last executing test programs: 6.332321686s ago: executing program 1 (id=2): shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000100)='./file0\x00', 0xfb36b7c5edb7f4c7, 0x0, 0x1, 0x0, &(0x7f0000000000)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000000c0)={[{@nr_blocks={'nr_blocks', 0x3d, [0x35]}}]}) chdir(&(0x7f0000000140)='./file0\x00') r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000280), 0x1670e68) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) symlinkat(&(0x7f0000000140)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', r3, &(0x7f0000000000)='./file0\x00') sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x161c}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f00000009c0)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @val={0x2d, 0x1a, {0x0, 0x0, 0x7, 0x0, {0x401, 0x40, 0x0, 0x40, 0x0, 0x0, 0x0, 0x1}, 0x8, 0x8, 0x9}}, @void, @void}, 0x52) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x65}, [@ldst={0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd96, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd56, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffd51, &(0x7f0000000000)='cgroup\x00'}, 0x30) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000040)='cpu.max\x00', 0x2, 0x0) write$cgroup_subtree(r5, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x8) 5.620755546s ago: executing program 1 (id=6): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) socket$inet6(0xa, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r5 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000000080)) ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f0000000040)) ioctl$SNDCTL_DSP_CHANNELS(r5, 0xc0045006, &(0x7f00000000c0)=0x40) ppoll(&(0x7f0000000340)=[{r5}], 0x1, &(0x7f00000003c0), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0x2c, r1, 0x462, 0x70bd2a, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x8001, 0x14}}}}, [@NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x2810}, @NL80211_ATTR_SCAN_FREQUENCIES={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008080}, 0x4000) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r6 = socket$l2tp6(0xa, 0x2, 0x73) setsockopt$inet6_IPV6_RTHDR(r6, 0x29, 0x39, &(0x7f0000000000)={0x0, 0x2, 0x2, 0x1, 0x0, [@dev]}, 0x18) 4.645026533s ago: executing program 0 (id=1): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)) fsmount(0xffffffffffffffff, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[], 0x7c}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = syz_io_uring_setup(0x1d39, &(0x7f0000000240)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000200)=0x0) syz_io_uring_setup(0x7666, &(0x7f0000000340)={0x0, 0x5169, 0x80, 0x2}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)) r7 = socket$caif_stream(0x25, 0x1, 0x0) syz_io_uring_submit(r6, r5, &(0x7f0000000480)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r7, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x40010142}) io_uring_enter(r4, 0x291c, 0x0, 0x0, 0x0, 0x0) 4.427664611s ago: executing program 1 (id=7): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) syz_emit_ethernet(0xa3, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000340)={0xa, 0x4e23, 0x0, @mcast2, 0x4000000}, 0x1c) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x34, r6, 0x301, 0x0, 0x0, {0x34}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000001dc0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) r7 = syz_open_dev$cec(&(0x7f00000003c0), 0x0, 0x0) ioctl$CEC_S_MODE(r7, 0x40046109, &(0x7f0000000080)=0x22) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) 4.423041154s ago: executing program 2 (id=3): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000740)={'veth1_vlan\x00', 0x0}) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0x401, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x1}, 0x48) fcntl$setflags(r3, 0x2, 0x1) socket$alg(0x26, 0x5, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) r5 = accept$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @private2}, &(0x7f0000000140)=0x1c) setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f0000000200)={0xc, 0x1, '\x00', [@enc_lim, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}]}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r4, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) socket$nl_xfrm(0x10, 0x3, 0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r7 = epoll_create1(0x0) close_range(r7, r6, 0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) write$cgroup_subtree(r8, &(0x7f0000000200)=ANY=[], 0x0) preadv(r8, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket(0x0, 0x0, 0x0) socket(0x10, 0x2, 0x0) r9 = socket$qrtr(0x2a, 0x2, 0x0) bind$qrtr(r9, &(0x7f0000000000)={0x2a, 0x1}, 0xc) bind$qrtr(r9, &(0x7f00000000c0)={0x2a, 0x1, 0x4001}, 0xc) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000400)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_MEMORY_LIMIT={0x8}, @TCA_FQ_CODEL_DROP_BATCH_SIZE={0x2}]}}, @TCA_INGRESS_BLOCK, @qdisc_kind_options=@q_pfifo]}, 0x48}}, 0x0) 3.011122436s ago: executing program 1 (id=8): bpf$PROG_LOAD(0x5, 0x0, 0x0) getpid() r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue1\x00'}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000002800)=ANY=[@ANYBLOB="73686f727461642c756e64656c6574652c73657373696f6e3d30303030000800003030303030303030303139302c6d6f64653d30303030303030303030303030303030303030303030352c726f6f746469723d30303030303030303030303030303030303030352c646d6f64653d30303030303030303030303030303030303030303030362c696f636861727365743d6370313235312c696f636861727365743d6b6f69382d722c6e6f7672732c0084f5b23d82aacbefd1de1daab7394a9b4696461da9ab46f2d71c895d8c"], 0xfc, 0xc41, &(0x7f0000001b80)="$eJzs3U9sHNd9B/DfG5Hi0m4rxnYUJ42LTVuksmK5+hdTsQp3VdNsA8gyEYq5BeCKpNSFKZIgqUY20oLupYceAhRFDzkRaI0CKRoYTRH0yLQukFx8KHLqiWhhIyh6YIsAOQUMZvatuKRJmzb/iLI+H5v67s68N/PezHJGIvjmBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ8QcvXTl7Lt3vVgAAh+na6NfOnnf/B4CHynX//gcAAAAAAAAAAAAAgKMuRRGPR4q5a2tpvHrfVrva6r1zd2xoePtq/amqeawqX37Vzp2/cPHLzw1e6uTV1swH1N9vn4tXRq9fqb84e3tufmphYWqyPjbTmpidnNr1FvZaf6vT1QGo3371zuTNmwv1889e2LT67sB7fY+eHLg8+PSZpzplx4aGh0c3itS6y/d87Ia07TTC43gUcSZSPPO9n6ZmRBSx92NRO9xzv1V/1YnTVSfGhoarjky3mjOL5cqRzoEoIupdlRqdY7T9uYie3kPtw84aEUtl88sGny67NzrXnG/emJ6qjzTnF1uLrdmZkdRubdmfehRxKUUsR8Rq3/s31xtF9ESK75xYSzci4ljnOHypGhi8czuKA+zjLpTtrPdGLBcPwDk7wvqiiJcjxc/ePhUT+TpTXWu+GPFymT+IeLPMFyJS+cG4GPHuNp8jHkw9UcRfluf/8lqarK4HnevK1a/Xvzpzc7arbOe68hHvD++7Utyn+0P/ljwcR/zaVIsimtUVfy19/L/sAAAAAAAAAAAAAAAAALDf+qOIz0aKl/7jT6pxxVGNSz9xefAPB361e8z4kx+ynbLssxGxVOxuTO7xPDBwJI2kdJ/HEj/MalHEn+bxf2/c78YAAAAAAAAAAAAAAAAAAAA81Ir4SaR4/p1TaTm65xRvzdyqX2/emG7PCtuZ+7czZ/r6+vp6PbWzkXM851LO5ZwrOVdzRpHr52zkHM+5lHM550rO1ZxxLNfP2cg5nnMp53LOlZyrOaMn18/ZyDmecynncs6VnKs544jM3QsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8ElSRBG/iBTf/uZaihQRjYjxaOdK3/1uHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQ6ktFfD9S1P+ocW9ZT0Sk6v+2U+UfF6NxvMzHojFY5gvRuJKzWWVP44370H72pjcV8eNI0Vd7K1JPe1k+/73td/c+BvHmtzbefS6XPdZZOfBe36MnT1weHP6NJ3d6nbZrwOmrrZk7d+tjQ8PDo12Le/LeH+taNpD3W+xT34lYeO31V5vT01PzH/9F+RHYQ/UH6EX5DXIEmuHFYb2IniPRjPvTdx4C5f3/3Ujxu+/8Z+eG377/1+JX2u/u3eHj53+2cf9/fuuGdnn/79laL9//y3v6dvf/x7uWPZ//NtLbE1FbvD3XezKitvDa62dat5u3pm5NzVw8e/Yrg4NfuXC293hE7WZreqrr1b4cLgAAAAAAAAAAAAAAAIDDk4r4/UjR/PFaqkfE3Wq81sDlwafPPHUsjlXjrTaN235l9PqV+ouzt+fmpxYWpibrYzOtidnJqd3urlYN9xobGj6Qznyo/gNuf3/txdm51+Zbt/54cdv1j9Su3FhYnG9ObL86+qOIaHQvOV01eGxouGr0dKs5U1Ud2XYw/UfXm4r4r0gxcbGevpCX5fH/W0f4bxr/v7R1Qwc0/v9TXcvKfaZUxM8jxe/81ZPxhaqdj8T7jlku93eR4vSlz+dycbws12nDY9VDBNojA8uy/xcp/ukXm8t2xkO2xyBWZc/t/sg+GMrzfyJSfP8vvhu/mZdtfv7D9uf/ka0bOqDz/0TXskc2Pa9gz10nn/8zkeKFx9+K38rLPuj5H51nb5zKhe89n+OAzv+nu5YN5P3+9v50HQAAAAAAAAAA4IHWm4r4+0jxw+Ge9Fxetpvf/5vcuqED+v2vz3Qtm9yf+Yo+9MWeDyoAAAAAHBG9qYifRIpbi2/dG0O9efx31/jP39sY/zmUtqytfs73a9VzA/bz53/dBvJ+x/febQAAAAAAAAAAAAAAAAAAADhSUiriuTyf+ng1nn9yx/nUVyLFS//zTC6XTpblOvPAD1R/1q7Nzpy5Mj09O9FcbN6YnqqPzjUnpsq6T0SKtb/9fK5bVPOrd+abb8/xvjEX+3ykGP6HTtn2XOyducmf2Ch7riz7qUjx3/+Yy66vV2U781h/eqPs+bLs30SKb/zL5u12yp7cKHuhLPvdSPGjb9Q7ZR8py3aej/qZjbLPTswWB3BWAAAAAAAAAAAAAAAAAAAAeNj0piL+PFL87+3le2P58/z/vV1vK29+q2u+/y3uVvP8D1Tz/+/0+uPM/189V2Bpp70CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnU4oiXo8Uc9fW0kpf+b6tdrU1c+fu2NDw9tX6U1XzWFW+/KqdO3/h4pefG7zUyQ+uv98+G6+MXr9Sf3H29tz81MLC1GR9bKY1MTs5test7LX+VqerA1C//eqdyZs3F+rnn72wafXdgff6Hj05cHnw6TNPdcqODQ0Pj3aV6en9qDt9Y8c1aYflx6OIv44Uz3zvp+mHfRFF7P1YbPvZ6dt9L/aov+rE6aoTY0PDVUemW82ZxXLlSOdAFBH1rkqNzjHat3NxQBoRS2XzywafLrs3Otecb96YnqqPNOcXW4ut2ZmR1G5t2Z96FHEpRSxHxOo256A3ing1UnznxFr6176IY53j8KVro187e37ndhQH2MddKNtZ741YLh6Ac3aE9UUR/xwpfvb2qfi3voieaH/FFyNeLvMHEW9G+3yn8oNxMeLdw/te5oD1RBH/X57/y2vp7b7yetC5rlz9ev2rMzdnu8p2risHcn84PP2Hurcjfm2qRRE/qq74a+nffV8DAAAAAAAAAAAAAAAAHCFF/HqkeP6dU6kaH3xvTHFr5lb9evPGdHtYX2fsX2fM9Pr6+no9tbORczznUs7lnCs5V3NGkevnbJRZW18fz++Xci7nXMm5mjOO5fo5GznHcy7lXM65knM1Z/Tk+jkbOcdzLuVczrmSczVnHJGxewAAAAAAAAAAAAAAAAAAwCdLUf2X4tvfXEvrfe35pcejnSvmA/3E+2UAAAD//xtt+zc=") r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) socket$nl_generic(0x10, 0x3, 0x10) rmdir(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00') ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x0, 'queue0\x00'}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0) 1.85848939s ago: executing program 1 (id=9): bpf$ENABLE_STATS(0x20, 0x0, 0x0) getgroups(0xfffffeb5, 0xfffffffffffffffe) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x40046207, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000000)={0x8, 0x0, &(0x7f00000003c0)=[@increfs], 0x0, 0x0, 0x0}) dup3(r1, r0, 0x0) ppoll(&(0x7f0000000180)=[{r1}], 0x1, 0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000580)={0x10, 0x0, &(0x7f0000000700)=[@request_death={0x400c630e, 0x0, 0xffffff7f00000000}], 0x0, 0x1000000000000, 0x0}) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x80a, &(0x7f0000000340)={[{@nombcache}, {@stripe}]}, 0x1, 0x799, &(0x7f0000000400)="$eJzs3c9rHFUcAPDvbJImTauNINh6aU5aKN20NbYKghEPIlgo6Nk2bLYhZpMtyaY0IQeLCIIIWjwIevHsj3rzKnr2b/AiIi1V02LFg6zM/ki2yWaTptls23w+MMn7zr7Je9+dnTdvM8NuALvWYPojE3EoIj5OIg7U1icR0VMpdUeMVOvdWVrMpUsS5fKbfyaVOreXFnPRsE1qXy04GBE/vh9xNLO23dn5hcnRQiE/U4uHSlMXh2bnF45NTI2O58fz06dODA+fPP386VPbl+vfPy/sv/HJa89+O/Lve09d++inJEZif+2xxjy2y2AM1p6TnvQpvMur291YhyWd7gBbkh6aXdWjPA7FgeiqlACAR1l6/i8DALtM4vwPALtM/f8At5cWc/Wls/+R2Fk3X4mIvmr+9eub1Ue6a9fs+irXQftvJ9FduyIaseZy3pYNRsQX37/9dbpEm65DAjTz7pWIOD8wuHb8T+57kDu+iTqDq2LjH+ycH9L5zwvN5n+Z5flPLM9/VvQ2OXa3YjBiT2O89vjPXG+64cvb0Hht/vdS9d62NNGG+d/yTWsDXbXosTQ4HBEThXw6tj0eEUeip/fCRCF/okUbR279d2u9xxrnf39dfeertP3090qNzPXu3ru3GRstjd5Pzo1uXol4unvl3r47a8b/vsq9Xav3f7rubKs/fHil+PqLH3y+XrU0/zTf+rI2//YqfxnxTDTPvy5peX/iULr7j1d/Nm/ju18/61+v/cb9ny5p+/X3Ajsh3f/9rfMfSBrv15zd3vY3zr/5639P8lalXB88Lo+WSjMnIvYkb6xdf3Jl23pcr5/mX810df6Zlq//9J3g+U3m2H3jj2+2nn97pfmP3dP+v/fCtTuTXeu1v7n9P1wpHamt2cz4t9kO3s9zBwAAAAAAAAAAAAAAAAAAAAAAAACblYmI/ZFkssvlTCabrX6H95PRnykkUTp6oTg3PRaV78oeiJ5M/aMuD1TjpP75pwMN8clV8XMR8UREfNq7txJnc8XCWKeTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICafet8/3/q995O9w4AaJu+DWvcyt8Vlsvlchv7AwC038bnfwDgUdPi/L93J/sBAOwc7/8BYPdx/geA3cf5HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDY7e+ZMupT/WVrMpfHYpfm5yeKlY2P52cns1FwumyvOXMyOF4vjhXw2V5za6O8VisWLwzE9d3molJ8tDc3OL5ybKs5Nl85NTI2O58/le3YkKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4N7PzC5OjhUJ+5pEofBgRD0A32lFI4oHoRkcKvx375WCrOlfXexlHVAojD0QWD1mh0yMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMPh/wAAAP//3jskKw==") socket$netlink(0x10, 0x3, 0x0) socket(0x0, 0x3, 0x0) syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x2, &(0x7f0000000000)={[{@noblock_validity}, {@dioread_nolock}, {@errors_remount}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x22}, 0x84, 0x451, &(0x7f0000000480)="$eJzs20tvG1UUAOAz46bvklDKow/AUBARj6RJC3TBBgRSN0hIsCjLkKZVqdugJki0qmhAqCxRfwGwROIXsIINAlYgtrBHSBXqhsICDRp7nBrHDnbs1Gn9fdIk986Mfc/xzLXvzLUDGFrl/E8SsTMifomI0YgoNe9Qrv27cf3S7F/XL80mkWWv/5HkD4s/r1+are+aFP93FJXxNCL9KIn9LdpduHDxzEylMne+qE8unn1ncuHCxWdOn505NXdq7tz00aNHDk89/9z0s33Jc1ce67735w/sPfbm1Vdnj1996/sv83h3Ftsb86gZ67nNcpSXX5Nmj/f87BvLroZysmmAgdCVvK/nh2uk2v9HoxQ3D95ovPLhQIMD1lWWZdmWFWuXRwBLGXAHS2LQEQCDUf+gz69/68stHH4M3LUXaxdAed43iqW2ZVOkxT4jTde3/VSOiONLf3+aL9HyPgQAQH99nY9/nm41/kvjvob97irmhsYi4u6I2B0R90TEnoi4N6K67/0R8UCX7Zeb6ivHPz9tW1NiHcrHfy8Uc1v/Hf/VR38xVipqu6r5jyQnT1fmDhWvyXiMbMnrU6u08c3LP3/Sblvj+C9f8vbrY8Eijt83Nd2gOzGzONNLzo2ufVC9B3h5Zf7J8kxAEhF7I2LfGp5/a0ScfvKLA+22/3/+q+jDPFP2ecQTteO/FE351yWrz09Obo3K3KHJ+lmx0g8/XnmtXfs95d8H+fHf3vL8X85/LGmcr13ovo0rv37c9ppmref/5uSNanlzse69mcXF81MRm5Olleunbz62Xq/vn+c/frB1/98d8c9nxeP2R0R+Ej8YEQ9FxMNF7I9ExKMRcXCV/L976bG3157/+srzP9HV8e++UDrz7Vft2u/s+B+plsaLNZ28/3UaYC+vHQAAANwu0up34JN0YrmcphMTte/w74ntaWV+YfGpk/PvnjtR+678WIyk9Ttdow33Q6eKe8P1+nRT/XD1vnGWZdm2an1idr6yXnPqQGd2tOn/ud9Kg44OWHddzaO1+0UbcFvye00YXvo/DC/9H4aX/g/Dq1X/vxxxYwChALeYz38YXvo/DC/9H4aX/g9DqZff9a9W2H1svZ75TiuUNkYYXRci3RBhrK2QbowwaoUtEdHpzpfjVgU26HcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg3AAD//zLQ7Dk=") prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) getrlimit(0xa, &(0x7f0000000140)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1301}) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x3, 0x6, &(0x7f0000000180)=ANY=[@ANYBLOB="1802000000000000000000000000000018130000", @ANYBLOB="010000000000000085000000c0000000eb04000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000200)="9e36d448b388dd965f7a3312779a", 0x0, 0x31, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.765085981s ago: executing program 4 (id=5): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) creat(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) syz_open_dev$dri(0x0, 0x1ff, 0x0) modify_ldt$write(0x1, &(0x7f0000000040), 0x10) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000140)=0x2002, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1.702877411s ago: executing program 3 (id=4): socket$kcm(0xa, 0x5, 0x0) chdir(0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$radio(0x0, 0xffffffffffffffff, 0x2) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={0xffffffffffffffff, &(0x7f0000000300)}, 0x20) renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_AGP_UNBIND(0xffffffffffffffff, 0x40106437, &(0x7f0000000180)={0x0, 0x7fff}) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000800)={{r3}, &(0x7f0000000700)=0x2, &(0x7f00000007c0)=r4}, 0x20) 0s ago: executing program 4 (id=10): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000001880), 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r3 = dup(r1) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_vs_stats_percpu\x00') mount$9p_fd(0x0, 0x0, &(0x7f00000003c0), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r4}}) mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r6, 0x0, r7, 0x0, 0x8000f28, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x5d12, 0x4) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) r8 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_CLEAR_HALT(r8, 0x8008550e, &(0x7f0000000340)) connect$inet(0xffffffffffffffff, &(0x7f0000007f80)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) recvmmsg(r0, &(0x7f0000007a80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=""/57, 0x39}}], 0x1, 0x45833af92e4b39ff, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.24' (ED25519) to the list of known hosts. [ 65.940858][ T5212] cgroup: Unknown subsys name 'net' [ 66.072184][ T5212] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 67.612709][ T5212] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 69.910823][ T5234] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 69.911665][ T5236] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 69.926564][ T5238] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 69.936021][ T5238] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 69.946665][ T5238] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 69.948819][ T5236] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 69.954139][ T5238] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 69.965058][ T5236] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 69.969175][ T5238] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 69.983385][ T5238] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 69.991623][ T5238] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 69.999910][ T5238] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 70.007196][ T5243] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 70.017826][ T5243] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 70.027860][ T5242] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 70.035150][ T4618] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 70.036181][ T5243] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 70.043362][ T5242] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 70.055261][ T5239] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 70.058555][ T5242] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 70.065135][ T5243] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 70.070261][ T4618] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 70.085151][ T5242] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 70.091728][ T5243] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 70.104180][ T5242] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 70.110685][ T5243] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 70.122276][ T5243] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 70.137802][ T5232] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 70.154350][ T5232] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 70.164162][ T5232] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 70.600817][ T5229] chnl_net:caif_netlink_parms(): no params data found [ 70.618353][ T5222] chnl_net:caif_netlink_parms(): no params data found [ 70.660832][ T5223] chnl_net:caif_netlink_parms(): no params data found [ 70.689724][ T5228] chnl_net:caif_netlink_parms(): no params data found [ 70.745736][ T5231] chnl_net:caif_netlink_parms(): no params data found [ 70.889144][ T5229] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.896618][ T5229] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.904195][ T5229] bridge_slave_0: entered allmulticast mode [ 70.911636][ T5229] bridge_slave_0: entered promiscuous mode [ 70.919839][ T5222] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.927139][ T5222] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.934944][ T5222] bridge_slave_0: entered allmulticast mode [ 70.941635][ T5222] bridge_slave_0: entered promiscuous mode [ 70.986706][ T5229] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.994991][ T5229] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.002151][ T5229] bridge_slave_1: entered allmulticast mode [ 71.009516][ T5229] bridge_slave_1: entered promiscuous mode [ 71.025978][ T5222] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.033074][ T5222] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.041043][ T5222] bridge_slave_1: entered allmulticast mode [ 71.048082][ T5222] bridge_slave_1: entered promiscuous mode [ 71.087201][ T5228] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.094666][ T5228] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.101825][ T5228] bridge_slave_0: entered allmulticast mode [ 71.109579][ T5228] bridge_slave_0: entered promiscuous mode [ 71.142109][ T5231] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.149464][ T5231] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.157057][ T5231] bridge_slave_0: entered allmulticast mode [ 71.163750][ T5231] bridge_slave_0: entered promiscuous mode [ 71.170634][ T5228] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.178410][ T5228] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.185750][ T5228] bridge_slave_1: entered allmulticast mode [ 71.192556][ T5228] bridge_slave_1: entered promiscuous mode [ 71.208322][ T5229] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.220221][ T5229] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.238626][ T5223] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.245910][ T5223] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.253118][ T5223] bridge_slave_0: entered allmulticast mode [ 71.261222][ T5223] bridge_slave_0: entered promiscuous mode [ 71.269396][ T5231] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.276911][ T5231] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.284229][ T5231] bridge_slave_1: entered allmulticast mode [ 71.291026][ T5231] bridge_slave_1: entered promiscuous mode [ 71.307681][ T5228] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.335666][ T5222] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.348238][ T5222] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.357782][ T5223] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.365418][ T5223] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.372632][ T5223] bridge_slave_1: entered allmulticast mode [ 71.379914][ T5223] bridge_slave_1: entered promiscuous mode [ 71.396917][ T5228] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.417476][ T5229] team0: Port device team_slave_0 added [ 71.473292][ T5229] team0: Port device team_slave_1 added [ 71.481904][ T5222] team0: Port device team_slave_0 added [ 71.490411][ T5222] team0: Port device team_slave_1 added [ 71.498398][ T5223] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.509859][ T5223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.521578][ T5231] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.528221][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.535457][ T5231] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.543890][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.556186][ T5228] team0: Port device team_slave_0 added [ 71.610973][ T5228] team0: Port device team_slave_1 added [ 71.636096][ T5229] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.643089][ T5229] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.670132][ T5229] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.693070][ T5223] team0: Port device team_slave_0 added [ 71.718287][ T5229] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.725658][ T5229] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.751800][ T5229] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.764306][ T5222] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.771303][ T5222] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.797449][ T5222] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.811918][ T5223] team0: Port device team_slave_1 added [ 71.819688][ T5231] team0: Port device team_slave_0 added [ 71.828256][ T5231] team0: Port device team_slave_1 added [ 71.834844][ T5228] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.841806][ T5228] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.868836][ T5228] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.895764][ T5222] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.902753][ T5222] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.929409][ T5222] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.962632][ T5228] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.969897][ T5228] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.996782][ T5228] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.026239][ T5229] hsr_slave_0: entered promiscuous mode [ 72.032483][ T5229] hsr_slave_1: entered promiscuous mode [ 72.068351][ T5231] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.075573][ T5231] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.102008][ T5231] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.131799][ T5222] hsr_slave_0: entered promiscuous mode [ 72.138191][ T5222] hsr_slave_1: entered promiscuous mode [ 72.148262][ T5222] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.156294][ T5232] Bluetooth: hci1: command tx timeout [ 72.156294][ T5234] Bluetooth: hci2: command tx timeout [ 72.156591][ T5234] Bluetooth: hci3: command tx timeout [ 72.161974][ T5232] Bluetooth: hci0: command tx timeout [ 72.180469][ T5222] Cannot create hsr debugfs directory [ 72.186659][ T5223] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.193614][ T5223] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.219952][ T5223] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.232954][ T5223] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.240388][ T5223] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.240558][ T5232] Bluetooth: hci4: command tx timeout [ 72.272292][ T5223] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.284460][ T5231] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.291428][ T5231] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.317538][ T5231] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.394535][ T5228] hsr_slave_0: entered promiscuous mode [ 72.400984][ T5228] hsr_slave_1: entered promiscuous mode [ 72.409072][ T5228] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.416926][ T5228] Cannot create hsr debugfs directory [ 72.447470][ T5223] hsr_slave_0: entered promiscuous mode [ 72.454714][ T5223] hsr_slave_1: entered promiscuous mode [ 72.460866][ T5223] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.468735][ T5223] Cannot create hsr debugfs directory [ 72.520722][ T5231] hsr_slave_0: entered promiscuous mode [ 72.527432][ T5231] hsr_slave_1: entered promiscuous mode [ 72.534353][ T5231] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.541948][ T5231] Cannot create hsr debugfs directory [ 72.863645][ T5229] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 72.877066][ T5229] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 72.899129][ T5229] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 72.915687][ T5229] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 72.947884][ T5222] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 72.976349][ T5222] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 72.988418][ T5222] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 73.008816][ T5222] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 73.049479][ T5231] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 73.060554][ T5231] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 73.071344][ T5231] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 73.091074][ T5231] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 73.203111][ T5223] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 73.220255][ T5223] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 73.230453][ T5223] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 73.251505][ T5229] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.260937][ T5223] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 73.326953][ T5228] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 73.341198][ T5228] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 73.356701][ T5228] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 73.375826][ T5228] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 73.391358][ T5229] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.431695][ T1105] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.439008][ T1105] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.477629][ T1105] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.484775][ T1105] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.502587][ T5222] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.560058][ T5231] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.598406][ T5222] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.617460][ T5231] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.635345][ T5223] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.662020][ T1105] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.669140][ T1105] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.680144][ T1105] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.687270][ T1105] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.697492][ T1105] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.704649][ T1105] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.722349][ T5229] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 73.753420][ T5223] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.785129][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.792372][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.817523][ T2560] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.824820][ T2560] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.905332][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.912489][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.952964][ T5228] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.988381][ T5229] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.029618][ T5228] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.123343][ T2560] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.130603][ T2560] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.150905][ T2560] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.158148][ T2560] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.221809][ T5229] veth0_vlan: entered promiscuous mode [ 74.248257][ T5232] Bluetooth: hci3: command tx timeout [ 74.253743][ T5232] Bluetooth: hci1: command tx timeout [ 74.260804][ T5242] Bluetooth: hci2: command tx timeout [ 74.260829][ T5234] Bluetooth: hci0: command tx timeout [ 74.315876][ T5229] veth1_vlan: entered promiscuous mode [ 74.316390][ T5232] Bluetooth: hci4: command tx timeout [ 74.358894][ T5231] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.502362][ T5229] veth0_macvtap: entered promiscuous mode [ 74.526899][ T5223] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.539706][ T5229] veth1_macvtap: entered promiscuous mode [ 74.562991][ T5222] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.612374][ T5229] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.658046][ T5229] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.668325][ T5223] veth0_vlan: entered promiscuous mode [ 74.708855][ T5229] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.719739][ T5229] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.729110][ T5229] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.738361][ T5229] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.762708][ T5222] veth0_vlan: entered promiscuous mode [ 74.810254][ T5223] veth1_vlan: entered promiscuous mode [ 74.838456][ T5222] veth1_vlan: entered promiscuous mode [ 74.902197][ T79] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.912192][ T79] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.941076][ T5228] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.981407][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.986678][ T5223] veth0_macvtap: entered promiscuous mode [ 74.996052][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.013015][ T5231] veth0_vlan: entered promiscuous mode [ 75.027957][ T5223] veth1_macvtap: entered promiscuous mode [ 75.038878][ T5222] veth0_macvtap: entered promiscuous mode [ 75.053474][ T5222] veth1_macvtap: entered promiscuous mode [ 75.067725][ T5231] veth1_vlan: entered promiscuous mode [ 75.129841][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.141374][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.156506][ T5223] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.178723][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.195387][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.206513][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.219043][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.230665][ T5222] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.238133][ T5308] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 75.262795][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.273481][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.287180][ T5223] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.301783][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.314262][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.326746][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.337892][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.349447][ T5222] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.364338][ T5222] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.373413][ T5222] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.382461][ T5222] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.391816][ T5222] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.418020][ T5231] veth0_macvtap: entered promiscuous mode [ 75.433624][ T5228] veth0_vlan: entered promiscuous mode [ 75.441228][ T5223] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.450331][ T5223] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.459511][ T5223] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.468630][ T5223] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.505373][ T5231] veth1_macvtap: entered promiscuous mode [ 75.543334][ T5228] veth1_vlan: entered promiscuous mode [ 75.578300][ T5231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.591474][ T5231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.603345][ T5231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.614453][ T5231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.624640][ T5231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.635717][ T5231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.648067][ T5231] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.691082][ T5231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.704720][ T5231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.714847][ T5231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.726126][ T5231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.736016][ T5231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.746741][ T5231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.761457][ T5231] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.781882][ T5231] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.790984][ T5231] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.800412][ T5231] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.814899][ T5231] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.845345][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.853281][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.916578][ T2560] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.933575][ T2560] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.948523][ T5228] veth0_macvtap: entered promiscuous mode [ 76.045837][ T5228] veth1_macvtap: entered promiscuous mode [ 76.083520][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.112166][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.178029][ T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.187090][ T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.213356][ T5228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.236978][ T5228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.328752][ T5232] Bluetooth: hci1: command tx timeout [ 76.339235][ T5232] Bluetooth: hci2: command tx timeout [ 76.345753][ T5232] Bluetooth: hci0: command tx timeout [ 76.351442][ T5232] Bluetooth: hci3: command tx timeout [ 76.365566][ T5228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.410401][ T5232] Bluetooth: hci4: command tx timeout [ 76.463994][ T5228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.481065][ T5228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.502213][ T5228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.555039][ T5228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.620109][ T5228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.707214][ T5228] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.804297][ T5228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.814864][ T5228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.824905][ T5228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.835425][ T5228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.846171][ T5228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.856929][ T5228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.866892][ T5228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.877998][ T5228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.889631][ T5228] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.111312][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.148951][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.174109][ T5228] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.183162][ T5228] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.220104][ T5228] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.229162][ T5228] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.244020][ T1105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.259601][ T1105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.560225][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 77.866992][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 78.394366][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.404213][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.474094][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 78.484169][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!! [ 78.513416][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.514867][ T5242] Bluetooth: hci3: command tx timeout [ 78.526730][ T5242] Bluetooth: hci0: command tx timeout [ 78.532130][ T5242] Bluetooth: hci2: command tx timeout [ 78.537580][ T5242] Bluetooth: hci1: command tx timeout [ 78.542978][ T5242] Bluetooth: hci4: command tx timeout [ 78.566628][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 78.588038][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.798931][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.810109][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.007795][ T5333] loop1: detected capacity change from 0 to 2048 [ 79.092116][ T5333] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 79.684099][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 79.702022][ T5334] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3'. [ 80.304274][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 80.312600][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 81.322072][ T5346] loop1: detected capacity change from 0 to 2048 [ 81.532533][ T5346] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #2: comm syz.1.9: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 81.554915][ T5317] ================================================================== [ 81.563549][ T5317] BUG: KASAN: stack-out-of-bounds in cmp_ex_search+0x34/0xa0 [ 81.571029][ T5317] Read of size 8 at addr ffffc90008b96f40 by task syz.0.1/5317 [ 81.578571][ T5317] [ 81.580893][ T5317] CPU: 1 UID: 0 PID: 5317 Comm: syz.0.1 Tainted: G D 6.11.0-rc4-next-20240822-syzkaller #0 [ 81.592267][ T5317] Tainted: [D]=DIE [ 81.595976][ T5317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 81.606028][ T5317] Call Trace: [ 81.609304][ T5317] [ 81.612234][ T5317] dump_stack_lvl+0x241/0x360 [ 81.616916][ T5317] ? __pfx_dump_stack_lvl+0x10/0x10 [ 81.622135][ T5317] ? __pfx__printk+0x10/0x10 [ 81.626724][ T5317] ? _printk+0xd5/0x120 [ 81.630884][ T5317] print_report+0x169/0x550 [ 81.635387][ T5317] ? __virt_addr_valid+0xbd/0x530 [ 81.640420][ T5317] ? cmp_ex_search+0x34/0xa0 [ 81.645005][ T5317] kasan_report+0x143/0x180 [ 81.649519][ T5317] ? cmp_ex_search+0x34/0xa0 [ 81.654127][ T5317] ? bsearch+0x2e/0xc0 [ 81.658195][ T5317] ? __sanitizer_cov_trace_const_cmp8+0x7d/0x90 [ 81.664449][ T5317] ? search_extable+0xb3/0x100 [ 81.669208][ T5317] ? search_extable+0xb3/0x100 [ 81.673973][ T5317] ? __pfx_search_extable+0x10/0x10 [ 81.679173][ T5317] ? __bad_area_nosemaphore+0xb5/0x770 [ 81.684635][ T5317] ? __pfx_search_extable+0x10/0x10 [ 81.689833][ T5317] ? validate_chain+0x11e/0x5920 [ 81.694779][ T5317] ? __lock_acquire+0x1384/0x2050 [ 81.699813][ T5317] ? __bad_area_nosemaphore+0xb5/0x770 [ 81.705275][ T5317] ? search_exception_tables+0x3a/0x60 [ 81.710824][ T5317] ? __pfx_fixup_exception+0x10/0x10 [ 81.716118][ T5317] ? __pfx_fixup_exception+0x10/0x10 [ 81.721410][ T5317] ? __pfx_validate_chain+0x10/0x10 [ 81.726632][ T5317] ? __pfx_validate_chain+0x10/0x10 [ 81.731883][ T5317] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 81.737891][ T5317] ? exc_general_protection+0x1e8/0x5d0 [ 81.743483][ T5317] ? exc_general_protection+0x1e8/0x5d0 [ 81.749054][ T5317] ? __lock_acquire+0x1384/0x2050 [ 81.754114][ T5317] ? asm_exc_general_protection+0x26/0x30 [ 81.759843][ T5317] ? console_verbose+0x2d/0x60 [ 81.764613][ T5317] ? __bad_area_nosemaphore+0xb5/0x770 [ 81.770091][ T5317] ? __pfx_panic+0x10/0x10 [ 81.774519][ T5317] ? __pfx___bad_area_nosemaphore+0x10/0x10 [ 81.780420][ T5317] ? spurious_kernel_fault+0x119/0x5a0 [ 81.785889][ T5317] ? do_kern_addr_fault+0x30/0x80 [ 81.791015][ T5317] ? exc_page_fault+0x5c8/0x8c0 [ 81.795873][ T5317] ? __stack_chk_fail+0x15/0x20 [ 81.800728][ T5317] ? __might_resched+0x77c/0x780 [ 81.805667][ T5317] ? asm_exc_page_fault+0x26/0x30 [ 81.810711][ T5317] ? __switch_to+0x768/0x1c30 [ 81.815430][ T5317] ? __mutex_lock+0xc1/0xd70 [ 81.820042][ T5317] ? __mutex_unlock_slowpath+0x21d/0x750 [ 81.825686][ T5317] ? __pfx_validate_chain+0x10/0x10 [ 81.830894][ T5317] ? __unix_dgram_recvmsg+0x246/0x12f0 [ 81.836359][ T5317] ? __pfx___mutex_lock+0x10/0x10 [ 81.841403][ T5317] ? __lock_acquire+0x1384/0x2050 [ 81.846441][ T5317] ? __unix_dgram_recvmsg+0x246/0x12f0 [ 81.851915][ T5317] ? __pfx___unix_dgram_recvmsg+0x10/0x10 [ 81.857902][ T5317] ? __pfx___might_resched+0x10/0x10 [ 81.863192][ T5317] ? iovec_from_user+0x61/0x240 [ 81.868054][ T5317] ? unix_dgram_recvmsg+0xb6/0xe0 [ 81.873082][ T5317] ? __pfx_unix_dgram_recvmsg+0x10/0x10 [ 81.878630][ T5317] ? sock_recvmsg_nosec+0x18e/0x1d0 [ 81.883830][ T5317] ? ____sys_recvmsg+0x3c0/0x470 [ 81.888777][ T5317] ? __pfx_____sys_recvmsg+0x10/0x10 [ 81.894089][ T5317] ? rcu_is_watching+0x15/0xb0 [ 81.898937][ T5317] ? __might_fault+0xaa/0x120 [ 81.903612][ T5317] ? do_recvmmsg+0x464/0xad0 [ 81.908198][ T5317] ? kasan_save_track+0x51/0x80 [ 81.913104][ T5317] ? __pfx_do_recvmmsg+0x10/0x10 [ 81.918038][ T5317] ? __pfx_futex_wake_mark+0x10/0x10 [ 81.923328][ T5317] ? futex_wait+0x285/0x360 [ 81.927831][ T5317] ? __pfx_futex_wait+0x10/0x10 [ 81.932681][ T5317] ? lockdep_hardirqs_on+0x99/0x150 [ 81.937879][ T5317] ? do_sys_openat2+0x17a/0x1d0 [ 81.942747][ T5317] ? __pfx_do_futex+0x10/0x10 [ 81.947445][ T5317] ? kmem_cache_free+0x195/0x3d0 [ 81.952392][ T5317] ? __x64_sys_recvmmsg+0x199/0x250 [ 81.957587][ T5317] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 81.963140][ T5317] ? do_syscall_64+0x100/0x230 [ 81.967918][ T5317] ? do_syscall_64+0xb6/0x230 [ 81.972597][ T5317] ? do_syscall_64+0xf3/0x230 [ 81.977275][ T5317] ? clear_bhb_loop+0x35/0x90 [ 81.981976][ T5317] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.988050][ T5317] [ 81.991064][ T5317] [ 81.993385][ T5317] The buggy address belongs to stack of task syz.0.1/5317 [ 82.000481][ T5317] and is located at offset 32 in frame: [ 82.006188][ T5317] search_extable+0x0/0x100 [ 82.010694][ T5317] [ 82.013011][ T5317] This frame has 1 object: [ 82.017419][ T5317] [32, 40) 'value.addr' [ 82.017431][ T5317] [ 82.023969][ T5317] The buggy address belongs to the virtual mapping at [ 82.023969][ T5317] [ffffc90008b90000, ffffc90008b99000) created by: [ 82.023969][ T5317] copy_process+0x5d1/0x3d50 [ 82.041596][ T5317] [ 82.043914][ T5317] The buggy address belongs to the physical page: [ 82.050325][ T5317] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5cc04 [ 82.059088][ T5317] memcg:ffff88801bf85e82 [ 82.063321][ T5317] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 82.070436][ T5317] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 82.079017][ T5317] raw: 0000000000000000 0000000000000000 00000001ffffffff ffff88801bf85e82 [ 82.087593][ T5317] page dumped because: kasan: bad access detected [ 82.094010][ T5317] page_owner tracks the page as allocated [ 82.099715][ T5317] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 5311, tgid 5311 (syz.1.6), ts 76171626959, free_ts 19870900779 [ 82.117690][ T5317] post_alloc_hook+0x1f3/0x230 [ 82.122458][ T5317] get_page_from_freelist+0x3131/0x3280 [ 82.128009][ T5317] __alloc_pages_noprof+0x29e/0x780 [ 82.133213][ T5317] alloc_pages_mpol_noprof+0x3e8/0x680 [ 82.138689][ T5317] __vmalloc_node_range_noprof+0xa40/0x1400 [ 82.144590][ T5317] dup_task_struct+0x444/0x8c0 [ 82.149360][ T5317] copy_process+0x5d1/0x3d50 [ 82.153952][ T5317] kernel_clone+0x226/0x8f0 [ 82.158463][ T5317] __se_sys_clone3+0x2cb/0x350 [ 82.163232][ T5317] do_syscall_64+0xf3/0x230 [ 82.167736][ T5317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.173631][ T5317] page last free pid 1 tgid 1 stack trace: [ 82.179427][ T5317] free_unref_page+0xc07/0xd90 [ 82.184190][ T5317] free_contig_range+0x152/0x550 [ 82.189133][ T5317] destroy_args+0x8a/0x890 [ 82.193557][ T5317] debug_vm_pgtable+0x4be/0x550 [ 82.198411][ T5317] do_one_initcall+0x248/0x880 [ 82.203181][ T5317] do_initcall_level+0x157/0x210 [ 82.208125][ T5317] do_initcalls+0x3f/0x80 [ 82.212459][ T5317] kernel_init_freeable+0x435/0x5d0 [ 82.217664][ T5317] kernel_init+0x1d/0x2b0 [ 82.222002][ T5317] ret_from_fork+0x4b/0x80 [ 82.226423][ T5317] ret_from_fork_asm+0x1a/0x30 [ 82.231192][ T5317] [ 82.233509][ T5317] Memory state around the buggy address: [ 82.239133][ T5317] ffffc90008b96e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 82.247188][ T5317] ffffc90008b96e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 82.255243][ T5317] >ffffc90008b96f00: 00 00 00 00 f1 f1 f1 f1 f1 f1 f1 f1 00 f3 f3 f3 [ 82.263294][ T5317] ^ [ 82.269440][ T5317] ffffc90008b96f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 82.277495][ T5317] ffffc90008b97000: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 f1 f1 f1 f1 [ 82.285566][ T5317] ==================================================================