last executing test programs: 16.350602574s ago: executing program 1: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) creat(&(0x7f0000000680)='./file0\x00', 0x5) open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) listen(0xffffffffffffffff, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet(0x2, 0x6, 0x0) dup3(r0, r1, 0x0) recvmmsg(r1, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 15.59279006s ago: executing program 1: r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0x0, 0x0, 0x0) msgctl$IPC_RMID(r0, 0x0) syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0) mlockall(0x1) r1 = socket(0x1, 0x2, 0x0) getsockopt$IP_SET_OP_GET_BYINDEX(r1, 0x1, 0x53, 0x0, &(0x7f0000000040)) 13.917795085s ago: executing program 1: bpf$ENABLE_STATS(0x20, 0x0, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000300)=@framed={{}, [@printk={@lu}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600200000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r1], 0x4c}}, 0x0) 13.282076358s ago: executing program 1: syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x10, &(0x7f00000014c0), 0x1, 0x793, &(0x7f0000001700)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) open(0x0, 0x0, 0x0) open(0x0, 0x42042, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002800)={0x0, 0x0, &(0x7f00000006c0)={0x0, 0x3c}}, 0x0) openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x89b6b0dea9f2f627, 0x0, &(0x7f0000000640)) sendmmsg(r3, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000600)='E', 0x1}], 0x1}}], 0x1, 0x4000880) socket$igmp(0x2, 0x3, 0x2) recvmsg$unix(r4, 0x0, 0x10040) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) write$sndseq(r5, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfd, @tick, {}, {0x0, 0x1}, @queue}], 0x1c) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r6) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r7 = socket(0x10, 0x803, 0x0) getsockopt$sock_buf(r7, 0x1, 0x3d, 0x0, &(0x7f00000001c0)) 8.037845159s ago: executing program 2: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000000)='ext4_mark_inode_dirty\x00', r2}, 0x10) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) 7.591483253s ago: executing program 2: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) futex_waitv(&(0x7f0000000ac0)=[{0x0, &(0x7f0000000740), 0x2}], 0x1, 0x0, 0x0, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000009c0)=0x1) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) 6.408890632s ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r3, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0) sendmsg$tipc(r3, &(0x7f0000000e40)={0x0, 0x0, 0x0}, 0x0) sendmsg$inet(r3, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000042c0)="86", 0x1}], 0x1}, 0x0) sendmsg$tipc(r3, &(0x7f0000002700)={0x0, 0x0, 0x0}, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x21, &(0x7f0000000040), 0x4) sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) recvmsg(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0) 5.863176626s ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r3}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x2c}, [@ldst={0x6, 0x0, 0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xb682, &(0x7f000000cf3d)=""/195, 0x0, 0x8}, 0x48) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) openat2(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112}) r4 = socket$packet(0x11, 0x0, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'rose0\x00'}) mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x4000}}) 5.083319617s ago: executing program 4: r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff) r3 = socket$pppl2tp(0x18, 0x1, 0x1) socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r3, 0x0, 0x0) sendmsg$L2TP_CMD_SESSION_GET(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)={0x28, r2, 0x1, 0x0, 0x0, {0x6}, [@L2TP_ATTR_IFNAME={0x14}]}, 0x28}}, 0x0) 4.916630432s ago: executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, 0x0, 0x0) listen(r0, 0x101) r1 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r1, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @dev}, 0x3a) r2 = accept4(r0, 0x0, 0x0, 0x0) msgsnd(0x0, 0x0, 0x64, 0x0) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) sendmsg$IPCTNL_MSG_EXP_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[], 0x3c}}, 0x0) 4.565499221s ago: executing program 4: syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x756, &(0x7f00000002c0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4") chdir(&(0x7f0000000240)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x8000003d) fcntl$setsig(r0, 0xa, 0x21) ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40806685, &(0x7f0000000a80)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}) 4.183252476s ago: executing program 3: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) gettid() futex_waitv(&(0x7f0000000ac0)=[{0x0, &(0x7f0000000740), 0x2}], 0x1, 0x0, 0x0, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000009c0)=0x1) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) 3.776153163s ago: executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='kfree\x00'}, 0x10) r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) setsockopt$rose(r0, 0x104, 0x4, &(0x7f0000000040)=0x2, 0x4) 3.696244168s ago: executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0x7, 0x2, 0x2, 0x1, 0xffffffffffffffff, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x1, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000940)=ANY=[@ANYRES32=r0, @ANYRESDEC=0x0, @ANYRES16=r0, @ANYBLOB="ecfbd01cd10cfdebc1a7b2c1d1e3ef517f20c14692fde91f205001d8c809838bb1187cca19162fb37bd074f2eb7a77995813e3a58fae2ebc547e3b1af8f1bf944ae82cada7c1829272ce7a7f4a089e6fe398f519516d4830b8ba654c2b111e6959e160d068d64d28fdea093ff28fd0b3a6cdd2c88c628d93d0774e778ccae250153e6d6cfcc33a2f693d6ad6a7313c616343e63249bc86c28013a706ef549ff5d841c60b92c86d946b02f9b4bad883c92885e563fc3bbc5c725f91065f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xb, &(0x7f0000000180)=ANY=[@ANYRES64=r1], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write$cgroup_type(0xffffffffffffffff, &(0x7f00000004c0), 0x9) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'}) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0) write$tun(r2, &(0x7f0000000040)=ANY=[@ANYRESDEC=r2], 0x15) 3.316847446s ago: executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000002240)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc]}], [@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7}, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xffffffffffffffff}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x898}}, 0x0) 2.855287193s ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) readlink(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=""/41, 0x29) 2.829273417s ago: executing program 0: bpf$ENABLE_STATS(0x20, 0x0, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000300)=@framed={{}, [@printk={@lu}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000340), 0x8}, 0x90) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600200000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r1], 0x4c}}, 0x0) 2.315309433s ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x4d, 0x0, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 2.290942406s ago: executing program 0: r0 = socket$inet6_sctp(0xa, 0x0, 0x84) r1 = socket$inet(0x2, 0x6, 0x0) dup3(r0, r1, 0x0) recvmmsg(r1, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 2.033422793s ago: executing program 4: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000000)='ext4_mark_inode_dirty\x00', r2}, 0x10) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) 1.900076115s ago: executing program 1: r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff) r3 = socket$pppl2tp(0x18, 0x1, 0x1) socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r3, 0x0, 0x0) sendmsg$L2TP_CMD_SESSION_GET(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)={0x28, r2, 0x1, 0x0, 0x0, {0x6}, [@L2TP_ATTR_IFNAME={0x14}]}, 0x28}}, 0x0) 1.645159251s ago: executing program 3: open(0x0, 0x8001121ac2, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x446040, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_route(0x10, 0x3, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x3000808, &(0x7f0000001340)=ANY=[], 0xc, 0x2ca, &(0x7f0000001040)="$eJzs3U9rY1UUAPDz2jSNukgRN4rgAwVdlak7cdMoFcSulAjqQoMzA5KEkRkIWMXMrOYTuPR7uPEb6MZvIAiuBHd2Ubny/k0SmtRY+0fG3291eu8995337mu6yuknz4+HN+9k8eCrn6PTyWJjP/bjOIud2IjG/QAAHifHKcXvaa2lv24v/NjauKSSAIBLVv39r1x3LQDA1Xjvgw/f6R0eHryb5514tvtw0s8iYvxw0q/me7fjsxjFrbgR3TiJSI9U8VtvHx5EKy/sxEvj6aRfZI4//rHev/dbRJm/F93YWZ6/l1dm+T98P+lvxZORR+/2VrzcLrfqxjPL8189lT+eRr8dr7w4V/9udOOnT+NOjOJmFLmz/K/38vzN9M0fX35UXKbIzzaiv12um0mbV3w0AAAAAAAAAAAAAAAAAAAAAAA8xnbzPKva95T9e4qhsn/OpL95Us7v5o35/j7Tpj9Q1mxU9QdKUbfomab4tumvcyPP81QvrPLziGjFc61oXc9dAwAAAAAAAAAAAAAAAAAAwH/LvS+OhoPR6NbdCwmabgDN1/rPu8/+3MgLcTQcvLZ6w+31rzXfbaCo9czFxU2sVXNKRZDdP/+je6KoZ8nUVkSc/1C2Z4f7flRBczCrs/7859d6+o1q06PhIK+nmoc8HGR/9ww7zcF9Nz/Vjn/7QqbylThJi2faeVTqYlb7gn4L2k8tf6qpekmakYPjVfu8/kt1RvVIVrbYWO/qW3Ww9AaLoLPe+1wHKz8yNi/kgwcAAAAAAAAAAAAAAAAAADhl9qXfJZMPzkj8PKV0iXUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFWa/f//JuhExOLIqWBaJ5+1pg7acffeNd8iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/wN/BQAA//95wFLa") bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{}, 0x0, 0x0}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x6, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0), 0x10}, 0x90) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x3}) getsockopt$nfc_llcp(0xffffffffffffffff, 0x111, 0x0, 0x0, 0x90aa62107f0000) 1.481214167s ago: executing program 4: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, 0x0, 0x0) listen(r0, 0x101) r1 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r1, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @dev}, 0x3a) r2 = accept4(r0, 0x0, 0x0, 0x0) msgsnd(0x0, 0x0, 0x64, 0x0) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) sendmsg$IPCTNL_MSG_EXP_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[], 0x3c}}, 0x0) 1.046124303s ago: executing program 0: sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7) socket$nl_route(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x4030582b, &(0x7f0000000280)={'pimreg0\x00', @link_local={0x0, 0x2, 0xc2, 0x0, 0x87}}) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) bpf$MAP_CREATE(0x6, &(0x7f0000000580)=@base={0x0, 0x4, 0xfff, 0x5}, 0x48) 712.317041ms ago: executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='kfree\x00', r0}, 0x10) syz_init_net_socket$rose(0xb, 0x5, 0x0) setsockopt$rose(0xffffffffffffffff, 0x104, 0x4, &(0x7f0000000040)=0x2, 0x4) 669.607653ms ago: executing program 1: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) gettid() futex_waitv(&(0x7f0000000ac0)=[{0x0, &(0x7f0000000740), 0x2}], 0x1, 0x0, 0x0, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000009c0)=0x1) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) 535.805186ms ago: executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000002240)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc]}], [@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7}, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xffffffffffffffff}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x898}}, 0x0) 79.508903ms ago: executing program 4: bpf$ENABLE_STATS(0x20, 0x0, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) socket$netlink(0x10, 0x3, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000300)=@framed={{}, [@printk={@lu}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x5}, 0x8}, 0x90) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600200000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r0], 0x4c}}, 0x0) 16.362662ms ago: executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setreuid(0xee01, 0xffffffffffffffff) getresuid(&(0x7f00000000c0)=0x0, &(0x7f0000000000), &(0x7f0000000080)) setreuid(0xee00, r2) bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="0500ffff07"], 0xd) 0s ago: executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0x7, 0x2, 0x2, 0x1, 0xffffffffffffffff, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x1, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000940)=ANY=[@ANYRES32=r0, @ANYRESDEC=0x0, @ANYRES16=r0, @ANYBLOB="ecfbd01cd10cfdebc1a7b2c1d1e3ef517f20c14692fde91f205001d8c809838bb1187cca19162fb37bd074f2eb7a77995813e3a58fae2ebc547e3b1af8f1bf944ae82cada7c1829272ce7a7f4a089e6fe398f519516d4830b8ba654c2b111e6959e160d068d64d28fdea093ff28fd0b3a6cdd2c88c628d93d0774e778ccae250153e6d6cfcc33a2f693d6ad6a7313c616343e63249bc86c28013a706ef549ff5d841c60b92c86d946b02f9b4bad883c92885e563fc3bbc5c725f91065f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xb, &(0x7f0000000180)=ANY=[@ANYRES64=r1], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write$cgroup_type(0xffffffffffffffff, &(0x7f00000004c0), 0x9) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'}) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0) write$tun(r2, &(0x7f0000000040)=ANY=[@ANYRESDEC=r2], 0x15) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.39' (ED25519) to the list of known hosts. 2024/06/11 07:34:51 fuzzer started 2024/06/11 07:34:52 dialing manager at 10.128.0.169:30026 [ 163.812868][ T5047] cgroup: Unknown subsys name 'net' [ 164.078181][ T5047] cgroup: Unknown subsys name 'rlimit' 2024/06/11 07:35:40 starting 5 executor processes [ 210.395406][ T5050] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 212.769388][ T5077] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 212.782785][ T5077] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 212.792101][ T5077] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 212.802844][ T5077] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 212.813348][ T5077] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 212.824429][ T5077] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 212.835427][ T5081] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 212.835752][ T5077] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 212.848639][ T5081] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 212.874926][ T5081] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 212.883580][ T5081] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 212.893215][ T5084] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 212.961123][ T5075] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 212.976543][ T5075] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 213.010592][ T5075] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 213.027418][ T5075] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 213.054563][ T4429] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 213.054733][ T5075] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 213.064791][ T4429] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 213.083962][ T5075] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 213.106722][ T5075] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 213.115453][ T4429] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 213.125727][ T5075] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 213.125844][ T4429] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 213.403788][ T5077] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 213.482919][ T5077] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 213.522645][ T5077] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 213.547980][ T5077] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 213.570834][ T5077] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 213.580450][ T5077] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 214.412015][ T5076] chnl_net:caif_netlink_parms(): no params data found [ 214.509679][ T5074] chnl_net:caif_netlink_parms(): no params data found [ 214.806174][ T5082] chnl_net:caif_netlink_parms(): no params data found [ 214.935015][ T4429] Bluetooth: hci0: command tx timeout [ 215.037883][ T4429] Bluetooth: hci1: command tx timeout [ 215.251945][ T4429] Bluetooth: hci2: command tx timeout [ 215.257639][ T5077] Bluetooth: hci3: command tx timeout [ 215.398804][ T5090] chnl_net:caif_netlink_parms(): no params data found [ 215.489042][ T5085] chnl_net:caif_netlink_parms(): no params data found [ 215.506835][ T5076] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.514744][ T5076] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.522615][ T5076] bridge_slave_0: entered allmulticast mode [ 215.530697][ T5076] bridge_slave_0: entered promiscuous mode [ 215.652004][ T5077] Bluetooth: hci4: command tx timeout [ 215.669021][ T5076] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.677749][ T5076] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.686794][ T5076] bridge_slave_1: entered allmulticast mode [ 215.695880][ T5076] bridge_slave_1: entered promiscuous mode [ 215.757556][ T5074] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.765465][ T5074] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.773309][ T5074] bridge_slave_0: entered allmulticast mode [ 215.782553][ T5074] bridge_slave_0: entered promiscuous mode [ 215.886355][ T5074] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.895312][ T5074] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.903271][ T5074] bridge_slave_1: entered allmulticast mode [ 215.912506][ T5074] bridge_slave_1: entered promiscuous mode [ 216.088345][ T5076] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 216.107872][ T5074] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 216.169051][ T5076] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 216.191467][ T5074] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 216.417997][ T5082] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.426127][ T5082] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.434152][ T5082] bridge_slave_0: entered allmulticast mode [ 216.443391][ T5082] bridge_slave_0: entered promiscuous mode [ 216.595304][ T5082] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.603174][ T5082] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.610767][ T5082] bridge_slave_1: entered allmulticast mode [ 216.620225][ T5082] bridge_slave_1: entered promiscuous mode [ 216.636779][ T5076] team0: Port device team_slave_0 added [ 216.689417][ T5074] team0: Port device team_slave_0 added [ 216.810557][ T5076] team0: Port device team_slave_1 added [ 216.825025][ T5074] team0: Port device team_slave_1 added [ 216.962849][ T5082] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 217.012351][ T5077] Bluetooth: hci0: command tx timeout [ 217.019520][ T5090] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.027450][ T5090] bridge0: port 1(bridge_slave_0) entered disabled state [ 217.035954][ T5090] bridge_slave_0: entered allmulticast mode [ 217.045182][ T5090] bridge_slave_0: entered promiscuous mode [ 217.120169][ T5077] Bluetooth: hci1: command tx timeout [ 217.173285][ T5082] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 217.184974][ T5076] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 217.194722][ T5076] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.221162][ T5076] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 217.239308][ T5085] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.246951][ T5085] bridge0: port 1(bridge_slave_0) entered disabled state [ 217.254939][ T5085] bridge_slave_0: entered allmulticast mode [ 217.264111][ T5085] bridge_slave_0: entered promiscuous mode [ 217.278714][ T5090] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.286782][ T5090] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.294722][ T5090] bridge_slave_1: entered allmulticast mode [ 217.303170][ T5090] bridge_slave_1: entered promiscuous mode [ 217.314065][ T5074] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 217.321314][ T5074] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.347710][ T5074] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 217.351440][ T5077] Bluetooth: hci3: command tx timeout [ 217.364097][ T4429] Bluetooth: hci2: command tx timeout [ 217.406064][ T5076] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 217.413408][ T5076] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.439805][ T5076] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 217.497505][ T5085] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.505148][ T5085] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.512967][ T5085] bridge_slave_1: entered allmulticast mode [ 217.521085][ T5085] bridge_slave_1: entered promiscuous mode [ 217.563476][ T5074] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 217.570573][ T5074] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.596946][ T5074] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 217.649854][ T5082] team0: Port device team_slave_0 added [ 217.735508][ T5090] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 217.745757][ T5077] Bluetooth: hci4: command tx timeout [ 217.754767][ T5082] team0: Port device team_slave_1 added [ 217.770836][ T5090] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 218.053606][ T5090] team0: Port device team_slave_0 added [ 218.070754][ T5085] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 218.093912][ T5085] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 218.118486][ T5076] hsr_slave_0: entered promiscuous mode [ 218.127677][ T5076] hsr_slave_1: entered promiscuous mode [ 218.186892][ T5074] hsr_slave_0: entered promiscuous mode [ 218.197432][ T5074] hsr_slave_1: entered promiscuous mode [ 218.206037][ T5074] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 218.213925][ T5074] Cannot create hsr debugfs directory [ 218.227504][ T5090] team0: Port device team_slave_1 added [ 218.346439][ T5082] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 218.353820][ T5082] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.380184][ T5082] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 218.469955][ T5090] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 218.477259][ T5090] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.503755][ T5090] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 218.573993][ T5085] team0: Port device team_slave_0 added [ 218.584249][ T5082] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 218.592835][ T5082] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.619641][ T5082] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 218.670505][ T5090] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 218.677764][ T5090] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.704119][ T5090] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 218.763184][ T5085] team0: Port device team_slave_1 added [ 218.918565][ T5085] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 218.925924][ T5085] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.952345][ T5085] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 219.033272][ T5085] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 219.040405][ T5085] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.067008][ T5085] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 219.093912][ T5077] Bluetooth: hci0: command tx timeout [ 219.109570][ T1221] ieee802154 phy0 wpan0: encryption failed: -22 [ 219.116569][ T1221] ieee802154 phy1 wpan1: encryption failed: -22 [ 219.171494][ T5077] Bluetooth: hci1: command tx timeout [ 219.369527][ T5090] hsr_slave_0: entered promiscuous mode [ 219.380990][ T5090] hsr_slave_1: entered promiscuous mode [ 219.389523][ T5090] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 219.398246][ T5090] Cannot create hsr debugfs directory [ 219.411575][ T5077] Bluetooth: hci3: command tx timeout [ 219.417203][ T5077] Bluetooth: hci2: command tx timeout [ 219.452450][ T5082] hsr_slave_0: entered promiscuous mode [ 219.461671][ T5082] hsr_slave_1: entered promiscuous mode [ 219.469906][ T5082] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 219.479282][ T5082] Cannot create hsr debugfs directory [ 219.620821][ T5085] hsr_slave_0: entered promiscuous mode [ 219.631838][ T5085] hsr_slave_1: entered promiscuous mode [ 219.639816][ T5085] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 219.647764][ T5085] Cannot create hsr debugfs directory [ 219.824692][ T5077] Bluetooth: hci4: command tx timeout [ 220.208575][ T5076] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 220.232120][ T5076] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 220.303522][ T5076] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 220.394376][ T5076] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 220.594232][ T5074] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 220.714676][ T5074] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 220.748646][ T5074] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 220.864843][ T5074] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 221.089613][ T5082] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 221.168006][ T5082] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 221.172384][ T5077] Bluetooth: hci0: command tx timeout [ 221.201058][ T5082] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 221.241642][ T5082] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 221.252455][ T5077] Bluetooth: hci1: command tx timeout [ 221.494785][ T5077] Bluetooth: hci2: command tx timeout [ 221.500177][ T5090] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 221.501548][ T5077] Bluetooth: hci3: command tx timeout [ 221.546203][ T5090] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 221.574812][ T5090] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 221.597918][ T5085] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 221.636152][ T5090] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 221.664697][ T5085] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 221.705559][ T5085] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 221.786845][ T5085] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 221.892339][ T4429] Bluetooth: hci4: command tx timeout [ 222.087370][ T5076] 8021q: adding VLAN 0 to HW filter on device bond0 [ 222.367116][ T5076] 8021q: adding VLAN 0 to HW filter on device team0 [ 222.476896][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.484830][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 222.582998][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.590650][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 222.713999][ T5074] 8021q: adding VLAN 0 to HW filter on device bond0 [ 222.738456][ T5082] 8021q: adding VLAN 0 to HW filter on device bond0 [ 222.916644][ T5082] 8021q: adding VLAN 0 to HW filter on device team0 [ 222.954627][ T5074] 8021q: adding VLAN 0 to HW filter on device team0 [ 223.007470][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.015480][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.144802][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.152591][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.266102][ T5076] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 223.319289][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.327131][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.350502][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.358037][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.507767][ T5090] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.564563][ T5085] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.815715][ T5090] 8021q: adding VLAN 0 to HW filter on device team0 [ 223.993471][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.001165][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.053040][ T5085] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.141444][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.149126][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.230250][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.238256][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.341593][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.349259][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.900622][ T5085] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 225.504497][ T5076] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 226.100063][ T5074] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 226.138750][ T5076] veth0_vlan: entered promiscuous mode [ 226.286353][ T5076] veth1_vlan: entered promiscuous mode [ 226.308821][ T5082] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 226.819756][ T5090] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 226.855022][ T5074] veth0_vlan: entered promiscuous mode [ 226.908620][ T5085] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 226.948700][ T5076] veth0_macvtap: entered promiscuous mode [ 226.999698][ T5082] veth0_vlan: entered promiscuous mode [ 227.023924][ T5076] veth1_macvtap: entered promiscuous mode [ 227.079449][ T5074] veth1_vlan: entered promiscuous mode [ 227.166565][ T5082] veth1_vlan: entered promiscuous mode [ 227.339146][ T5076] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 227.481485][ T5076] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 227.596884][ T5076] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.606266][ T5076] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.615554][ T5076] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.624822][ T5076] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.672655][ T5074] veth0_macvtap: entered promiscuous mode [ 227.708486][ T5090] veth0_vlan: entered promiscuous mode [ 227.733549][ T5082] veth0_macvtap: entered promiscuous mode [ 227.811098][ T5090] veth1_vlan: entered promiscuous mode [ 227.827288][ T5074] veth1_macvtap: entered promiscuous mode [ 227.856030][ T5082] veth1_macvtap: entered promiscuous mode [ 228.082439][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.093278][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.108471][ T5082] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 228.177241][ T5074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.189661][ T5074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.203438][ T5074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.217621][ T5074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.233705][ T5074] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 228.282086][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.293991][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.309516][ T5082] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 228.389855][ T5090] veth0_macvtap: entered promiscuous mode [ 228.502623][ T5074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.516600][ T5074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.526850][ T5074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.538668][ T5074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.554199][ T5074] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 228.587159][ T5082] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.598201][ T5082] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.607432][ T5082] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.617375][ T5082] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.690372][ T5090] veth1_macvtap: entered promiscuous mode [ 228.744188][ T5074] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.755161][ T5074] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.766005][ T5074] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.776889][ T5074] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.950111][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.961386][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.971558][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.982315][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.992465][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 229.003318][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.020093][ T5090] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 229.140056][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 229.152743][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.164616][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 229.177413][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.192881][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 229.203690][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.219087][ T5090] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 229.497778][ T5090] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.507138][ T5090] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.516376][ T5090] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.525630][ T5090] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.054182][ T5085] veth0_vlan: entered promiscuous mode [ 230.234004][ T5085] veth1_vlan: entered promiscuous mode [ 230.736372][ T5085] veth0_macvtap: entered promiscuous mode [ 230.829840][ T5085] veth1_macvtap: entered promiscuous mode [ 231.080107][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 231.092512][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.105834][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 231.116596][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.128112][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 231.140116][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.150255][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 231.161060][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.176496][ T5085] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 231.358098][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 231.369003][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.379251][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 231.390322][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.400598][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 231.412375][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.425088][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 231.435877][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.451143][ T5085] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 231.584275][ T5085] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.594816][ T5085] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.604063][ T5085] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.613198][ T5085] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.877029][ T3704] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.886307][ T3704] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.041087][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.049360][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.640892][ T3240] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.649868][ T3240] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.876722][ T25] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.885057][ T25] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.899464][ T3240] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.908471][ T3240] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.127102][ T780] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.135324][ T780] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.450579][ T10] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.458909][ T10] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.565947][ T29] audit: type=1326 audit(1718091366.634:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf74a0579 code=0x7ffc0000 [ 236.616198][ T3240] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.625621][ T3240] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.684465][ T29] audit: type=1326 audit(1718091366.684:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf74a0579 code=0x7ffc0000 [ 236.707298][ T29] audit: type=1326 audit(1718091366.714:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf74a0579 code=0x7ffc0000 [ 236.734899][ T29] audit: type=1326 audit(1718091366.714:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf74a0579 code=0x7ffc0000 [ 236.759986][ T29] audit: type=1326 audit(1718091366.714:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf74a0579 code=0x7ffc0000 [ 236.783791][ T29] audit: type=1326 audit(1718091366.724:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf74a0579 code=0x7ffc0000 [ 236.806533][ T29] audit: type=1326 audit(1718091366.754:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf74a0579 code=0x7ffc0000 [ 236.833906][ T29] audit: type=1326 audit(1718091366.754:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf74a0579 code=0x7ffc0000 [ 236.858228][ T29] audit: type=1326 audit(1718091366.764:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf74a0579 code=0x7ffc0000 [ 236.883631][ T29] audit: type=1326 audit(1718091366.774:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf74a0579 code=0x7ffc0000 [ 237.184857][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 237.194923][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 237.206746][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 237.434832][ T5262] net_ratelimit: 44 callbacks suppressed [ 237.434886][ T5262] dccp_close: ABORT with 60 bytes unread [ 238.791924][ T3240] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 238.800180][ T3240] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 238.946270][ T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!! [ 239.046889][ T3240] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 239.055135][ T3240] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 240.945174][ T5291] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 241.949960][ T5300] loop2: detected capacity change from 0 to 2048 [ 242.148673][ T5300] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 242.163108][ T5300] ext4 filesystem being mounted at /root/syzkaller-testdir2754839012/syzkaller.bOQZnZ/3/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 242.694226][ T5300] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 242.786278][ T29] kauditd_printk_skb: 9 callbacks suppressed [ 242.786350][ T29] audit: type=1326 audit(1718091372.874:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5297 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf74a0579 code=0x0 [ 243.509901][ T5309] loop1: detected capacity change from 0 to 2048 [ 243.743093][ T5309] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 243.755886][ T5309] ext4 filesystem being mounted at /root/syzkaller-testdir951322551/syzkaller.z5uxYp/3/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 244.002982][ T5309] fs-verity: sha512 using implementation "sha512-generic" [ 244.034559][ T5309] fs-verity (loop1, inode 13): Error -4 building Merkle tree [ 244.303974][ T5315] loop0: detected capacity change from 0 to 4096 [ 244.365203][ T5074] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.843568][ T5315] ntfs3: Unknown parameter '' [ 245.906692][ T5328] warning: `syz-executor.3' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 246.787594][ T5330] dccp_close: ABORT with 60 bytes unread [ 248.582443][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 248.704591][ T5337] process 'syz-executor.4' launched '/dev/fd/6/./file0' with NULL argv: empty string added [ 248.813824][ T5344] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.0'. [ 249.748151][ T5348] loop0: detected capacity change from 0 to 2048 [ 249.954474][ T5348] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 249.967489][ T5348] ext4 filesystem being mounted at /root/syzkaller-testdir661439532/syzkaller.iQGEjA/6/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 250.104869][ T5348] fs-verity (loop0, inode 13): Error -4 building Merkle tree [ 250.312108][ T5082] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.559618][ T5355] netlink: 341 bytes leftover after parsing attributes in process `syz-executor.4'. [ 250.571111][ T5355] netlink: 341 bytes leftover after parsing attributes in process `syz-executor.4'. [ 252.794220][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 253.454341][ T29] audit: type=1804 audit(1718091383.469:22): pid=5372 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir661439532/syzkaller.iQGEjA/9/cgroup.controllers" dev="sda1" ino=1951 res=1 errno=0 [ 254.124821][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 254.534154][ T0] NOHZ tick-stop error: local softirq work is pending, handler #2ca!!! [ 254.738572][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 255.229073][ T5383] loop4: detected capacity change from 0 to 2048 [ 255.448269][ T5383] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 255.467747][ T5383] ext4 filesystem being mounted at /root/syzkaller-testdir3178220050/syzkaller.Oxh2J3/13/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 255.608841][ T5383] fs-verity (loop4, inode 13): Error -4 building Merkle tree [ 255.918015][ T5085] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.130066][ T5076] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.254248][ T5402] dccp_close: ABORT with 60 bytes unread [ 258.156238][ T5414] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 258.676787][ T5418] Zero length message leads to an empty skb [ 258.742919][ T5418] Bluetooth: MGMT ver 1.22 [ 258.747605][ T5418] Bluetooth: hci3: invalid len left 7, exp >= 111 [ 259.027962][ T5418] ipvlan2: entered promiscuous mode [ 259.034470][ T5418] ipvlan2: entered allmulticast mode [ 259.046355][ T5418] team0: entered allmulticast mode [ 259.053714][ T5418] team_slave_0: entered allmulticast mode [ 259.059688][ T5418] team_slave_1: entered allmulticast mode [ 259.070711][ T5418] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 259.112566][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 259.307877][ T5422] loop2: detected capacity change from 0 to 2048 [ 259.570243][ T5422] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 259.583316][ T5422] ext4 filesystem being mounted at /root/syzkaller-testdir2754839012/syzkaller.bOQZnZ/6/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 260.142711][ T5431] loop0: detected capacity change from 0 to 2048 [ 260.261061][ T5076] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.298086][ T5431] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 260.311639][ T5431] ext4 filesystem being mounted at /root/syzkaller-testdir661439532/syzkaller.iQGEjA/16/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 261.107350][ T29] audit: type=1326 audit(1718091391.159:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5426 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7479579 code=0x0 [ 263.928233][ T5467] loop3: detected capacity change from 0 to 2048 [ 264.031815][ T5467] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 264.044534][ T5467] ext4 filesystem being mounted at /root/syzkaller-testdir676171529/syzkaller.IOKdYk/18/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 264.458632][ T5090] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.195930][ T5082] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.842607][ T5503] loop1: detected capacity change from 0 to 2048 [ 274.065350][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 274.161098][ T5503] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 274.175335][ T5503] ext4 filesystem being mounted at /root/syzkaller-testdir951322551/syzkaller.z5uxYp/18/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 274.854039][ T5074] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.334554][ T5536] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.3'. [ 277.647051][ T5537] loop1: detected capacity change from 0 to 2048 [ 277.734283][ T5539] loop2: detected capacity change from 0 to 2048 [ 277.964820][ T5537] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 277.980432][ T5537] ext4 filesystem being mounted at /root/syzkaller-testdir951322551/syzkaller.z5uxYp/21/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 278.215886][ T5539] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 278.228743][ T5539] ext4 filesystem being mounted at /root/syzkaller-testdir2754839012/syzkaller.bOQZnZ/15/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 278.955283][ T5076] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.080794][ T29] audit: type=1326 audit(1718091409.019:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5533 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7481579 code=0x0 [ 280.596915][ T1221] ieee802154 phy0 wpan0: encryption failed: -22 [ 280.603675][ T1221] ieee802154 phy1 wpan1: encryption failed: -22 [ 282.055385][ T5582] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.2'. [ 282.942944][ T5590] loop3: detected capacity change from 0 to 2048 [ 283.056104][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 283.122537][ T5590] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 283.135973][ T5590] ext4 filesystem being mounted at /root/syzkaller-testdir676171529/syzkaller.IOKdYk/28/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 283.621011][ T5090] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.904614][ T5630] loop2: detected capacity change from 0 to 2048 [ 287.082618][ T5630] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 287.100067][ T5630] ext4 filesystem being mounted at /root/syzkaller-testdir2754839012/syzkaller.bOQZnZ/22/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 287.702979][ T5076] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.180352][ T5641] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 288.187864][ T5641] IPv6: NLM_F_CREATE should be set when creating new route [ 288.195497][ T5641] IPv6: NLM_F_CREATE should be set when creating new route [ 290.594572][ T5074] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.502067][ T5668] loop2: detected capacity change from 0 to 512 [ 291.526398][ T5669] loop0: detected capacity change from 0 to 2048 [ 291.614910][ T5668] EXT4-fs (loop2): blocks per group (71) and clusters per group (20800) inconsistent [ 291.629020][ T5673] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 291.636694][ T5673] IPv6: NLM_F_CREATE should be set when creating new route [ 291.644521][ T5673] IPv6: NLM_F_CREATE should be set when creating new route [ 291.824585][ T5669] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 291.837556][ T5669] ext4 filesystem being mounted at /root/syzkaller-testdir661439532/syzkaller.iQGEjA/27/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 292.398656][ T5082] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 293.433040][ T5698] loop2: detected capacity change from 0 to 128 [ 293.477330][ T5698] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x61417272 (sector = 1) [ 293.540310][ T25] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 293.568721][ T3269] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x61417272 (sector = 1) [ 293.571534][ T5692] loop3: detected capacity change from 0 to 2048 [ 293.841620][ T25] usb 5-1: Using ep0 maxpacket: 16 [ 293.920106][ T5692] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 293.933560][ T5692] ext4 filesystem being mounted at /root/syzkaller-testdir676171529/syzkaller.IOKdYk/38/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 294.023493][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 294.034897][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 294.045087][ T25] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 294.062241][ T25] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 294.072616][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.144517][ T25] usb 5-1: config 0 descriptor?? [ 294.427734][ T29] audit: type=1326 audit(1718091424.449:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5686 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c0579 code=0x0 [ 294.691050][ T25] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 294.699248][ T25] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 294.707593][ T25] microsoft 0003:045E:07DA.0001: unbalanced collection at end of report description [ 294.825149][ T25] microsoft 0003:045E:07DA.0001: parse failed [ 294.831803][ T25] microsoft 0003:045E:07DA.0001: probe with driver microsoft failed with error -22 [ 294.957702][ T25] usb 5-1: USB disconnect, device number 2 [ 296.378981][ T5708] pim6reg1: entered promiscuous mode [ 296.384642][ T5708] pim6reg1: entered allmulticast mode [ 298.303058][ T5715] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 298.796516][ T5722] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 299.582933][ T5724] loop4: detected capacity change from 0 to 2048 [ 299.819178][ T5724] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 299.832247][ T5724] ext4 filesystem being mounted at /root/syzkaller-testdir3178220050/syzkaller.Oxh2J3/43/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 299.913870][ T5725] dccp_close: ABORT with 60 bytes unread [ 300.029615][ T5085] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 301.509381][ T25] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 301.791656][ T25] usb 5-1: Using ep0 maxpacket: 16 [ 301.950287][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 301.961710][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 301.972039][ T25] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 301.985276][ T25] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 301.994843][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.052434][ T25] usb 5-1: config 0 descriptor?? [ 302.700214][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 302.708461][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 302.716138][ T25] microsoft 0003:045E:07DA.0002: unbalanced collection at end of report description [ 302.753982][ T5744] syz-executor.2 uses obsolete (PF_INET,SOCK_PACKET) [ 302.818851][ T25] microsoft 0003:045E:07DA.0002: parse failed [ 302.825845][ T25] microsoft 0003:045E:07DA.0002: probe with driver microsoft failed with error -22 [ 302.978065][ T25] usb 5-1: USB disconnect, device number 3 [ 305.957964][ T5759] loop4: detected capacity change from 0 to 2048 [ 306.214033][ T5759] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 306.226793][ T5759] ext4 filesystem being mounted at /root/syzkaller-testdir3178220050/syzkaller.Oxh2J3/48/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 306.846222][ T5085] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 307.239256][ T5090] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 307.643291][ T25] IPVS: starting estimator thread 0... [ 307.732529][ T5775] IPVS: using max 240 ests per chain, 12000 per kthread [ 308.273483][ T780] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 308.328824][ T5782] pim6reg1: entered promiscuous mode [ 308.334691][ T5782] pim6reg1: entered allmulticast mode [ 308.581653][ T780] usb 1-1: Using ep0 maxpacket: 16 [ 308.787934][ T780] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 308.799400][ T780] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 308.815150][ T780] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 308.829508][ T780] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 308.838910][ T780] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 308.887696][ T780] usb 1-1: config 0 descriptor?? [ 309.532416][ T780] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 309.539972][ T780] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 309.547700][ T780] microsoft 0003:045E:07DA.0003: unbalanced collection at end of report description [ 309.673841][ T5802] capability: warning: `syz-executor.3' uses deprecated v2 capabilities in a way that may be insecure [ 309.686298][ T780] microsoft 0003:045E:07DA.0003: parse failed [ 309.693289][ T780] microsoft 0003:045E:07DA.0003: probe with driver microsoft failed with error -22 [ 309.884843][ T5799] loop2: detected capacity change from 0 to 2048 [ 309.963146][ T5125] usb 1-1: USB disconnect, device number 2 [ 310.124133][ T5806] loop4: detected capacity change from 0 to 2048 [ 310.125679][ T5799] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 310.147974][ T5799] ext4 filesystem being mounted at /root/syzkaller-testdir2754839012/syzkaller.bOQZnZ/33/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 310.279632][ T5806] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 310.292983][ T5806] ext4 filesystem being mounted at /root/syzkaller-testdir3178220050/syzkaller.Oxh2J3/51/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 310.776380][ T5076] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 311.041804][ T29] audit: type=1326 audit(1718091441.069:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5803 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x0 [ 311.383841][ T43] IPVS: starting estimator thread 0... [ 311.482075][ T5825] IPVS: using max 240 ests per chain, 12000 per kthread [ 311.601966][ T5827] loop2: detected capacity change from 0 to 128 [ 311.912211][ T5827] loop2: detected capacity change from 128 to 0 [ 311.967610][ C1] I/O error, dev loop2, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 312.002669][ T5828] FAT-fs (loop2): Directory bread(block 3) failed [ 312.009460][ T5828] syz-executor.2: attempt to access beyond end of device [ 312.009460][ T5828] loop2: rw=0, sector=4, nr_sectors = 1 limit=0 [ 312.023491][ T5828] FAT-fs (loop2): Directory bread(block 4) failed [ 312.030149][ T5828] syz-executor.2: attempt to access beyond end of device [ 312.030149][ T5828] loop2: rw=0, sector=5, nr_sectors = 1 limit=0 [ 312.043607][ T5828] FAT-fs (loop2): Directory bread(block 5) failed [ 312.050204][ T5828] syz-executor.2: attempt to access beyond end of device [ 312.050204][ T5828] loop2: rw=0, sector=6, nr_sectors = 1 limit=0 [ 312.063725][ T5828] FAT-fs (loop2): Directory bread(block 6) failed [ 312.070418][ T5828] syz-executor.2: attempt to access beyond end of device [ 312.070418][ T5828] loop2: rw=0, sector=3, nr_sectors = 1 limit=0 [ 312.086483][ T5828] FAT-fs (loop2): Directory bread(block 3) failed [ 312.093906][ T5828] syz-executor.2: attempt to access beyond end of device [ 312.093906][ T5828] loop2: rw=0, sector=4, nr_sectors = 1 limit=0 [ 312.107320][ T5828] FAT-fs (loop2): Directory bread(block 4) failed [ 312.113981][ T5828] syz-executor.2: attempt to access beyond end of device [ 312.113981][ T5828] loop2: rw=0, sector=5, nr_sectors = 1 limit=0 [ 312.127321][ T5828] FAT-fs (loop2): Directory bread(block 5) failed [ 312.133967][ T5828] syz-executor.2: attempt to access beyond end of device [ 312.133967][ T5828] loop2: rw=0, sector=6, nr_sectors = 1 limit=0 [ 312.147352][ T5828] FAT-fs (loop2): Directory bread(block 6) failed [ 312.154165][ T5828] syz-executor.2: attempt to access beyond end of device [ 312.154165][ T5828] loop2: rw=0, sector=3, nr_sectors = 1 limit=0 [ 312.167795][ T5828] FAT-fs (loop2): Directory bread(block 3) failed [ 312.174489][ T5828] syz-executor.2: attempt to access beyond end of device [ 312.174489][ T5828] loop2: rw=0, sector=4, nr_sectors = 1 limit=0 [ 312.191911][ T5828] FAT-fs (loop2): Directory bread(block 4) failed [ 312.198598][ T5828] syz-executor.2: attempt to access beyond end of device [ 312.198598][ T5828] loop2: rw=0, sector=5, nr_sectors = 1 limit=0 [ 312.624989][ T5831] pim6reg1: entered promiscuous mode [ 312.630648][ T5831] pim6reg1: entered allmulticast mode [ 312.778526][ T5076] FAT-fs (loop2): unable to read boot sector to mark fs as dirty [ 313.816976][ T59] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 314.065946][ T59] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 314.239010][ T59] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 314.415274][ T59] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 314.931995][ T59] bridge_slave_1: left allmulticast mode [ 314.938020][ T59] bridge_slave_1: left promiscuous mode [ 314.944715][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 315.101916][ T59] bridge_slave_0: left allmulticast mode [ 315.107825][ T59] bridge_slave_0: left promiscuous mode [ 315.114837][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 315.808172][ T5846] loop0: detected capacity change from 0 to 2048 [ 315.894910][ T10] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 316.139831][ T5846] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 316.152703][ T5846] ext4 filesystem being mounted at /root/syzkaller-testdir661439532/syzkaller.iQGEjA/39/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 316.266427][ T10] usb 2-1: Using ep0 maxpacket: 16 [ 316.299634][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 316.356366][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 316.413299][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 316.417175][ T59] bond0 (unregistering): Released all slaves [ 316.424554][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 316.441560][ T10] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 316.455150][ T10] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 316.464910][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 316.535997][ T10] usb 2-1: config 0 descriptor?? [ 316.573806][ T5082] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 317.438011][ T59] hsr_slave_0: left promiscuous mode [ 317.490297][ T59] hsr_slave_1: left promiscuous mode [ 317.554339][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 317.562721][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 317.579708][ T10] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 317.587512][ T10] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 317.595371][ T10] microsoft 0003:045E:07DA.0004: unbalanced collection at end of report description [ 317.622279][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 317.630116][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 317.688184][ T10] microsoft 0003:045E:07DA.0004: parse failed [ 317.695497][ T10] microsoft 0003:045E:07DA.0004: probe with driver microsoft failed with error -22 [ 317.695552][ T59] veth1_macvtap: left promiscuous mode [ 317.695683][ T59] veth0_macvtap: left promiscuous mode [ 317.720401][ T59] veth1_vlan: left promiscuous mode [ 317.726230][ T59] veth0_vlan: left promiscuous mode [ 317.809197][ T10] usb 2-1: USB disconnect, device number 2 [ 318.439283][ T5077] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 318.449505][ T5077] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 318.476782][ T5077] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 318.526475][ T5077] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 318.548487][ T5077] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 318.565813][ T5077] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 319.082754][ T59] team0 (unregistering): Port device team_slave_1 removed [ 319.114160][ T59] team0 (unregistering): Port device team_slave_0 removed [ 319.897865][ T5872] loop3: detected capacity change from 0 to 8192 [ 320.691742][ T5077] Bluetooth: hci1: command tx timeout [ 321.533955][ T5866] chnl_net:caif_netlink_parms(): no params data found [ 321.963045][ T5897] loop1: detected capacity change from 0 to 2048 [ 322.223297][ T5897] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 322.236328][ T5897] ext4 filesystem being mounted at /root/syzkaller-testdir951322551/syzkaller.z5uxYp/39/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 322.771523][ T5077] Bluetooth: hci1: command tx timeout [ 322.968950][ T5074] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 323.499786][ T5866] bridge0: port 1(bridge_slave_0) entered blocking state [ 323.508364][ T5866] bridge0: port 1(bridge_slave_0) entered disabled state [ 323.517049][ T5866] bridge_slave_0: entered allmulticast mode [ 323.526383][ T5866] bridge_slave_0: entered promiscuous mode [ 323.757864][ T5866] bridge0: port 2(bridge_slave_1) entered blocking state [ 323.765926][ T5866] bridge0: port 2(bridge_slave_1) entered disabled state [ 323.773865][ T5866] bridge_slave_1: entered allmulticast mode [ 323.782735][ T5866] bridge_slave_1: entered promiscuous mode [ 323.970303][ T5914] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.1'. [ 324.247536][ T5866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 324.440311][ T5866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 324.852960][ T5077] Bluetooth: hci1: command tx timeout [ 324.887129][ T5866] team0: Port device team_slave_0 added [ 325.009033][ T5866] team0: Port device team_slave_1 added [ 325.382089][ T25] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 325.456901][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 325.465523][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 325.492013][ T5866] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 325.668696][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 325.676454][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 325.706053][ T5866] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 325.783032][ T25] usb 2-1: Using ep0 maxpacket: 16 [ 326.292003][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 326.303561][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 326.316521][ T25] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 326.330526][ T25] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 326.340081][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.418623][ T25] usb 2-1: config 0 descriptor?? [ 326.548582][ T5866] hsr_slave_0: entered promiscuous mode [ 326.634336][ T5866] hsr_slave_1: entered promiscuous mode [ 326.939449][ T5077] Bluetooth: hci1: command tx timeout [ 327.094116][ T25] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 327.103545][ T25] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 327.111105][ T25] microsoft 0003:045E:07DA.0005: unbalanced collection at end of report description [ 327.205602][ T5085] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.217547][ T25] microsoft 0003:045E:07DA.0005: parse failed [ 327.228391][ T25] microsoft 0003:045E:07DA.0005: probe with driver microsoft failed with error -22 [ 327.373807][ T25] usb 2-1: USB disconnect, device number 3 [ 328.408403][ T5945] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 328.829217][ T5866] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 328.919570][ T5866] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 328.963851][ T5866] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 329.116906][ T5866] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 329.324941][ T5941] loop4: detected capacity change from 0 to 8192 [ 330.668709][ T5866] 8021q: adding VLAN 0 to HW filter on device bond0 [ 330.987770][ T5866] 8021q: adding VLAN 0 to HW filter on device team0 [ 331.022741][ T780] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 331.169108][ T5135] bridge0: port 1(bridge_slave_0) entered blocking state [ 331.176932][ T5135] bridge0: port 1(bridge_slave_0) entered forwarding state [ 331.276488][ T5135] bridge0: port 2(bridge_slave_1) entered blocking state [ 331.284258][ T5135] bridge0: port 2(bridge_slave_1) entered forwarding state [ 331.452522][ T780] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 331.463979][ T780] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 331.474238][ T780] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 331.483982][ T780] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 331.635109][ T5968] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 331.985380][ T5978] loop1: detected capacity change from 0 to 1024 [ 332.142262][ T5125] usb 4-1: USB disconnect, device number 2 [ 332.193986][ T5978] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a042c018, mo2=0002] [ 332.218166][ T5978] System zones: 0-1, 3-12 [ 332.322765][ T5978] EXT4-fs (loop1): mounted filesystem 000000fe-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 332.498498][ T5842] udevd[5842]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 333.043743][ T5074] EXT4-fs (loop1): unmounting filesystem 000000fe-0000-0000-0000-000000000000. [ 334.314567][ T25] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 334.323030][ T25] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 334.412010][ T25] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz0] on syz1 [ 334.448237][ T5866] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 335.103262][ T5866] veth0_vlan: entered promiscuous mode [ 335.268170][ T5866] veth1_vlan: entered promiscuous mode [ 335.783337][ T5866] veth0_macvtap: entered promiscuous mode [ 335.904203][ T5866] veth1_macvtap: entered promiscuous mode [ 336.207527][ T5866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.219358][ T5866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.230100][ T5866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.240945][ T5866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.257238][ T5866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.270259][ T5866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.281585][ T5866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.292374][ T5866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.307806][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 336.726118][ T5866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 336.737765][ T5866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.748320][ T5866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 336.762713][ T5866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.773954][ T5866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 336.784604][ T5866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.794745][ T5866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 336.805439][ T5866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.819019][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 336.923906][ T6026] loop3: detected capacity change from 0 to 1024 [ 337.054436][ T5866] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.069702][ T5866] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.080484][ T5866] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.089892][ T5866] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.267003][ T6026] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a042c018, mo2=0002] [ 337.381849][ T6026] System zones: 0-1, 3-12 [ 337.446508][ T6026] EXT4-fs (loop3): mounted filesystem 000000fe-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 337.805816][ T6020] loop4: detected capacity change from 0 to 8192 [ 337.969497][ T5090] EXT4-fs (loop3): unmounting filesystem 000000fe-0000-0000-0000-000000000000. [ 338.960550][ T6035] fuse: Bad value for 'rootmode' [ 339.017663][ T5077] Bluetooth: hci3: command 0x0406 tx timeout [ 339.021935][ T6030] Bluetooth: hci2: command 0x0406 tx timeout [ 339.024290][ T5081] Bluetooth: hci4: command 0x0406 tx timeout [ 339.030055][ T6030] Bluetooth: hci0: command 0x0406 tx timeout [ 339.471672][ T5135] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 340.104281][ T5135] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 340.116737][ T5135] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 340.127980][ T5135] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 340.140589][ T5135] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 340.268267][ T6048] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 340.875548][ T5135] usb 4-1: USB disconnect, device number 3 [ 341.463280][ T6062] loop1: detected capacity change from 0 to 1024 [ 341.998548][ T1221] ieee802154 phy0 wpan0: encryption failed: -22 [ 342.005399][ T1221] ieee802154 phy1 wpan1: encryption failed: -22 [ 344.255779][ T6094] loop4: detected capacity change from 0 to 1024 [ 344.403894][ T6094] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a042c018, mo2=0002] [ 344.451505][ T6094] System zones: 0-1, 3-12 [ 344.473304][ T6094] EXT4-fs (loop4): mounted filesystem 000000fe-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 344.996768][ T5085] EXT4-fs (loop4): unmounting filesystem 000000fe-0000-0000-0000-000000000000. [ 345.373965][ T3974] hfsplus: b-tree write err: -5, ino 4 [ 345.572710][ T3269] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 345.580767][ T3269] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 345.994920][ T3704] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 346.003957][ T3704] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 346.426658][ T6104] loop0: detected capacity change from 0 to 8192 [ 347.086035][ T6117] loop2: detected capacity change from 0 to 1024 [ 347.554110][ T6117] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 347.777909][ T6117] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2777: inode #12: comm syz-executor.2: corrupted in-inode xattr: bad magic number in in-inode xattr [ 347.962143][ T6117] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2847: Unable to expand inode 12. Delete some EAs or run e2fsck. [ 348.332173][ T5866] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 348.615195][ T6118] fuse: Bad value for 'rootmode' [ 349.277528][ T6132] dccp_close: ABORT with 60 bytes unread [ 349.448441][ T6131] loop3: detected capacity change from 0 to 2048 [ 349.601923][ T5135] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 349.843353][ T6131] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 349.856272][ T6131] ext4 filesystem being mounted at /root/syzkaller-testdir676171529/syzkaller.IOKdYk/61/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 350.102106][ T5135] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 350.113731][ T5135] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 350.124199][ T5135] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 350.133659][ T5135] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 350.215575][ T6133] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 350.355252][ T5090] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.892943][ T5135] usb 1-1: USB disconnect, device number 3 [ 354.218243][ T6169] loop4: detected capacity change from 0 to 2048 [ 354.405631][ T6169] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 354.419039][ T6169] ext4 filesystem being mounted at /root/syzkaller-testdir3178220050/syzkaller.Oxh2J3/64/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 355.013871][ T5085] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.667672][ T6179] fuse: Bad value for 'rootmode' [ 357.161755][ T25] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 357.779562][ T25] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 357.791178][ T25] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 357.803833][ T25] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 357.813440][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 357.944978][ T6189] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 358.698435][ T25] usb 1-1: USB disconnect, device number 4 [ 359.009487][ T6143] udevd[6143]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 359.163929][ T6208] loop3: detected capacity change from 0 to 2048 [ 359.302904][ T6208] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 359.316450][ T6208] ext4 filesystem being mounted at /root/syzkaller-testdir676171529/syzkaller.IOKdYk/66/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 359.426032][ T6210] loop2: detected capacity change from 0 to 4096 [ 359.477912][ T6210] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 359.548792][ T6210] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 4096) [ 359.633060][ T6210] NILFS (loop2): invalid segment: Checksum error in segment payload [ 359.641900][ T6210] NILFS (loop2): unable to fall back to spare super block [ 359.649251][ T6210] NILFS (loop2): error -22 while searching super root [ 359.766905][ T5090] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 359.858329][ T5985] udevd[5985]: incorrect nilfs2 checksum on /dev/loop2 [ 363.394970][ T6239] fuse: Bad value for 'rootmode' [ 365.474042][ T6251] loop4: detected capacity change from 0 to 2048 [ 365.476122][ T5125] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 365.642527][ T6251] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 365.655535][ T6251] ext4 filesystem being mounted at /root/syzkaller-testdir3178220050/syzkaller.Oxh2J3/70/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 365.859112][ T5085] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.922144][ T5125] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 365.933765][ T5125] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 365.950528][ T5125] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 365.961837][ T5125] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 366.094637][ T6247] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 366.505065][ T5125] usb 2-1: USB disconnect, device number 4 [ 366.640820][ T5985] udevd[5985]: setting mode of /dev/midi3 to 020660 failed: No such file or directory [ 366.690217][ T5705] udevd[5705]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 366.712942][ T5985] udevd[5985]: setting owner of /dev/midi3 to uid=0, gid=29 failed: No such file or directory [ 370.420869][ T6289] fuse: Bad value for 'rootmode' [ 370.476777][ T6291] loop2: detected capacity change from 0 to 2048 [ 370.844448][ T6291] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 370.860306][ T6291] ext4 filesystem being mounted at /root/syzkaller-testdir800731914/syzkaller.Ws9O87/18/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 371.152665][ T5866] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 373.458536][ T6310] veth1_macvtap: left promiscuous mode [ 375.009879][ T6326] loop2: detected capacity change from 0 to 2048 [ 375.233589][ T6326] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 375.246680][ T6326] ext4 filesystem being mounted at /root/syzkaller-testdir800731914/syzkaller.Ws9O87/22/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 375.493982][ T5866] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 380.142890][ T6374] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 380.171838][ T6370] loop4: detected capacity change from 0 to 2048 [ 380.494053][ T6370] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 380.507069][ T6370] ext4 filesystem being mounted at /root/syzkaller-testdir3178220050/syzkaller.Oxh2J3/77/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 381.038243][ T5085] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 381.774197][ T6386] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 381.781754][ T6386] IPv6: NLM_F_CREATE should be set when creating new route [ 381.789282][ T6386] IPv6: NLM_F_CREATE should be set when creating new route [ 384.006644][ T6407] loop4: detected capacity change from 0 to 1024 [ 384.187892][ T6407] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a042c018, mo2=0002] [ 384.310836][ T6407] System zones: 0-1, 3-12 [ 384.353702][ T6407] EXT4-fs (loop4): mounted filesystem 000000fe-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 384.386794][ T6409] pim6reg1: entered promiscuous mode [ 384.392622][ T6409] pim6reg1: entered allmulticast mode [ 385.032488][ T5085] EXT4-fs (loop4): unmounting filesystem 000000fe-0000-0000-0000-000000000000. [ 385.634434][ T6422] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 388.444311][ T6445] syz-executor.1[6445] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 388.444978][ T6445] syz-executor.1[6445] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 388.670410][ T6448] loop3: detected capacity change from 0 to 1024 [ 389.019450][ T6448] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a042c018, mo2=0002] [ 389.136958][ T6448] System zones: 0-1, 3-12 [ 389.162205][ T6448] EXT4-fs (loop3): mounted filesystem 000000fe-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 389.638802][ T5090] EXT4-fs (loop3): unmounting filesystem 000000fe-0000-0000-0000-000000000000. [ 390.089849][ T6464] sit0: entered promiscuous mode [ 390.095249][ T6464] sit0: entered allmulticast mode [ 392.658985][ T6490] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 392.890783][ T6494] loop3: detected capacity change from 0 to 1024 [ 393.206388][ T6494] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a042c018, mo2=0002] [ 393.233452][ T6494] System zones: 0-1, 3-12 [ 393.350353][ T6494] EXT4-fs (loop3): mounted filesystem 000000fe-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 394.079055][ T5090] EXT4-fs (loop3): unmounting filesystem 000000fe-0000-0000-0000-000000000000. [ 396.168033][ T6526] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 396.175621][ T6526] IPv6: NLM_F_CREATE should be set when creating new route [ 396.183214][ T6526] IPv6: NLM_F_CREATE should be set when creating new route [ 396.976724][ T6535] loop4: detected capacity change from 0 to 1024 [ 397.165974][ T6535] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a042c018, mo2=0002] [ 397.283145][ T6535] System zones: 0-1, 3-12 [ 397.290367][ T6535] EXT4-fs (loop4): mounted filesystem 000000fe-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 397.617976][ T5085] EXT4-fs (loop4): unmounting filesystem 000000fe-0000-0000-0000-000000000000. [ 399.759585][ T6562] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 399.767238][ T6562] IPv6: NLM_F_CREATE should be set when creating new route [ 399.774901][ T6562] IPv6: NLM_F_CREATE should be set when creating new route [ 400.026707][ T29] audit: type=1326 audit(1718091530.059:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6563 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7479579 code=0x0 [ 400.595088][ T6570] loop2: detected capacity change from 0 to 1024 [ 400.999445][ T6570] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a042c018, mo2=0002] [ 401.094761][ T6570] System zones: 0-1, 3-12 [ 401.178557][ T6570] EXT4-fs (loop2): mounted filesystem 000000fe-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 401.780001][ T5866] EXT4-fs (loop2): unmounting filesystem 000000fe-0000-0000-0000-000000000000. [ 403.234528][ T6595] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 403.455543][ T1221] ieee802154 phy0 wpan0: encryption failed: -22 [ 403.462398][ T1221] ieee802154 phy1 wpan1: encryption failed: -22 [ 403.654952][ T29] audit: type=1326 audit(1718091533.679:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7479579 code=0x0 [ 404.194148][ T6605] loop3: detected capacity change from 0 to 256 [ 404.481945][ T29] audit: type=1326 audit(1718091534.489:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 404.505138][ T29] audit: type=1326 audit(1718091534.489:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 404.528016][ T29] audit: type=1326 audit(1718091534.509:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 404.553288][ T29] audit: type=1326 audit(1718091534.559:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 404.576874][ T29] audit: type=1326 audit(1718091534.569:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 404.699857][ T29] audit: type=1326 audit(1718091534.719:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 404.722969][ T29] audit: type=1326 audit(1718091534.719:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 404.745798][ T29] audit: type=1326 audit(1718091534.719:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73c05a7 code=0x7ffc0000 [ 405.032856][ T29] kauditd_printk_skb: 36 callbacks suppressed [ 405.032927][ T29] audit: type=1326 audit(1718091535.119:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 405.213271][ T29] audit: type=1326 audit(1718091535.149:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73c05a7 code=0x7ffc0000 [ 405.236857][ T29] audit: type=1326 audit(1718091535.199:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 405.259855][ T29] audit: type=1326 audit(1718091535.219:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 405.287987][ T29] audit: type=1326 audit(1718091535.239:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73c05a7 code=0x7ffc0000 [ 405.667609][ T6616] loop0: detected capacity change from 0 to 2048 [ 405.873870][ T6616] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 405.888914][ T6616] ext4 filesystem being mounted at /root/syzkaller-testdir661439532/syzkaller.iQGEjA/96/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 406.252303][ T5082] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 406.490186][ T6633] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 406.910663][ T29] audit: type=1326 audit(1718091536.929:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6639 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x0 [ 407.031093][ T6643] loop2: detected capacity change from 0 to 256 [ 407.546582][ T29] audit: type=1326 audit(1718091537.439:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fb579 code=0x7ffc0000 [ 407.569737][ T29] audit: type=1326 audit(1718091537.449:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fb579 code=0x7ffc0000 [ 407.592607][ T29] audit: type=1326 audit(1718091537.449:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73fb579 code=0x7ffc0000 [ 407.615456][ T29] audit: type=1326 audit(1718091537.459:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fb579 code=0x7ffc0000 [ 408.706104][ T6663] loop1: detected capacity change from 0 to 2048 [ 408.830329][ T6663] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 408.843631][ T6663] ext4 filesystem being mounted at /root/syzkaller-testdir951322551/syzkaller.z5uxYp/81/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 409.016149][ T6673] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 409.196534][ T5074] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 409.475888][ T6676] Driver unsupported XDP return value 0 on prog (id 78) dev N/A, expect packet loss! [ 409.590965][ T6681] loop3: detected capacity change from 0 to 256 [ 410.055932][ T29] kauditd_printk_skb: 25 callbacks suppressed [ 410.055984][ T29] audit: type=1326 audit(1718091540.139:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6679 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73c05a7 code=0x7ffc0000 [ 410.090101][ T29] audit: type=1326 audit(1718091540.139:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6679 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 410.114761][ T29] audit: type=1326 audit(1718091540.139:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6679 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73c05a7 code=0x7ffc0000 [ 410.137613][ T29] audit: type=1326 audit(1718091540.139:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6679 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 410.160350][ T29] audit: type=1326 audit(1718091540.139:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6679 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73c05a7 code=0x7ffc0000 [ 410.257727][ T29] audit: type=1326 audit(1718091540.299:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6679 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 410.286613][ T29] audit: type=1326 audit(1718091540.299:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6679 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73c05a7 code=0x7ffc0000 [ 410.311522][ T29] audit: type=1326 audit(1718091540.309:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6679 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 410.334576][ T29] audit: type=1326 audit(1718091540.319:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6679 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 410.357423][ T29] audit: type=1326 audit(1718091540.319:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6679 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73c05a7 code=0x7ffc0000 [ 410.953630][ T6697] veth1_macvtap: left promiscuous mode [ 411.836529][ T6711] loop0: detected capacity change from 0 to 2048 [ 412.014925][ T6711] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 412.030666][ T6711] ext4 filesystem being mounted at /root/syzkaller-testdir661439532/syzkaller.iQGEjA/103/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 412.376034][ T5082] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 412.915097][ T6726] loop0: detected capacity change from 0 to 256 [ 413.812446][ T6737] veth1_macvtap: left promiscuous mode [ 415.216133][ T6753] loop4: detected capacity change from 0 to 2048 [ 415.345317][ T6753] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 415.358135][ T6753] ext4 filesystem being mounted at /root/syzkaller-testdir3178220050/syzkaller.Oxh2J3/111/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 415.417566][ T6753] fs-verity (loop4, inode 13): Error -4 building Merkle tree [ 415.654957][ T5085] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 416.052421][ T6767] loop2: detected capacity change from 0 to 256 [ 416.260126][ T29] kauditd_printk_skb: 27 callbacks suppressed [ 416.260199][ T29] audit: type=1326 audit(1718091546.339:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6765 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fb579 code=0x7ffc0000 [ 416.369518][ T29] audit: type=1326 audit(1718091546.379:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6765 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73fb579 code=0x7ffc0000 [ 416.393260][ T29] audit: type=1326 audit(1718091546.449:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6765 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fb579 code=0x7ffc0000 [ 416.416476][ T29] audit: type=1326 audit(1718091546.449:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6765 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fb579 code=0x7ffc0000 [ 416.444972][ T29] audit: type=1326 audit(1718091546.449:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6765 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73fb579 code=0x7ffc0000 [ 416.468993][ T29] audit: type=1326 audit(1718091546.529:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6765 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fb579 code=0x7ffc0000 [ 416.583644][ T29] audit: type=1326 audit(1718091546.579:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6765 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73fb579 code=0x7ffc0000 [ 416.606616][ T29] audit: type=1326 audit(1718091546.579:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6765 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73fb5a7 code=0x7ffc0000 [ 416.634445][ T29] audit: type=1326 audit(1718091546.579:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6765 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73fb579 code=0x7ffc0000 [ 416.659281][ T29] audit: type=1326 audit(1718091546.639:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6765 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73fb5a7 code=0x7ffc0000 [ 417.816498][ T6789] loop3: detected capacity change from 0 to 2048 [ 418.046971][ T6789] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 418.060877][ T6789] ext4 filesystem being mounted at /root/syzkaller-testdir676171529/syzkaller.IOKdYk/108/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 418.240710][ T6789] fs-verity (loop3, inode 13): Error -4 building Merkle tree [ 418.285626][ T6799] loop0: detected capacity change from 0 to 256 [ 418.445392][ T5090] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 420.648342][ T6832] loop3: detected capacity change from 0 to 2048 [ 420.864668][ T6832] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 420.877748][ T6832] ext4 filesystem being mounted at /root/syzkaller-testdir676171529/syzkaller.IOKdYk/110/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 421.165123][ T5090] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 421.478394][ T29] kauditd_printk_skb: 92 callbacks suppressed [ 421.478464][ T29] audit: type=1326 audit(1718091551.559:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6842 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 421.527929][ T29] audit: type=1326 audit(1718091551.599:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6842 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 421.615189][ T29] audit: type=1326 audit(1718091551.639:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6842 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 421.638429][ T29] audit: type=1326 audit(1718091551.659:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6842 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 421.667684][ T29] audit: type=1326 audit(1718091551.659:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6842 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 421.692491][ T29] audit: type=1326 audit(1718091551.659:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6842 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 421.715473][ T29] audit: type=1326 audit(1718091551.659:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6842 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 421.738609][ T29] audit: type=1326 audit(1718091551.659:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6842 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 421.766984][ T29] audit: type=1326 audit(1718091551.679:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6842 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf748e5a7 code=0x7ffc0000 [ 421.791637][ T29] audit: type=1326 audit(1718091551.679:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6842 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 423.355785][ T6868] loop1: detected capacity change from 0 to 2048 [ 423.578427][ T6868] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 423.739381][ T6870] loop3: detected capacity change from 0 to 2048 [ 423.957510][ T6870] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 423.970437][ T6870] ext4 filesystem being mounted at /root/syzkaller-testdir676171529/syzkaller.IOKdYk/113/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 424.283974][ T6870] fs-verity (loop3, inode 13): Error -4 building Merkle tree [ 424.523601][ T5090] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 426.633719][ T6912] loop2: detected capacity change from 0 to 2048 [ 426.789542][ T6912] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 426.802352][ T6912] ext4 filesystem being mounted at /root/syzkaller-testdir800731914/syzkaller.Ws9O87/75/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 426.978379][ T6912] fs-verity (loop2, inode 13): Error -4 building Merkle tree [ 427.166225][ T5866] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 428.669410][ T6941] loop3: detected capacity change from 0 to 256 [ 428.768611][ T29] kauditd_printk_skb: 69 callbacks suppressed [ 428.768685][ T29] audit: type=1326 audit(1718091558.849:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 428.896521][ T29] audit: type=1326 audit(1718091558.889:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 428.922132][ T29] audit: type=1326 audit(1718091558.889:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 429.001476][ T29] audit: type=1326 audit(1718091559.029:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 429.029114][ T29] audit: type=1326 audit(1718091559.039:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 429.053254][ T29] audit: type=1326 audit(1718091559.039:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 429.076349][ T29] audit: type=1326 audit(1718091559.039:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73c05a7 code=0x7ffc0000 [ 429.099146][ T29] audit: type=1326 audit(1718091559.049:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 429.124302][ T29] audit: type=1326 audit(1718091559.049:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73c05a7 code=0x7ffc0000 [ 429.147645][ T29] audit: type=1326 audit(1718091559.049:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6940 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 429.182056][ T6945] loop4: detected capacity change from 0 to 2048 [ 429.311575][ T6945] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 429.324396][ T6945] ext4 filesystem being mounted at /root/syzkaller-testdir3178220050/syzkaller.Oxh2J3/129/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 429.408286][ T6945] fs-verity (loop4, inode 13): Error -4 building Merkle tree [ 429.615598][ T5085] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 431.318635][ T6972] loop3: detected capacity change from 0 to 256 [ 431.977272][ T6978] loop4: detected capacity change from 0 to 2048 [ 432.074628][ T6978] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 432.087701][ T6978] ext4 filesystem being mounted at /root/syzkaller-testdir3178220050/syzkaller.Oxh2J3/133/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 432.426688][ T5085] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 433.068558][ T6991] kernel profiling enabled (shift: 4) [ 434.204250][ T5074] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 434.740841][ T7012] loop3: detected capacity change from 0 to 256 [ 434.844465][ T29] kauditd_printk_skb: 50 callbacks suppressed [ 434.844536][ T29] audit: type=1326 audit(1718091564.919:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 434.876194][ T29] audit: type=1326 audit(1718091564.929:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 434.901961][ T29] audit: type=1326 audit(1718091564.949:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 434.925254][ T29] audit: type=1326 audit(1718091564.949:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 434.948324][ T29] audit: type=1326 audit(1718091565.009:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 434.973623][ T29] audit: type=1326 audit(1718091565.019:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 435.000165][ T29] audit: type=1326 audit(1718091565.019:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73c05a7 code=0x7ffc0000 [ 435.023447][ T29] audit: type=1326 audit(1718091565.019:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 435.046272][ T29] audit: type=1326 audit(1718091565.019:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73c05a7 code=0x7ffc0000 [ 435.071792][ T29] audit: type=1326 audit(1718091565.019:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73c0579 code=0x7ffc0000 [ 436.131278][ C1] ===================================================== [ 436.138510][ C1] BUG: KMSAN: uninit-value in profile_tick+0x1ae/0x1b0 [ 436.145547][ C1] profile_tick+0x1ae/0x1b0 [ 436.150222][ C1] tick_nohz_handler+0x588/0x690 [ 436.155326][ C1] __hrtimer_run_queues+0x56f/0xe40 [ 436.160689][ C1] hrtimer_interrupt+0x3ab/0x1490 [ 436.165874][ C1] __sysvec_apic_timer_interrupt+0xa6/0x3a0 [ 436.171950][ C1] sysvec_apic_timer_interrupt+0x7e/0x90 [ 436.177769][ C1] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 436.183932][ C1] _raw_spin_unlock_irq+0x25/0x50 [ 436.189114][ C1] shmem_add_to_page_cache+0xa09/0xd70 [ 436.194761][ C1] shmem_alloc_and_add_folio+0x8cf/0x1100 [ 436.200666][ C1] shmem_get_folio_gfp+0x9ae/0x21a0 [ 436.206037][ C1] shmem_fault+0x1eb/0x690 [ 436.210633][ C1] __do_fault+0x1f2/0x620 [ 436.215150][ C1] handle_mm_fault+0x665b/0xce10 [ 436.220261][ C1] __get_user_pages+0xa59/0x2c20 [ 436.225376][ C1] __mm_populate+0x5f8/0x990 [ 436.230137][ C1] vm_mmap_pgoff+0x351/0x4e0 [ 436.234877][ C1] ksys_mmap_pgoff+0x16e/0x7a0 [ 436.239797][ C1] __ia32_sys_mmap_pgoff+0x11d/0x1a0 [ 436.245244][ C1] ia32_sys_call+0x3d8e/0x40a0 [ 436.250215][ C1] __do_fast_syscall_32+0xb4/0x120 [ 436.255546][ C1] do_fast_syscall_32+0x38/0x80 [ 436.260594][ C1] do_SYSENTER_32+0x1f/0x30 [ 436.265287][ C1] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 436.271812][ C1] [ 436.274260][ C1] Local variable warn created at: [ 436.279374][ C1] __dquot_alloc_space+0x4e/0x18c0 [ 436.284659][ C1] shmem_inode_acct_blocks+0x3c4/0x5c0 [ 436.290283][ C1] [ 436.292703][ C1] CPU: 1 PID: 7021 Comm: syz-executor.0 Not tainted 6.9.0-syzkaller-02339-g101b7a97143a #0 [ 436.302855][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 436.313038][ C1] ===================================================== [ 436.320054][ C1] Disabling lock debugging due to kernel taint [ 436.326293][ C1] Kernel panic - not syncing: kmsan.panic set ... [ 436.332804][ C1] CPU: 1 PID: 7021 Comm: syz-executor.0 Tainted: G B 6.9.0-syzkaller-02339-g101b7a97143a #0 [ 436.344414][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 436.354591][ C1] Call Trace: [ 436.357961][ C1] [ 436.360898][ C1] dump_stack_lvl+0x216/0x2d0 [ 436.365760][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 436.371742][ C1] dump_stack+0x1e/0x30 [ 436.376066][ C1] panic+0x4e2/0xcd0 [ 436.380138][ C1] ? kmsan_get_metadata+0xf1/0x1d0 [ 436.385512][ C1] kmsan_report+0x2d5/0x2e0 [ 436.390184][ C1] ? update_load_avg+0x1a35/0x29b0 [ 436.395467][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 436.400833][ C1] ? __msan_warning+0x95/0x120 [ 436.405736][ C1] ? profile_tick+0x1ae/0x1b0 [ 436.410586][ C1] ? tick_nohz_handler+0x588/0x690 [ 436.415870][ C1] ? __hrtimer_run_queues+0x56f/0xe40 [ 436.421500][ C1] ? hrtimer_interrupt+0x3ab/0x1490 [ 436.426864][ C1] ? __sysvec_apic_timer_interrupt+0xa6/0x3a0 [ 436.433119][ C1] ? sysvec_apic_timer_interrupt+0x7e/0x90 [ 436.439107][ C1] ? asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 436.445450][ C1] ? _raw_spin_unlock_irq+0x25/0x50 [ 436.450799][ C1] ? shmem_add_to_page_cache+0xa09/0xd70 [ 436.456606][ C1] ? shmem_alloc_and_add_folio+0x8cf/0x1100 [ 436.462678][ C1] ? shmem_get_folio_gfp+0x9ae/0x21a0 [ 436.468226][ C1] ? shmem_fault+0x1eb/0x690 [ 436.472981][ C1] ? __do_fault+0x1f2/0x620 [ 436.477661][ C1] ? handle_mm_fault+0x665b/0xce10 [ 436.482939][ C1] ? __get_user_pages+0xa59/0x2c20 [ 436.488239][ C1] ? __mm_populate+0x5f8/0x990 [ 436.493177][ C1] ? vm_mmap_pgoff+0x351/0x4e0 [ 436.498098][ C1] ? ksys_mmap_pgoff+0x16e/0x7a0 [ 436.503260][ C1] ? __ia32_sys_mmap_pgoff+0x11d/0x1a0 [ 436.508891][ C1] ? ia32_sys_call+0x3d8e/0x40a0 [ 436.514016][ C1] ? __do_fast_syscall_32+0xb4/0x120 [ 436.519489][ C1] ? do_fast_syscall_32+0x38/0x80 [ 436.524693][ C1] ? do_SYSENTER_32+0x1f/0x30 [ 436.529662][ C1] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 436.536418][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 436.541794][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 436.547798][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 436.553170][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 436.559157][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 436.564519][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 436.570496][ C1] __msan_warning+0x95/0x120 [ 436.575231][ C1] profile_tick+0x1ae/0x1b0 [ 436.579923][ C1] ? shmem_add_to_page_cache+0xa09/0xd70 [ 436.585740][ C1] tick_nohz_handler+0x588/0x690 [ 436.590863][ C1] ? __pfx_tick_nohz_handler+0x10/0x10 [ 436.596500][ C1] __hrtimer_run_queues+0x56f/0xe40 [ 436.601911][ C1] hrtimer_interrupt+0x3ab/0x1490 [ 436.607142][ C1] ? __pfx_hrtimer_interrupt+0x10/0x10 [ 436.612776][ C1] ? __pfx_hrtimer_interrupt+0x10/0x10 [ 436.618516][ C1] __sysvec_apic_timer_interrupt+0xa6/0x3a0 [ 436.624609][ C1] sysvec_apic_timer_interrupt+0x7e/0x90 [ 436.630424][ C1] [ 436.633442][ C1] [ 436.636463][ C1] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 436.642651][ C1] RIP: 0010:_raw_spin_unlock_irq+0x25/0x50 [ 436.648630][ C1] Code: 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 53 48 89 fb e8 5f 68 bf f2 48 89 df e8 67 5a bf f2 c6 00 00 c6 03 00 fb be 04 00 00 00 <48> c7 c7 08 5d 0a 00 e8 7f 5c bf f2 65 ff 0d 30 b5 85 70 74 07 5b [ 436.668407][ C1] RSP: 0018:ffff8881034634a0 EFLAGS: 00000286 [ 436.674619][ C1] RAX: ffff888040a4e798 RBX: ffff88804124e798 RCX: 0000000040e4e798 [ 436.682810][ C1] RDX: ffff888040e4e798 RSI: 0000000000000004 RDI: ffff88804124e798 [ 436.690912][ C1] RBP: ffff8881034634a8 R08: ffffea000000000f R09: ffffea00058928d0 [ 436.699026][ C1] R10: ffff888040a4e798 R11: 0000000000000004 R12: ffff88804124e798 [ 436.707135][ C1] R13: ffff888117852c00 R14: 0000000000000cc0 R15: 0000000000000000 [ 436.715258][ C1] shmem_add_to_page_cache+0xa09/0xd70 [ 436.720929][ C1] shmem_alloc_and_add_folio+0x8cf/0x1100 [ 436.726831][ C1] ? filemap_get_entry+0x67d/0x6c0 [ 436.732145][ C1] shmem_get_folio_gfp+0x9ae/0x21a0 [ 436.737530][ C1] ? kmsan_get_metadata+0xf0/0x1d0 [ 436.742809][ C1] shmem_fault+0x1eb/0x690 [ 436.747403][ C1] ? __pfx_shmem_fault+0x10/0x10 [ 436.752512][ C1] __do_fault+0x1f2/0x620 [ 436.757019][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 436.762984][ C1] ? __pfx_filemap_map_pages+0x10/0x10 [ 436.768634][ C1] ? __pfx_filemap_map_pages+0x10/0x10 [ 436.774283][ C1] handle_mm_fault+0x665b/0xce10 [ 436.779455][ C1] ? __pfx_filemap_map_pages+0x10/0x10 [ 436.785105][ C1] __get_user_pages+0xa59/0x2c20 [ 436.790285][ C1] __mm_populate+0x5f8/0x990 [ 436.795090][ C1] vm_mmap_pgoff+0x351/0x4e0 [ 436.799855][ C1] ksys_mmap_pgoff+0x16e/0x7a0 [ 436.804788][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 436.810166][ C1] __ia32_sys_mmap_pgoff+0x11d/0x1a0 [ 436.815642][ C1] ia32_sys_call+0x3d8e/0x40a0 [ 436.820606][ C1] __do_fast_syscall_32+0xb4/0x120 [ 436.825910][ C1] ? switch_fpu_return+0x17/0x20 [ 436.831037][ C1] do_fast_syscall_32+0x38/0x80 [ 436.836446][ C1] do_SYSENTER_32+0x1f/0x30 [ 436.841123][ C1] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 436.847662][ C1] RIP: 0023:0xf7479579 [ 436.851848][ C1] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 436.871620][ C1] RSP: 002b:00000000f5ee15ac EFLAGS: 00000206 ORIG_RAX: 00000000000000c0 [ 436.880184][ C1] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 436.888292][ C1] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 00000000ffffffff [ 436.896395][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 436.904574][ C1] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 436.912677][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 436.920802][ C1] [ 436.924166][ C1] Kernel Offset: disabled [ 436.928548][ C1] Rebooting in 86400 seconds..