X8sVTWPVOXLn/qZs+fOf+HFoQvdvNye3b3+fffpeH3s6qXGK3M35xemFxenpxrjs+3JuanpPe9hv/W3G6xOQOPmG7emrl9fbJx94dyWj28PfND/5ImBi0PPnXq2W3Z8eGRkbLNIvbd87Z4b0rHbDI+jUcSpSPH8d36cWhFRxP7PRf3Bjv12x6pODFadGB8eqToy027NLpUfjnZPRBHR6KnU7J6jnccian0PtA+7a0Ysl80vGzxYdm9svrXQujYz3RhtLSy1l9pzs6Op09qyP40o4kKKWImItf67d9cXRdQixbeOr6drEXGkex4+X00M3r0dxQH2cQ/Kdjb6IlaKR2DMDrH+KOK1SPGTd0/GZL7OVNeaz0W8Vub3It4u8+WIVH4xzke8v8P3iEdTLYr4y3L8L66nqep60L2uXP5K40uz1+d6ynavK7/k/eGuK8VDuj8c25YPxiG/NtWjiFZ1xV9P9/6bHQAAAAAAAAAAAAAAAADut2NRxKcixav/8SfVvOKo5qUfvzj0hwO/2jtn/JkP2U9Z9oWIWC72Nif3aJ4YOJpGU3rIc4kfZ/Uo4k/z/L9vPOzGAAAAAAAAAAAAAAAAAAAAPNaK+FGkeOm9k2kletcUb8/eaFxtXZvprArbXfu3u2b6xsbGRiN1splzIudyzpWcqznXckaR6+ds5pzIuZxzJedqzrWccSTXz9nMOZFzOedKztWcazl7F9Ov6tdy/ZzLOVdyruZcyxmHZO1eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICPkiKK+Fmk+ObX1lOkiGhGTEQnV/sfdusAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFJ/KuK7kaLxR80722oRkap/O06Wv5yP5tEyPx7NoTJfjualnK0qa81vPIT2sz99qYgfRor++jt3BjyPf1/n3Z2vQbz99c13n6518kj3w4EP+p88cfzi0MhvPLPb67RTAwYvt2dv3W6MD4+MjPVsruWjf7xn20A+bnF/uk5ELL751hutmZnphXt/UX4F9lH9EXqRao9LT72oXkTtUDTj4fSdx0B5/38/Uvzue//ZveF37v/1+JXOuzt3+Pjpn23e/1/avqM93v9r2+vl+395T9/p/v9Uz7aX8u9G+moR9aWb830nIuqLb751qn2zdWP6xvTs+dOnvzg09MVzp/uORtSvt2eme17dl9MFAAAAAAAAAAAAAAAA8OCkIn4/UrR+uJ4aEXG7mq81cHHouVPPHokj1XyrLfO2Xx+7eqnxytzN+YXpxcXpqcb4bHtybmp6r4erV9O9xodHDqQzH+rYAbf/WP2Vufk3F9o3/nhpx8+fqF+6tri00Jrc+eM4FkVEs3fLYNXg8eGRqtEz7dZsVXV0x8n0v7y+VMR/RYrJ84302bwtz//fPsN/y/z/5e07OqD5/x/r2VYeM6UifhopfuevnonPVu18Iu46Z7nc30WKwQufyeXiaFmu24bOcwU6MwPLsv8XKf7pZ1vLdudDPrVZ9syeT+wjohz/45Hiu3/x7fjNvG3r8x92Hv8ntu/ogMb/6Z5tT2x5XsG+u04e/1OR4uWn3onfytt+0fM/us/eOJkL33k+xwGN/yd6tg3k4/72/ek6AAAAAAAAAADAI60vFfH3keL7I7X0Yt62l7//N7V9Rwf0978+2bNt6v6sV/ShL/Z9UgEAAADgkOhLRfwoUtxYeufOHOqt87975n/+3ub8z+G07dPqz/l+rXpuwP38879eA/m4E/vvNgAAAAAAAAAAAAAAAAAAABwqKRXxYl5PfaKazz+163rqq5Hi1f95PpdLJ8py3XXgB6pf61fmZk9dmpmZm2wtta7NTDfG5luT02XdpyPF+t9+JtctqvXVu+vNd9Z431yLfSFSjPxDt2xnLfbu2uRPb5Y9U5b9WKT473/cWra7jvUnNsueLcv+TaT46r/sXPbEZtlzZdlvR4offLXRLftEWbb7fNRPbpZ9YXKuOIBRAQAAAAAAAAAAAAAAAAAA4HHTl4r480jxvzdX7szlz+v/9/W8rbz99Z71/re5Xa3zP1Ct/7/b63tZ/796rsDybkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICPphRFvBUp5q+sp9X+8n1H/XJ79tbt8eGRnasdS1XNI1X58qd+5uy58194cehCN39x/fvtU/H62NVLjVfmbs4vTC8uTk81xmfbk3NT03vew37rbzdYnYDGzTduTV2/vtg4+8K5LR/fHvig/8kTAxeHnjv1bLfs+PDIyFhPmVrfPR/9LmmX7UejiL+OFM9/58fp+/0RRez/XHzId+egHas6MVh1Ynx4pOrITLs1u1R+ONo9EUVEo6dSs3uOHsBY7EszYrlsftngwbJ7Y/Othda1menGaGthqb3UnpsdTZ3Wlv1pRBEXUsRKRKz13727vijijUjxrePr6V/7I450z8Pnr4x9+fTZ3dtRHGAf96BsZ6MvYqV4BMbsEOuPIv45Uvzk3ZPxb/0Rtej8xOciXivzexFvR2e8U/nFOB/x/g7fIx5NtSji/8vxv7ie3u0vrwfd68rlrzS+NHt9rqds97ryyN8fHqRDfm2qRxE/qK746+nf/XcNAAAAAAAAAAAAAAAAcIgU8euR4qX3TqZqfvCdOcXt2RuNq61rM51pfd25f9050xsbGxuN1MlmzomcyzlXcq7mXMsZRa6fs1lmfWNjIr9fzrmSczXnWs44kuvnbOacyLmccyXnas61nFHL9XM2c07kXM65knM151rOOCRz9wAAAAAAAAAAAAAAAAAAgI+WovonxTe/tp42+jvrS09EJ1etB/qR9/MAAAD//1sQ9JI=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.throttle.io_serviced\x00', 0x275a, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0xc0086c43, &(0x7f0000000080)=0x700) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_cpus\x00', 0x275a, 0x0) creat(&(0x7f0000000d00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0}) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008c}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x0) rename(&(0x7f0000000e00)='./file0\x00', &(0x7f0000001080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 829.239051ms ago: executing program 0 (id=1): r0 = socket(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x90) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth0_vlan\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r1, r3}, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000280)={'veth0_vlan\x00', 0x0}) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000740)=ANY=[@ANYBLOB="2000000010000104000100000475000000000000", @ANYRES32=r5, @ANYBLOB="c2"], 0x20}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x15, 0x56, &(0x7f0000000140)="9a3298064d240e92842fb478c64b23b8d1280da6bb", &(0x7f0000000200)=""/86, 0x3, 0x0, 0xd8, 0x0, &(0x7f0000000480)="f0b021a67b6305a1742564f51aaef16ef5fb3e08e927c9cd26550372b9ca58a8494475d8cbe33bbb9bcfa04bce41931c64a29749d6e313b8a689d9dc8a3db3520032cfd5aae39769eda66c13d1aab698e28ac62a2f617008d3cef819039b532addcd352b851f12b86171cfccbffceba79112010642798f3f3640df424116a43a49b1952dc12178815c5329ff4c8b7199d5c29d8a2cede1fc83fd73e561d4b1a9aa069b7a064c629e1cf64e34ccaca9228a9e8c66ca6cbf0417c031e111831b6c5499b1728bb7006683bf0e2edcb330fb91f2f0ab21456fc8", 0x0, 0x0, 0x0, 0x81}, 0x50) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r7}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@cgroup=r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={@cgroup=r9, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001200010a001800000000000080"], 0x14}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0) 207.56763ms ago: executing program 1 (id=2): epoll_create1(0x0) socket$unix(0x1, 0x1, 0x0) syz_io_uring_setup(0x39, &(0x7f0000000580)={0x0, 0x1, 0x2}, &(0x7f0000000240), &(0x7f0000001880)) syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000006c0), 0xfe, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") mkdir(&(0x7f0000000180)='./bus\x00', 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000100)=@v1={0x0, @adiantum, 0x0, @desc1}) chdir(&(0x7f0000000300)='./bus\x00') mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000140)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c99064bbd27b2aa77459cff33a3a98350f1af9d51ed5bef3d63520d260804d0"}, 0x48, 0xfffffffffffffffd) keyctl$revoke(0x3, r1) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xa040, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r3, &(0x7f00000000c0)=""/43, 0x60) 0s ago: executing program 3 (id=4): openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/rcu_normal', 0x1a1081, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x90) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r1, 0x80045301, &(0x7f0000000100)) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$vim2m(&(0x7f0000000480), 0x80000000, 0x2) syz_io_uring_setup(0x1f14, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000300)) syz_io_uring_setup(0x5e2, 0x0, &(0x7f0000000040), 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(0xffffffffffffffff, 0x3f70, 0x0, 0x0, 0x0, 0x0) r3 = memfd_create(&(0x7f0000000380)='/dloop#\x00', 0x6) fallocate(r3, 0x0, 0x0, 0x1000005) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f0000000180)={0x0, 0x4, 0x2, {0x2, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}}) r4 = syz_open_dev$vim2m(&(0x7f0000000140), 0x8, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x0, 0x2, 0x1}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.187' (ED25519) to the list of known hosts. [ 52.400070][ T5218] cgroup: Unknown subsys name 'net' [ 52.542697][ T5218] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 53.854602][ T5218] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 55.928476][ T5245] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 55.938562][ T5245] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 55.946471][ T5245] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 55.955442][ T5245] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 55.963746][ T5245] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 55.977188][ T5251] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 55.987820][ T5248] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 55.995849][ T5251] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 56.002948][ T5248] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 56.011732][ T5251] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 56.012174][ T5249] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 56.026524][ T5252] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 56.028102][ T5249] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 56.035567][ T5245] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 56.042243][ T5249] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 56.047796][ T5252] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 56.055284][ T5249] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 56.063040][ T5252] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 56.069706][ T5249] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 56.076016][ T5245] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 56.083121][ T5251] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 56.090561][ T5252] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 56.097743][ T5249] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 56.106363][ T5252] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 56.112540][ T5251] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 56.127321][ T5251] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 56.135518][ T5245] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 56.139796][ T5251] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 56.150007][ T5245] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 56.155091][ T5251] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 56.513377][ T5238] chnl_net:caif_netlink_parms(): no params data found [ 56.539127][ T5230] chnl_net:caif_netlink_parms(): no params data found [ 56.662668][ T5228] chnl_net:caif_netlink_parms(): no params data found [ 56.714533][ T5238] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.722315][ T5238] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.730576][ T5238] bridge_slave_0: entered allmulticast mode [ 56.737599][ T5238] bridge_slave_0: entered promiscuous mode [ 56.762593][ T5229] chnl_net:caif_netlink_parms(): no params data found [ 56.775977][ T5238] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.783506][ T5238] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.791228][ T5238] bridge_slave_1: entered allmulticast mode [ 56.798323][ T5238] bridge_slave_1: entered promiscuous mode [ 56.816266][ T5230] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.823575][ T5230] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.830834][ T5230] bridge_slave_0: entered allmulticast mode [ 56.837415][ T5230] bridge_slave_0: entered promiscuous mode [ 56.887858][ T5238] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.897194][ T5230] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.904404][ T5230] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.912019][ T5230] bridge_slave_1: entered allmulticast mode [ 56.918902][ T5230] bridge_slave_1: entered promiscuous mode [ 56.957397][ T5238] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.983092][ T5230] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.030077][ T5230] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.067543][ T5238] team0: Port device team_slave_0 added [ 57.080963][ T5228] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.088441][ T5228] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.095559][ T5228] bridge_slave_0: entered allmulticast mode [ 57.102555][ T5228] bridge_slave_0: entered promiscuous mode [ 57.112387][ T5228] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.119784][ T5228] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.127588][ T5228] bridge_slave_1: entered allmulticast mode [ 57.134677][ T5228] bridge_slave_1: entered promiscuous mode [ 57.150674][ T5229] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.158178][ T5229] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.168123][ T5229] bridge_slave_0: entered allmulticast mode [ 57.176056][ T5229] bridge_slave_0: entered promiscuous mode [ 57.188475][ T5238] team0: Port device team_slave_1 added [ 57.195182][ T5229] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.202795][ T5229] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.211141][ T5229] bridge_slave_1: entered allmulticast mode [ 57.223072][ T5229] bridge_slave_1: entered promiscuous mode [ 57.233309][ T5230] team0: Port device team_slave_0 added [ 57.281074][ T5230] team0: Port device team_slave_1 added [ 57.303040][ T5228] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.312950][ T5238] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.320078][ T5238] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.347116][ T5238] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.360706][ T5229] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.374116][ T5229] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.393038][ T5228] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.409759][ T5238] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.417057][ T5238] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.443350][ T5238] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.459230][ T5235] chnl_net:caif_netlink_parms(): no params data found [ 57.489558][ T5230] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.496579][ T5230] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.523105][ T5230] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.535142][ T5230] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.542481][ T5230] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.568936][ T5230] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.589175][ T5228] team0: Port device team_slave_0 added [ 57.597452][ T5228] team0: Port device team_slave_1 added [ 57.619198][ T5229] team0: Port device team_slave_0 added [ 57.645727][ T5229] team0: Port device team_slave_1 added [ 57.681639][ T5228] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.688816][ T5228] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.714853][ T5228] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.755611][ T5228] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.763359][ T5228] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.791030][ T5228] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.811218][ T5238] hsr_slave_0: entered promiscuous mode [ 57.818023][ T5238] hsr_slave_1: entered promiscuous mode [ 57.837941][ T5229] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.844982][ T5229] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.872047][ T5229] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.884705][ T5229] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.891894][ T5229] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.919081][ T5229] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.953633][ T5228] hsr_slave_0: entered promiscuous mode [ 57.960261][ T5228] hsr_slave_1: entered promiscuous mode [ 57.969695][ T5228] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.979521][ T5228] Cannot create hsr debugfs directory [ 57.997111][ T5230] hsr_slave_0: entered promiscuous mode [ 58.005986][ T5230] hsr_slave_1: entered promiscuous mode [ 58.012453][ T5230] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.020072][ T5230] Cannot create hsr debugfs directory [ 58.069084][ T5235] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.076647][ T5235] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.083884][ T5235] bridge_slave_0: entered allmulticast mode [ 58.090761][ T5235] bridge_slave_0: entered promiscuous mode [ 58.099569][ T5235] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.107711][ T5235] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.114930][ T5235] bridge_slave_1: entered allmulticast mode [ 58.122621][ T5235] bridge_slave_1: entered promiscuous mode [ 58.171874][ T5229] hsr_slave_0: entered promiscuous mode [ 58.179119][ T5229] hsr_slave_1: entered promiscuous mode [ 58.185519][ T5229] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.194703][ T5229] Cannot create hsr debugfs directory [ 58.207709][ T5251] Bluetooth: hci4: command tx timeout [ 58.207728][ T54] Bluetooth: hci2: command tx timeout [ 58.207777][ T5236] Bluetooth: hci3: command tx timeout [ 58.213421][ T54] Bluetooth: hci0: command tx timeout [ 58.232070][ T5245] Bluetooth: hci1: command tx timeout [ 58.240828][ T5235] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.283279][ T5235] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.348505][ T5235] team0: Port device team_slave_0 added [ 58.375937][ T5235] team0: Port device team_slave_1 added [ 58.420162][ T5235] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.427500][ T5235] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.457115][ T5235] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.502786][ T5235] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.510808][ T5235] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.538993][ T5235] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.635716][ T5235] hsr_slave_0: entered promiscuous mode [ 58.642020][ T5235] hsr_slave_1: entered promiscuous mode [ 58.648988][ T5235] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.656742][ T5235] Cannot create hsr debugfs directory [ 58.713315][ T5230] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 58.725710][ T5230] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 58.750329][ T5230] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 58.760993][ T5230] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 58.809940][ T5238] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 58.819432][ T5238] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 58.830989][ T5238] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 58.850069][ T5238] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 58.947535][ T5228] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 58.962346][ T5228] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 58.973791][ T5228] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 58.989882][ T5228] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 59.042379][ T5229] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 59.075147][ T5229] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 59.084438][ T5229] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 59.109851][ T5229] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 59.172314][ T5235] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 59.185640][ T5235] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 59.201840][ T5235] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 59.212429][ T5235] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 59.254732][ T5238] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.270010][ T5230] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.298147][ T5238] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.311618][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.318990][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.347067][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.354159][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.383324][ T5230] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.411730][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.418949][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.428797][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.435885][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.528862][ T5229] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.547570][ T5228] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.581798][ T5235] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.600591][ T5228] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.629177][ T5229] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.654710][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.662661][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.713831][ T2992] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.721001][ T2992] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.754191][ T1046] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.761341][ T1046] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.780737][ T5235] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.802670][ T1046] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.809851][ T1046] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.834781][ T2992] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.841930][ T2992] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.892752][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.899916][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.982918][ T5230] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.011777][ T5238] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.143859][ T5238] veth0_vlan: entered promiscuous mode [ 60.202983][ T5230] veth0_vlan: entered promiscuous mode [ 60.238001][ T5238] veth1_vlan: entered promiscuous mode [ 60.267051][ T5230] veth1_vlan: entered promiscuous mode [ 60.286985][ T5245] Bluetooth: hci1: command tx timeout [ 60.292441][ T5245] Bluetooth: hci4: command tx timeout [ 60.296358][ T54] Bluetooth: hci0: command tx timeout [ 60.298558][ T5251] Bluetooth: hci3: command tx timeout [ 60.303382][ T54] Bluetooth: hci2: command tx timeout [ 60.332370][ T5228] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.344319][ T5235] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.414595][ T5238] veth0_macvtap: entered promiscuous mode [ 60.457144][ T5238] veth1_macvtap: entered promiscuous mode [ 60.481010][ T5230] veth0_macvtap: entered promiscuous mode [ 60.492569][ T5230] veth1_macvtap: entered promiscuous mode [ 60.553328][ T5230] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.588373][ T5230] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.603418][ T5229] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.615884][ T5228] veth0_vlan: entered promiscuous mode [ 60.632024][ T5230] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.641586][ T5230] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.651681][ T5230] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.660911][ T5230] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.672101][ T5238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.683983][ T5238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.697483][ T5238] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.708345][ T5238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.720527][ T5238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.731586][ T5238] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.758980][ T5238] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.768409][ T5238] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.779253][ T5238] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.788652][ T5238] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.814747][ T5228] veth1_vlan: entered promiscuous mode [ 60.884483][ T5235] veth0_vlan: entered promiscuous mode [ 60.943224][ T5228] veth0_macvtap: entered promiscuous mode [ 60.958365][ T5229] veth0_vlan: entered promiscuous mode [ 60.970237][ T1046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.982304][ T5228] veth1_macvtap: entered promiscuous mode [ 60.992517][ T1046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.005867][ T5235] veth1_vlan: entered promiscuous mode [ 61.032980][ T5229] veth1_vlan: entered promiscuous mode [ 61.059756][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.069914][ T1046] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.071509][ T5228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.081705][ T1046] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.090179][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.104382][ T5228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.114665][ T5228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.125257][ T5228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.138127][ T5228] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.148422][ T5228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.159071][ T5228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.169402][ T5228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.180834][ T5228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.192708][ T5228] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.214597][ T5235] veth0_macvtap: entered promiscuous mode [ 61.233764][ T5235] veth1_macvtap: entered promiscuous mode [ 61.269995][ T5228] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.281585][ T5228] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.290474][ T5228] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.300054][ T5228] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.325584][ T1046] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.334176][ T1046] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.376256][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.387632][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.397803][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.408522][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.418635][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.429356][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.440640][ T5235] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.463456][ T5229] veth0_macvtap: entered promiscuous mode [ 61.473405][ T5229] veth1_macvtap: entered promiscuous mode [ 61.491196][ T5229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.503175][ T5229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.513250][ T5229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.524306][ T5229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.536218][ T5229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.553911][ T5229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.586752][ T5229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.604886][ T5229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.617949][ T5229] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.654238][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.665180][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.676518][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.687452][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.698720][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.711109][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.864449][ T5235] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.112737][ T5317] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 62.121220][ T5317] IPv6: NLM_F_CREATE should be set when creating new route [ 62.165733][ T5235] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.228253][ T5235] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.238370][ T5235] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.249500][ T5235] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.264030][ T5229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.275102][ T5229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.285419][ T5229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.304708][ T5229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.314843][ T5229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.333844][ T5229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.346077][ T5229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.363253][ T5229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.372107][ T54] Bluetooth: hci3: command tx timeout [ 62.376661][ T5244] Bluetooth: hci4: command tx timeout [ 62.379729][ T5251] Bluetooth: hci0: command tx timeout [ 62.385626][ T5244] Bluetooth: hci1: command tx timeout [ 62.389416][ T5245] Bluetooth: hci2: command tx timeout [ 62.401838][ T5229] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.434269][ T5229] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.472162][ T5229] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.502831][ T5229] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.511747][ T5229] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.540810][ T5321] loop2: detected capacity change from 0 to 2048 [ 62.565557][ T5321] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 62.593044][ T5321] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 62.703400][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.722875][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.739110][ T1046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.751865][ T1046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.807900][ T1046] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.842846][ T1046] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.949938][ T1046] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.983725][ T1046] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.002551][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.050566][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.187393][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.241199][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.254473][ T5326] loop1: detected capacity change from 0 to 128 [ 63.970275][ T5326] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 63.999247][ T5331] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 64.024231][ T5326] ext4 filesystem being mounted at /0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 64.080879][ T52] ================================================================== [ 64.089851][ T52] BUG: KASAN: slab-use-after-free in pick_task_fair+0x13a/0x280 [ 64.098274][ T52] Read of size 1 at addr ffff88802c911ed1 by task kworker/u8:3/52 [ 64.106333][ T52] [ 64.108692][ T52] CPU: 0 UID: 0 PID: 52 Comm: kworker/u8:3 Not tainted 6.11.0-rc4-next-20240822-syzkaller #0 [ 64.119729][ T52] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 64.132361][ T52] Workqueue: 0x0 (bat_events) [ 64.137144][ T52] Call Trace: [ 64.140402][ T52] [ 64.143312][ T52] dump_stack_lvl+0x241/0x360 [ 64.148010][ T52] ? __pfx_dump_stack_lvl+0x10/0x10 [ 64.153218][ T52] ? __pfx__printk+0x10/0x10 [ 64.157785][ T52] ? _printk+0xd5/0x120 [ 64.161920][ T52] ? __virt_addr_valid+0x183/0x530 [ 64.167010][ T52] ? __virt_addr_valid+0x183/0x530 [ 64.172100][ T52] print_report+0x169/0x550 [ 64.176582][ T52] ? __virt_addr_valid+0x183/0x530 [ 64.181670][ T52] ? __virt_addr_valid+0x183/0x530 [ 64.186753][ T52] ? __virt_addr_valid+0x45f/0x530 [ 64.191838][ T52] ? __phys_addr+0xba/0x170 [ 64.196836][ T52] ? pick_task_fair+0x13a/0x280 [ 64.201668][ T52] kasan_report+0x143/0x180 [ 64.206237][ T52] ? pick_task_fair+0x13a/0x280 [ 64.211063][ T52] pick_task_fair+0x13a/0x280 [ 64.215715][ T52] __schedule+0x2eab/0x4b30 [ 64.220196][ T52] ? __pfx___schedule+0x10/0x10 [ 64.225018][ T52] ? schedule+0x90/0x320 [ 64.229232][ T52] ? __pfx_lock_release+0x10/0x10 [ 64.234232][ T52] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 64.240190][ T52] ? schedule+0x90/0x320 [ 64.244419][ T52] ? wq_worker_sleeping+0x66/0x240 [ 64.249525][ T52] ? schedule+0x90/0x320 [ 64.253773][ T52] schedule+0x14b/0x320 [ 64.257921][ T52] worker_thread+0xa2c/0xd10 [ 64.262499][ T52] ? __kthread_parkme+0x169/0x1d0 [ 64.267506][ T52] ? __pfx_worker_thread+0x10/0x10 [ 64.272805][ T52] kthread+0x2f0/0x390 [ 64.276858][ T52] ? __pfx_worker_thread+0x10/0x10 [ 64.281969][ T52] ? __pfx_kthread+0x10/0x10 [ 64.286535][ T52] ret_from_fork+0x4b/0x80 [ 64.290931][ T52] ? __pfx_kthread+0x10/0x10 [ 64.295512][ T52] ret_from_fork_asm+0x1a/0x30 [ 64.300270][ T52] [ 64.303285][ T52] [ 64.305585][ T52] Allocated by task 5320: [ 64.309891][ T52] kasan_save_track+0x3f/0x80 [ 64.314548][ T52] __kasan_slab_alloc+0x66/0x80 [ 64.319559][ T52] kmem_cache_alloc_node_noprof+0x16b/0x320 [ 64.325434][ T52] dup_task_struct+0x57/0x8c0 [ 64.330101][ T52] copy_process+0x5d1/0x3d50 [ 64.334677][ T52] kernel_clone+0x226/0x8f0 [ 64.339161][ T52] __se_sys_clone3+0x2cb/0x350 [ 64.343911][ T52] do_syscall_64+0xf3/0x230 [ 64.348398][ T52] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.354287][ T52] [ 64.356591][ T52] Freed by task 4686: [ 64.360551][ T52] kasan_save_track+0x3f/0x80 [ 64.365202][ T52] kasan_save_free_info+0x40/0x50 [ 64.370226][ T52] __kasan_slab_free+0x59/0x70 [ 64.374962][ T52] kmem_cache_free+0x195/0x3d0 [ 64.379702][ T52] delayed_put_task_struct+0x125/0x300 [ 64.385134][ T52] rcu_core+0xaaa/0x17a0 [ 64.389398][ T52] handle_softirqs+0x2c5/0x980 [ 64.394362][ T52] __irq_exit_rcu+0xf4/0x1c0 [ 64.399213][ T52] irq_exit_rcu+0x9/0x30 [ 64.403546][ T52] sysvec_apic_timer_interrupt+0x57/0xc0 [ 64.409263][ T52] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 64.415241][ T52] [ 64.417568][ T52] Last potentially related work creation: [ 64.423540][ T52] kasan_save_stack+0x3f/0x60 [ 64.428491][ T52] __kasan_record_aux_stack+0xac/0xc0 [ 64.433975][ T52] call_rcu+0x167/0xa70 [ 64.438220][ T52] __schedule+0x1852/0x4b30 [ 64.442716][ T52] schedule_idle+0x53/0x90 [ 64.447117][ T52] do_idle+0x56a/0x5d0 [ 64.451172][ T52] cpu_startup_entry+0x42/0x60 [ 64.455929][ T52] start_secondary+0x102/0x110 [ 64.460688][ T52] common_startup_64+0x13e/0x147 [ 64.465604][ T52] [ 64.467907][ T52] The buggy address belongs to the object at ffff88802c911e00 [ 64.467907][ T52] which belongs to the cache task_struct of size 7424 [ 64.482115][ T52] The buggy address is located 209 bytes inside of [ 64.482115][ T52] freed 7424-byte region [ffff88802c911e00, ffff88802c913b00) [ 64.495987][ T52] [ 64.498315][ T52] The buggy address belongs to the physical page: [ 64.504719][ T52] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2c910 [ 64.513459][ T52] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 64.521938][ T52] memcg:ffff8880275a61c1 [ 64.526156][ T52] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 64.533680][ T52] page_type: 0xfdffffff(slab) [ 64.538335][ T52] raw: 00fff00000000040 ffff8880166fb500 dead000000000100 dead000000000122 [ 64.547095][ T52] raw: 0000000000000000 0000000080040004 00000001fdffffff ffff8880275a61c1 [ 64.555660][ T52] head: 00fff00000000040 ffff8880166fb500 dead000000000100 dead000000000122 [ 64.564301][ T52] head: 0000000000000000 0000000080040004 00000001fdffffff ffff8880275a61c1 [ 64.572944][ T52] head: 00fff00000000003 ffffea0000b24401 ffffffffffffffff 0000000000000000 [ 64.581600][ T52] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 64.590256][ T52] page dumped because: kasan: bad access detected [ 64.596648][ T52] page_owner tracks the page as allocated [ 64.602331][ T52] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 2992, tgid 2992 (kworker/u8:10), ts 10814783161, free_ts 0 [ 64.622875][ T52] post_alloc_hook+0x1f3/0x230 [ 64.627616][ T52] get_page_from_freelist+0x3131/0x3280 [ 64.633165][ T52] __alloc_pages_noprof+0x29e/0x780 [ 64.638338][ T52] alloc_slab_page+0x5f/0x120 [ 64.642987][ T52] allocate_slab+0x5a/0x2f0 [ 64.647463][ T52] ___slab_alloc+0xcd1/0x14b0 [ 64.652125][ T52] __slab_alloc+0x58/0xa0 [ 64.656460][ T52] kmem_cache_alloc_node_noprof+0x1fe/0x320 [ 64.662330][ T52] dup_task_struct+0x57/0x8c0 [ 64.667053][ T52] copy_process+0x5d1/0x3d50 [ 64.672084][ T52] kernel_clone+0x226/0x8f0 [ 64.676662][ T52] user_mode_thread+0x132/0x1a0 [ 64.681496][ T52] call_usermodehelper_exec_work+0x5c/0x230 [ 64.687378][ T52] process_scheduled_works+0xa63/0x1850 [ 64.692905][ T52] worker_thread+0x86d/0xd10 [ 64.697907][ T52] kthread+0x2f0/0x390 [ 64.701950][ T52] page_owner free stack trace missing [ 64.707304][ T52] [ 64.709613][ T52] Memory state around the buggy address: [ 64.715218][ T52] ffff88802c911d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.723267][ T52] ffff88802c911e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.731318][ T52] >ffff88802c911e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.739358][ T52] ^ [ 64.746002][ T52] ffff88802c911f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.754037][ T52] ffff88802c911f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.762070][ T52] ================================================================== [ 64.770201][ T52] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 64.777365][ T52] CPU: 0 UID: 0 PID: 52 Comm: kworker/u8:3 Not tainted 6.11.0-rc4-next-20240822-syzkaller #0 [ 64.787661][ T52] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 64.797689][ T52] Workqueue: 0x0 (bat_events) [ 64.802437][ T52] Call Trace: [ 64.805695][ T52] [ 64.808617][ T52] dump_stack_lvl+0x241/0x360 [ 64.813271][ T52] ? __pfx_dump_stack_lvl+0x10/0x10 [ 64.818446][ T52] ? __pfx__printk+0x10/0x10 [ 64.823013][ T52] ? rcu_is_watching+0x15/0xb0 [ 64.827752][ T52] ? vscnprintf+0x5d/0x90 [ 64.832062][ T52] panic+0x349/0x880 [ 64.835950][ T52] ? __pfx_lock_release+0x10/0x10 [ 64.840951][ T52] ? check_panic_on_warn+0x21/0xb0 [ 64.846124][ T52] ? __pfx_panic+0x10/0x10 [ 64.850520][ T52] ? do_raw_spin_unlock+0x13c/0x8b0 [ 64.855714][ T52] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 64.861600][ T52] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 64.867913][ T52] check_panic_on_warn+0x86/0xb0 [ 64.873087][ T52] ? pick_task_fair+0x13a/0x280 [ 64.878186][ T52] end_report+0x77/0x160 [ 64.882406][ T52] kasan_report+0x154/0x180 [ 64.886883][ T52] ? pick_task_fair+0x13a/0x280 [ 64.891708][ T52] pick_task_fair+0x13a/0x280 [ 64.896481][ T52] __schedule+0x2eab/0x4b30 [ 64.901000][ T52] ? __pfx___schedule+0x10/0x10 [ 64.905932][ T52] ? schedule+0x90/0x320 [ 64.910380][ T52] ? __pfx_lock_release+0x10/0x10 [ 64.915405][ T52] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 64.921570][ T52] ? schedule+0x90/0x320 [ 64.925886][ T52] ? wq_worker_sleeping+0x66/0x240 [ 64.931176][ T52] ? schedule+0x90/0x320 [ 64.935588][ T52] schedule+0x14b/0x320 [ 64.939753][ T52] worker_thread+0xa2c/0xd10 [ 64.944332][ T52] ? __kthread_parkme+0x169/0x1d0 [ 64.949417][ T52] ? __pfx_worker_thread+0x10/0x10 [ 64.955061][ T52] kthread+0x2f0/0x390 [ 64.959153][ T52] ? __pfx_worker_thread+0x10/0x10 [ 64.964256][ T52] ? __pfx_kthread+0x10/0x10 [ 64.968830][ T52] ret_from_fork+0x4b/0x80 [ 64.973295][ T52] ? __pfx_kthread+0x10/0x10 [ 64.977993][ T52] ret_from_fork_asm+0x1a/0x30 [ 64.982774][ T52] [ 66.053063][ T52] Shutting down cpus with NMI [ 66.058106][ T52] Kernel Offset: disabled [ 66.062421][ T52] Rebooting in 86400 seconds..