last executing test programs: 3m33.829023501s ago: executing program 1 (id=93): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x1, 0x40, 0x5, 0x41}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3m32.086400881s ago: executing program 1 (id=94): r0 = socket$inet(0x2, 0x3, 0x8d) setsockopt$inet_msfilter(r0, 0x0, 0x8, &(0x7f0000000180)=ANY=[@ANYRESOCT=r0], 0x1) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000000c0)={0x0, @local, @local}, &(0x7f0000000140)=0xc) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2a}}, 0x3f, r1}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x0, &(0x7f0000000100)}) r2 = socket(0xa, 0x1, 0x0) ioctl(r2, 0x8916, &(0x7f0000000000)) 3m27.691236473s ago: executing program 1 (id=102): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x1, 0x40, 0x5, 0x41}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3m26.289607842s ago: executing program 1 (id=104): syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file0\x00', 0x204404, &(0x7f0000000240)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c756e695f786c6174653d312c756e695f786c6174653d302c757466383d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c696f636861727365743d64656661756c742c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c726f6469722c757466383d302c6572726f72733d72656d6f756e742d726f2c6572726f72733d636f6e74696e75652c756e695f786c6174653d302c756e695f786c6174653d302c646d61736b3d30303030303030303030303030303030303030303030312c747a3d5554432c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c6572726f72733d72656d6f756e742d726f2c6e6f6e756d7461696c3d302c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c726f6469722c696f636861727365743d63703733372c73686f72746e616d653d77696e39352c696f636861727365743d6370313235312c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c6e6f6e756d7461696c02002c00"], 0x6, 0x2d1, &(0x7f0000000740)="$eJzs3T9rJGUcB/DfbGb/qMVuYSWCA1pYHZdrbTbIHYipPLY4LTR4dyDZRUgg4h9cU4mdjaWvQBB8ITZ2loKtYGeEwMjMzmR3k3GzkWxE8/kUyZOZ5zvP73lmkkyTJ++9ONl/nMXT489+iV4vidawG3GSxCBaUfsilgy/DgDgv+wkz+P3fKbh9M9frcj2NlgXALA5l/z+r6Tlx0dFjx9urjYAYDMePnr7zZ3d3ftvZVkvHky+PBolEVF8np3feRofxDiexN3ox2lE+aLQjvJtoWg+yPN8mmaFQbwymR6NiuTk3R+r6+/8FlHmt6Mfg/LQ2dtGmX9j9/52NrOQnxZ1PFuNPyzy96Ifz5+Fl/L3GvIx6sSrLy/Ufyf68dP78WGM43FZxDz/+XaWvZ5/88en7xTlFflkejTqlv3m8q168OkN3yMAAAAAAAAAAAAAAAAAAAAAAP5/7lR753Sj3L+nOFTtv7N1WnzRjqw2WN6fZ5ZP6gvN9weKVp7n0zy+rffXuZtlWV51nOfTeCGtNhYEAAAAAAAAAAAAAAAAAACAW+7w40/298bjJwfX0qh3A0gj4s+HEf/0OsOFIy/F6s7dasy98bhVNZf7pItHYqvuk0SsLKOYxDUty2WNZy7UXDW++74xVczoMI2mU73LB203j3XFxkft2To29qmfrv29pHkNu2fF94obF+dvXCeaR2/HuSOdv6uwfhTXm06n8VT/ysvSea5sTFf0iWTV98Vrv87KXpjFUp9OuaqN8XbVWIifezbWep6jN4tf/FmR2K0DAAAAAAAAAAAAAAAAAAA2av7Xvw0nj1dGW3l3Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI2a////dRrpcniNVCcODv+tuQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB7/BUAAP//vaZV2Q==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x143042, 0x58) openat$rtc(0xffffffffffffff9c, 0x0, 0x200, 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) prlimit64(0x0, 0xa74f4d2231f8950a, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x20a02, 0x0) ioctl$TIOCSSOFTCAR(r4, 0x5453, 0x0) io_submit(0x0, 0x0, 0x0) openat$udambuf(0xffffffffffffff9c, &(0x7f0000000100), 0x2) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff) fallocate(r0, 0x0, 0x9, 0x10001) 3m19.85813958s ago: executing program 1 (id=114): socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket(0xa, 0x2400000001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f0000034000)={0x9, {{0xa, 0x4e24, 0xffffffc0, @mcast2, 0x2}}}, 0x88) setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, 0x0, 0x0) getsockopt$inet6_buf(r3, 0x29, 0x10000000000030, &(0x7f0000034000)=""/144, &(0x7f0000002280)=0x90) 3m17.133666156s ago: executing program 1 (id=118): alarm(0x9) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000215000/0x3000)=nil, 0x3000, 0x1000008, 0x810, 0xffffffffffffffff, 0xffffffffffffc000) r2 = shmget(0x1, 0x4000, 0x200, &(0x7f00005b8000/0x4000)=nil) shmctl$SHM_LOCK(r2, 0xb) keyctl$read(0xb, 0x0, 0x0, 0x0) timer_create(0x3, 0x0, &(0x7f0000000080)) creat(&(0x7f0000000280)='./file0\x00', 0x155adae9f4f0a7c9) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3m16.844634543s ago: executing program 32 (id=118): alarm(0x9) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000215000/0x3000)=nil, 0x3000, 0x1000008, 0x810, 0xffffffffffffffff, 0xffffffffffffc000) r2 = shmget(0x1, 0x4000, 0x200, &(0x7f00005b8000/0x4000)=nil) shmctl$SHM_LOCK(r2, 0xb) keyctl$read(0xb, 0x0, 0x0, 0x0) timer_create(0x3, 0x0, &(0x7f0000000080)) creat(&(0x7f0000000280)='./file0\x00', 0x155adae9f4f0a7c9) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3m2.141342424s ago: executing program 2 (id=139): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x8, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0) 3m0.249565292s ago: executing program 2 (id=140): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x6, 0xc, &(0x7f0000000140)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xe, 0x0, &(0x7f0000000300)="0101000071a78326c799dbe888a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 2m58.098999695s ago: executing program 2 (id=143): r0 = socket$inet6(0xa, 0x3, 0x8) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e24, 0x2, @empty, 0x1}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000)=0xa4, 0x4) 2m56.941184241s ago: executing program 2 (id=145): chmod(&(0x7f0000000100)='./file0\x00', 0xed) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="800000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c000280050001000000000008000740000000011c00108008000140000000000800024000000000080003"], 0x80}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r4, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="02030003120000002cbd7000fbdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af05000600000000000a00000000000000000000000000000000000000000000010b0000000000000002000100000000000000070c0000000005000500000000000a00000000000000fc0100000000000000000000000000010700000000000000010014"], 0x90}, 0x1, 0x7}, 0x0) 2m54.434786334s ago: executing program 2 (id=148): r0 = socket$inet6(0xa, 0x80003, 0x6) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@empty, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f00000002c0)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 2m53.065801373s ago: executing program 2 (id=149): socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) clock_nanosleep(0xb, 0x0, 0x0, 0xfffffffffffffffe) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0) io_uring_setup(0x3400, 0x0) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4004800) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d40)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c0002800500010000000000080007400000"], 0x80}, 0x1, 0x0, 0x0, 0x4020014}, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49200000000000, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x1000, 0x8, 0x12, 0x3, 0x0, 0x3}) 2m37.400389668s ago: executing program 33 (id=149): socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) clock_nanosleep(0xb, 0x0, 0x0, 0xfffffffffffffffe) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0) io_uring_setup(0x3400, 0x0) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4004800) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d40)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c0002800500010000000000080007400000"], 0x80}, 0x1, 0x0, 0x0, 0x4020014}, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49200000000000, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x1000, 0x8, 0x12, 0x3, 0x0, 0x3}) 1m8.751497559s ago: executing program 4 (id=266): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000c00000000000000000000008500000017000000180100002020642500000000002020207b1af8ff00"], 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x6, 0xc, &(0x7f0000000140)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xe, 0x0, &(0x7f0000000300)="0101000071a78326c799dbe888a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 1m6.893584425s ago: executing program 4 (id=269): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) futex(&(0x7f0000000180)=0x1, 0x0, 0x1, &(0x7f0000000200), &(0x7f0000000240)=0x1, 0x0) 1m5.619767437s ago: executing program 4 (id=270): fanotify_init(0x1, 0x2) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000540)='./file5\x00', 0x82c0, 0x0) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee7, 0x8031, r0, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x5, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x15, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000100850000000100000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000008200000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000a80)={r8, 0x0, 0x0}, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) 1m0.615139314s ago: executing program 4 (id=273): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x28, 0x0, 0xc4fc9e906872338b, 0x0, 0x0, {{0x5}, {@val={0x8}, @val={0xc}}}}, 0x28}}, 0x0) 53.964497114s ago: executing program 4 (id=278): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) futex(&(0x7f0000000180)=0x1, 0x0, 0x1, &(0x7f0000000200), &(0x7f0000000240)=0x1, 0x0) 52.694932137s ago: executing program 4 (id=280): close(0x3) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) syz_usb_connect$cdc_ecm(0x2, 0x5e, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000102505a1a440000000010109024c00010100000309040000ff02020000052bc1bb731f43332406000005240000000d240f010000000000000000000424130504241300090581032000000000090582022000000000090503020800000000"], 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_SCRNMAP(r2, 0x4b52, &(0x7f0000000000)="eac09bbee7") connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getuid() r3 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'}) setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4) socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e000000020018"], 0x80}}, 0x0) 39.225752557s ago: executing program 3 (id=293): fanotify_init(0x1, 0x2) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000540)='./file5\x00', 0x82c0, 0x0) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee7, 0x8031, r0, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x5, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x15, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000100850000000100000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000008200000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000a80)={r8, 0x0, 0x0}, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) 37.400657311s ago: executing program 34 (id=280): close(0x3) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) syz_usb_connect$cdc_ecm(0x2, 0x5e, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000102505a1a440000000010109024c00010100000309040000ff02020000052bc1bb731f43332406000005240000000d240f010000000000000000000424130504241300090581032000000000090582022000000000090503020800000000"], 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_SCRNMAP(r2, 0x4b52, &(0x7f0000000000)="eac09bbee7") connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getuid() r3 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'}) setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4) socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e000000020018"], 0x80}}, 0x0) 37.353105454s ago: executing program 3 (id=295): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000440)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==") openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x600, 0x0, 0x69, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) getsockopt$IP_SET_OP_GET_BYINDEX(0xffffffffffffffff, 0x1, 0x53, 0x0, 0x0) read$msr(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xfe, 0x485, &(0x7f0000001500)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b) 31.293450931s ago: executing program 3 (id=300): r0 = fanotify_init(0x1, 0x2) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000540)='./file5\x00', 0x82c0, 0x0) r2 = getpgrp(0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee7, 0x8031, r1, 0x0) r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socket(0x400000000010, 0x3, 0x0) socket$unix(0x1, 0x5, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x15, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000100850000000100000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000008200000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000a80)={r8, 0x0, 0x0}, 0x10) fanotify_mark(r0, 0x7e, 0x8001010, 0xffffffffffffffff, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) 29.514264193s ago: executing program 3 (id=301): syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file0\x00', 0x204404, &(0x7f0000000240)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c756e695f786c6174653d312c756e695f786c6174653d302c757466383d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c696f636861727365743d64656661756c742c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c726f6469722c757466383d302c6572726f72733d72656d6f756e742d726f2c6572726f72733d636f6e74696e75652c756e695f786c6174653d302c756e695f786c6174653d302c646d61736b3d30303030303030303030303030303030303030303030312c747a3d5554432c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c6572726f72733d72656d6f756e742d726f2c6e6f6e756d7461696c3d302c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c726f6469722c696f636861727365743d63703733372c73686f72746e616d653d77696e39352c696f636861727365743d6370313235312c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c6e6f6e756d7461696c02002c00"], 0x6, 0x2d1, &(0x7f0000000740)="$eJzs3T9rJGUcB/DfbGb/qMVuYSWCA1pYHZdrbTbIHYipPLY4LTR4dyDZRUgg4h9cU4mdjaWvQBB8ITZ2loKtYGeEwMjMzmR3k3GzkWxE8/kUyZOZ5zvP73lmkkyTJ++9ONl/nMXT489+iV4vidawG3GSxCBaUfsilgy/DgDgv+wkz+P3fKbh9M9frcj2NlgXALA5l/z+r6Tlx0dFjx9urjYAYDMePnr7zZ3d3ftvZVkvHky+PBolEVF8np3feRofxDiexN3ox2lE+aLQjvJtoWg+yPN8mmaFQbwymR6NiuTk3R+r6+/8FlHmt6Mfg/LQ2dtGmX9j9/52NrOQnxZ1PFuNPyzy96Ifz5+Fl/L3GvIx6sSrLy/Ufyf68dP78WGM43FZxDz/+XaWvZ5/88en7xTlFflkejTqlv3m8q168OkN3yMAAAAAAAAAAAAAAAAAAAAAAP5/7lR753Sj3L+nOFTtv7N1WnzRjqw2WN6fZ5ZP6gvN9weKVp7n0zy+rffXuZtlWV51nOfTeCGtNhYEAAAAAAAAAAAAAAAAAACAW+7w40/298bjJwfX0qh3A0gj4s+HEf/0OsOFIy/F6s7dasy98bhVNZf7pItHYqvuk0SsLKOYxDUty2WNZy7UXDW++74xVczoMI2mU73LB203j3XFxkft2To29qmfrv29pHkNu2fF94obF+dvXCeaR2/HuSOdv6uwfhTXm06n8VT/ysvSea5sTFf0iWTV98Vrv87KXpjFUp9OuaqN8XbVWIifezbWep6jN4tf/FmR2K0DAAAAAAAAAAAAAAAAAAA2av7Xvw0nj1dGW3l3Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI2a////dRrpcniNVCcODv+tuQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB7/BUAAP//vaZV2Q==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x143042, 0x58) openat$rtc(0xffffffffffffff9c, 0x0, 0x200, 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) prlimit64(0x0, 0xa74f4d2231f8950a, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) fallocate(r0, 0x0, 0x9, 0x10001) 21.898320278s ago: executing program 3 (id=307): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000440)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==") openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x600, 0x0, 0x69, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) getsockopt$IP_SET_OP_GET_BYINDEX(0xffffffffffffffff, 0x1, 0x53, 0x0, 0x0) read$msr(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xfe, 0x485, &(0x7f0000001500)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b) 19.018279693s ago: executing program 3 (id=311): read$FUSE(0xffffffffffffffff, &(0x7f0000000d80)={0x2020}, 0x2020) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) r2 = socket$packet(0x11, 0x3, 0x300) socket$nl_route(0x10, 0x3, 0x0) sendto$packet(r2, 0x0, 0x0, 0x24000801, &(0x7f0000000300)={0x11, 0x8100, 0x0, 0x1, 0x8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}, 0x14) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000d00)=""/69, 0x0, 0x54000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000c00)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000c80)=""/86}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000340)=0x1) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000380)={0x0, 0x3ff, 0x5}) 18.306803363s ago: executing program 35 (id=311): read$FUSE(0xffffffffffffffff, &(0x7f0000000d80)={0x2020}, 0x2020) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) r2 = socket$packet(0x11, 0x3, 0x300) socket$nl_route(0x10, 0x3, 0x0) sendto$packet(r2, 0x0, 0x0, 0x24000801, &(0x7f0000000300)={0x11, 0x8100, 0x0, 0x1, 0x8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}, 0x14) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000d00)=""/69, 0x0, 0x54000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000c00)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000c80)=""/86}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000340)=0x1) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000380)={0x0, 0x3ff, 0x5}) 14.740735177s ago: executing program 0 (id=315): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x1, 0x40, 0x5, 0x41}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 12.017965563s ago: executing program 5 (id=317): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000003c0)=0x1b) readv(r4, &(0x7f0000000600)=[{0x0}], 0x1) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r5, 0x0, 0x0) syz_pidfd_open(0x0, 0x0) futex(&(0x7f0000000180)=0x1, 0x0, 0x1, &(0x7f0000000200), &(0x7f0000000240)=0x1, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x0, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="260a00000000000061119c0000000000180000000000000000000000000000009500000000000000eb1249ca58eed7ca1c3d9303a7df8a927e710c78b14ad1b7feea5688ef2f07322696913ea0f5fc1344044fcbcacd881878538323e0253efe22922ae4c17bb9b3de4240d2ff74deb284853aa4355e8e6a7e88671f317c2275c4fc98d1ed95542a83fe0b1e1f02f7cb8a36c03cc83d6a79d9083e02aa1474beef0c420dd5a6b7244306"], &(0x7f0000000000)='GPL\x00'}, 0x80) mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x9) ioctl$sock_SIOCSPGRP(r5, 0x8902, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000780)={{0x5, 0x0, 0x0, 0xfffffffd, 'syz1\x00'}, 0x0, [0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x2, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0xfffffffffffffffd, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9, 0xffffffffffffffff, 0x0, 0xd451, 0x0, 0x0, 0x0, 0x8, 0x800, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x2, 0x5, 0x10000, 0x4, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x274, 0x0, 0x800, 0x80000000000, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffffffffffe, 0x3, 0xfffffffffffffffe, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x5, 0x0, 0x7fffffffffffffff, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff80000000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffffffffffe, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9, 0x1, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x80000001, 0x0, 0x2, 0x0, 0x80000000]}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) ppoll(&(0x7f0000000140)=[{r4, 0x241}, {0xffffffffffffffff, 0x9002}, {0xffffffffffffffff, 0x85}, {0xffffffffffffffff, 0x1000}, {0xffffffffffffffff, 0x4468}, {r6, 0x80}], 0x6, &(0x7f0000000280)={0x77359400}, &(0x7f00000002c0)={[0x6]}, 0x8) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) 10.382098337s ago: executing program 5 (id=318): chmod(&(0x7f0000000100)='./file0\x00', 0xed) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="800000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c000280050001000000000008000740000000011c00108008000140000000000800024000000000080003"], 0x80}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r4, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="02030003120000002cbd7000fbdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af05000600000000000a00000000000000000000000000000000000000000000010b0000000000000002000100000000000000070c0000000005000500000000000a00000000000000fc0100000000000000000000000000010700000000000000010014"], 0x90}, 0x1, 0x7}, 0x0) 8.935975219s ago: executing program 0 (id=319): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000440)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==") openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x600, 0x0, 0x69, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) r2 = syz_open_dev$MSR(0x0, 0x0, 0x0) read$msr(r2, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xfe, 0x485, &(0x7f0000001500)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000040), 0x208e24b) 7.271962724s ago: executing program 0 (id=320): r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000040)=@base={0x16, 0x0, 0xb4, 0x7f}, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/address_bits', 0x8002, 0x8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0xa, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @generic={0x79, 0x0, 0x0, 0x110}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x4}, 0x94) bind$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x4e23, @broadcast}, 0x10) open(0x0, 0x40140, 0xa) syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file1\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x6, 0x229, &(0x7f00000005c0)="$eJzsmL9rFEEUx79vbm+9FRFtUthYGDCiucvtoaQ5NIJgJULir0oPs4aYS04uK5iAmGBjo52FkMbCf8AihZWFnf+AoIUKgoVXWNjYjMzO3N7k5s49l+t8n2L4zsybH+/tm1csGIb5b/n65dfnp+dnF04BOIBJ7DPj3wsAkda01bP/9OL+yef1CzuvP756t3bw4Zv+/dQSKfcOlP5yvgfg7VwBcdIT9urfSkyazgJEqq9A4ITR10AoG30LAleNjkC4YfRdS7eUfbl8Z7kZlW+3motKzKimqppQNbX++3W2CYumL6WUZM2vb2yuNJrNqG0Jz8wNmMol0sNWJpz4FeGjMydQt+6nonj9yeNt1e/GZsaKXxUCVeNEDYR5Mz6LnW5sdEgs/494vf0Ljv8DvCWTDECWkyUt6j/HEixbHJ7Ot3xKuXPOnTqEPNfA3lVF9KZUJIcuH5Ze/5Y6ifCyc/Gs+aA5zrrU74V8NPgBPAsAjP0ruyKXF10x0aH37tQ3LcTQfJaUfQSNnj+lUe/cfYj5IxZA+ZWOeGP6FsCHXV0/5EvCcas+eVb9qMSr9yrrG5vTy6uNpWgpWgvD2hkCtk6HlaQQ6dape736HCT1aT+CdP/iEFtf+HjQiON2Vbc++QgQx+0w6YfWs5nfbf24aZbFuAjgmO6okuanOxacM8jXNiKxVWrKNWIYhmEYhmEYhmEYhmEYhsnFUVDyFzSD8HJi/ScAAP//bUVZjQ==") r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TCSETAF(r4, 0x5408, &(0x7f00000000c0)={0xcf47, 0x3, 0xffff, 0x9dff, 0x1}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) write$binfmt_aout(r4, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r4, 0x40045431, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r4, 0x0) r5 = dup3(0xffffffffffffffff, r4, 0x0) ioctl$TIOCSTI(r5, 0x5412, 0x0) socket$netlink(0x10, 0x3, 0x1) ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0) 6.138794869s ago: executing program 5 (id=321): r0 = fanotify_init(0x1, 0x2) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000540)='./file5\x00', 0x82c0, 0x0) r2 = getpgrp(0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee7, 0x8031, r1, 0x0) r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socket(0x400000000010, 0x3, 0x0) socket$unix(0x1, 0x5, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x15, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000100850000000100000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000008200000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000a80)={r8, 0x0, 0x0}, 0x10) fanotify_mark(r0, 0x7e, 0x8001010, 0xffffffffffffffff, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) 4.527609062s ago: executing program 5 (id=322): r0 = fanotify_init(0x1, 0x2) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000540)='./file5\x00', 0x82c0, 0x0) r2 = getpgrp(0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee7, 0x8031, r1, 0x0) r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socket(0x400000000010, 0x3, 0x0) socket$unix(0x1, 0x5, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x15, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000100850000000100000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000008200000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) fanotify_mark(r0, 0x7e, 0x8001010, 0xffffffffffffffff, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) 4.113606325s ago: executing program 0 (id=323): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000c00000000000000000000008500000017000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000200"], 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x6, 0xc, &(0x7f0000000140)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xe, 0x0, &(0x7f0000000300)="0101000071a78326c799dbe888a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 2.048689973s ago: executing program 5 (id=324): syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file0\x00', 0x204404, &(0x7f0000000240)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c756e695f786c6174653d312c756e695f786c6174653d302c757466383d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c696f636861727365743d64656661756c742c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c726f6469722c757466383d302c6572726f72733d72656d6f756e742d726f2c6572726f72733d636f6e74696e75652c756e695f786c6174653d302c756e695f786c6174653d302c646d61736b3d30303030303030303030303030303030303030303030312c747a3d5554432c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c6572726f72733d72656d6f756e742d726f2c6e6f6e756d7461696c3d302c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c726f6469722c696f636861727365743d63703733372c73686f72746e616d653d77696e39352c696f636861727365743d6370313235312c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c6e6f6e756d7461696c02002c00"], 0x6, 0x2d1, &(0x7f0000000740)="$eJzs3T9rJGUcB/DfbGb/qMVuYSWCA1pYHZdrbTbIHYipPLY4LTR4dyDZRUgg4h9cU4mdjaWvQBB8ITZ2loKtYGeEwMjMzmR3k3GzkWxE8/kUyZOZ5zvP73lmkkyTJ++9ONl/nMXT489+iV4vidawG3GSxCBaUfsilgy/DgDgv+wkz+P3fKbh9M9frcj2NlgXALA5l/z+r6Tlx0dFjx9urjYAYDMePnr7zZ3d3ftvZVkvHky+PBolEVF8np3feRofxDiexN3ox2lE+aLQjvJtoWg+yPN8mmaFQbwymR6NiuTk3R+r6+/8FlHmt6Mfg/LQ2dtGmX9j9/52NrOQnxZ1PFuNPyzy96Ifz5+Fl/L3GvIx6sSrLy/Ufyf68dP78WGM43FZxDz/+XaWvZ5/88en7xTlFflkejTqlv3m8q168OkN3yMAAAAAAAAAAAAAAAAAAAAAAP5/7lR753Sj3L+nOFTtv7N1WnzRjqw2WN6fZ5ZP6gvN9weKVp7n0zy+rffXuZtlWV51nOfTeCGtNhYEAAAAAAAAAAAAAAAAAACAW+7w40/298bjJwfX0qh3A0gj4s+HEf/0OsOFIy/F6s7dasy98bhVNZf7pItHYqvuk0SsLKOYxDUty2WNZy7UXDW++74xVczoMI2mU73LB203j3XFxkft2To29qmfrv29pHkNu2fF94obF+dvXCeaR2/HuSOdv6uwfhTXm06n8VT/ysvSea5sTFf0iWTV98Vrv87KXpjFUp9OuaqN8XbVWIifezbWep6jN4tf/FmR2K0DAAAAAAAAAAAAAAAAAAA2av7Xvw0nj1dGW3l3Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI2a////dRrpcniNVCcODv+tuQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB7/BUAAP//vaZV2Q==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x143042, 0x58) openat$rtc(0xffffffffffffff9c, 0x0, 0x200, 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) prlimit64(0x0, 0xa74f4d2231f8950a, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) fallocate(r0, 0x0, 0x9, 0x10001) 2.005046916s ago: executing program 0 (id=325): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x1, 0x40, 0x5, 0x41}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 13.86177ms ago: executing program 5 (id=326): socket$igmp(0x2, 0x3, 0x2) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) 0s ago: executing program 0 (id=327): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000440)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==") openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x600, 0x0, 0x69, 0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(0x0, 0x0, 0x0) read$msr(r1, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xfe, 0x485, &(0x7f0000001500)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.31' (ED25519) to the list of known hosts. [ 83.556781][ T5756] cgroup: Unknown subsys name 'net' [ 83.696453][ T5756] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 85.378820][ T5756] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 87.695638][ T5774] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 87.705807][ T5774] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 87.713776][ T5774] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 87.722223][ T5774] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 87.733213][ T5774] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 87.741386][ T5774] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.788376][ T5778] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 87.804091][ T5783] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 87.809243][ T5083] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 87.814701][ T5783] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 87.828125][ T5083] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.828158][ T5783] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 87.838334][ T5083] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.849902][ T5783] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 87.853051][ T5778] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.861365][ T5783] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 87.867580][ T5778] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 87.878400][ T5783] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 87.886118][ T5783] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.888929][ T5778] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 87.901237][ T5778] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 87.909003][ T5778] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.963947][ T5783] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 87.971557][ T5783] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.584247][ T5782] chnl_net:caif_netlink_parms(): no params data found [ 88.631915][ T5769] chnl_net:caif_netlink_parms(): no params data found [ 88.727504][ T5772] chnl_net:caif_netlink_parms(): no params data found [ 88.754235][ T5771] chnl_net:caif_netlink_parms(): no params data found [ 88.826497][ T5782] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.833842][ T5782] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.841976][ T5782] bridge_slave_0: entered allmulticast mode [ 88.849667][ T5782] bridge_slave_0: entered promiscuous mode [ 88.867582][ T5782] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.874824][ T5782] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.882390][ T5782] bridge_slave_1: entered allmulticast mode [ 88.890857][ T5782] bridge_slave_1: entered promiscuous mode [ 88.992978][ T5769] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.000369][ T5769] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.007543][ T5769] bridge_slave_0: entered allmulticast mode [ 89.014909][ T5769] bridge_slave_0: entered promiscuous mode [ 89.030592][ T5769] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.037851][ T5769] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.045305][ T5769] bridge_slave_1: entered allmulticast mode [ 89.052843][ T5769] bridge_slave_1: entered promiscuous mode [ 89.062905][ T5782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.079112][ T5782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.101378][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.108964][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.116227][ T5772] bridge_slave_0: entered allmulticast mode [ 89.124102][ T5772] bridge_slave_0: entered promiscuous mode [ 89.166553][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.173895][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.181477][ T5772] bridge_slave_1: entered allmulticast mode [ 89.189462][ T5772] bridge_slave_1: entered promiscuous mode [ 89.255982][ T5769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.269288][ T5769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.282122][ T5782] team0: Port device team_slave_0 added [ 89.291704][ T5782] team0: Port device team_slave_1 added [ 89.313268][ T5772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.322912][ T5771] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.333317][ T5771] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.340774][ T5771] bridge_slave_0: entered allmulticast mode [ 89.347855][ T5771] bridge_slave_0: entered promiscuous mode [ 89.392168][ T5772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.401846][ T5771] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.409249][ T5771] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.416453][ T5771] bridge_slave_1: entered allmulticast mode [ 89.424088][ T5771] bridge_slave_1: entered promiscuous mode [ 89.443517][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.450685][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.479894][ T5782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.516767][ T5769] team0: Port device team_slave_0 added [ 89.533790][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.540925][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.567011][ T5782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.612540][ T5771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.624054][ T5769] team0: Port device team_slave_1 added [ 89.658767][ T5772] team0: Port device team_slave_0 added [ 89.667222][ T5771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.686325][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.693609][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.719888][ T5769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.732896][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.739983][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.766062][ T5769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.792251][ T5772] team0: Port device team_slave_1 added [ 89.829084][ T5771] team0: Port device team_slave_0 added [ 89.863326][ T5782] hsr_slave_0: entered promiscuous mode [ 89.870327][ T5782] hsr_slave_1: entered promiscuous mode [ 89.884551][ T5771] team0: Port device team_slave_1 added [ 89.892113][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.902163][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.931199][ T5772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.944111][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.951497][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.978443][ T5772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.978710][ T5783] Bluetooth: hci3: command tx timeout [ 89.995088][ T51] Bluetooth: hci0: command tx timeout [ 89.995110][ T5781] Bluetooth: hci2: command tx timeout [ 90.048590][ T51] Bluetooth: hci1: command tx timeout [ 90.085609][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.092911][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.122153][ T5771] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.150280][ T5772] hsr_slave_0: entered promiscuous mode [ 90.156717][ T5772] hsr_slave_1: entered promiscuous mode [ 90.163693][ T5772] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.171597][ T5772] Cannot create hsr debugfs directory [ 90.193287][ T5769] hsr_slave_0: entered promiscuous mode [ 90.200466][ T5769] hsr_slave_1: entered promiscuous mode [ 90.206711][ T5769] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.214415][ T5769] Cannot create hsr debugfs directory [ 90.222144][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.230729][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.258230][ T5771] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.382870][ T5771] hsr_slave_0: entered promiscuous mode [ 90.390475][ T5771] hsr_slave_1: entered promiscuous mode [ 90.396711][ T5771] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.404539][ T5771] Cannot create hsr debugfs directory [ 90.787496][ T5782] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 90.802278][ T5782] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 90.814606][ T5782] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 90.825991][ T5782] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 90.915079][ T5771] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 90.931316][ T5771] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 90.945306][ T5771] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 90.956231][ T5771] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 91.095694][ T5769] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 91.123797][ T5782] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.131987][ T5769] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 91.144130][ T5769] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 91.174562][ T5769] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 91.238626][ T5772] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 91.253456][ T5772] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 91.264131][ T5772] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 91.276117][ T5772] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 91.302747][ T5782] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.354220][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.361674][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.380471][ T1005] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.387688][ T1005] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.426584][ T5771] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.495877][ T5771] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.522099][ T1005] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.529317][ T1005] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.571867][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.579089][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.684259][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.701615][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.753060][ T5769] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.787772][ T5772] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.807526][ T1005] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.814765][ T1005] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.845125][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.852336][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.899636][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.906883][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.945433][ T1323] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.952803][ T1323] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.041126][ T51] Bluetooth: hci2: command tx timeout [ 92.054781][ T51] Bluetooth: hci0: command tx timeout [ 92.060567][ T51] Bluetooth: hci3: command tx timeout [ 92.119573][ T5783] Bluetooth: hci1: command tx timeout [ 92.164157][ T5772] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 92.215759][ T788] cfg80211: failed to load regulatory.db [ 92.273677][ T5771] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.367418][ T5782] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.385924][ T5771] veth0_vlan: entered promiscuous mode [ 92.469249][ T5771] veth1_vlan: entered promiscuous mode [ 92.551214][ T5782] veth0_vlan: entered promiscuous mode [ 92.602776][ T5771] veth0_macvtap: entered promiscuous mode [ 92.623517][ T5771] veth1_macvtap: entered promiscuous mode [ 92.640976][ T5782] veth1_vlan: entered promiscuous mode [ 92.684869][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.713771][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.742942][ T5771] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.752363][ T5771] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.763356][ T5771] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.773520][ T5771] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.829312][ T5782] veth0_macvtap: entered promiscuous mode [ 92.884803][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.903881][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.934062][ T5782] veth1_macvtap: entered promiscuous mode [ 92.979917][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.995619][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.045644][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.060035][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.071675][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.087334][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.102114][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.111342][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.122390][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.133897][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.145991][ T5782] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.155097][ T5782] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.166871][ T5782] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.175865][ T5782] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.240097][ T5772] veth0_vlan: entered promiscuous mode [ 93.316267][ T5769] veth0_vlan: entered promiscuous mode [ 93.344985][ T5772] veth1_vlan: entered promiscuous mode [ 93.432140][ T5769] veth1_vlan: entered promiscuous mode [ 93.480280][ T5861] loop2: detected capacity change from 0 to 7 [ 93.500011][ T988] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.514979][ T5861] Dev loop2: unable to read RDB block 7 [ 93.521124][ T5861] loop2: unable to read partition table [ 93.527056][ T5861] loop2: partition table beyond EOD, truncated [ 93.528238][ T988] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.540223][ T5861] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 93.643295][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.659885][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.679549][ T5772] veth0_macvtap: entered promiscuous mode [ 93.711299][ T5769] veth0_macvtap: entered promiscuous mode [ 93.729601][ T5769] veth1_macvtap: entered promiscuous mode [ 93.738912][ T5772] veth1_macvtap: entered promiscuous mode [ 93.810910][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.825238][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.835183][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.846887][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.858821][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.937458][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.976669][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.989560][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 94.007166][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.017320][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 94.037786][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.056183][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.066598][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.077425][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.093814][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.105947][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.126357][ T5783] Bluetooth: hci3: command tx timeout [ 94.126383][ T51] Bluetooth: hci0: command tx timeout [ 94.134123][ T5783] Bluetooth: hci2: command tx timeout [ 94.151309][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.177844][ T5769] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.190948][ T5769] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.201332][ T5783] Bluetooth: hci1: command tx timeout [ 94.207701][ T5769] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.218472][ T5769] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.328999][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.347241][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.367481][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.397918][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.407799][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.438733][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.460017][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.675696][ T5772] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.733494][ T5772] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.820739][ T5772] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.829582][ T5772] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.312306][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 95.443530][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.507910][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.648026][ T5882] syz.3.9[5882]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 95.691780][ T5882] loop3: detected capacity change from 0 to 128 [ 95.701110][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.720615][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.758191][ T5882] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 95.791092][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 95.819727][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.851019][ T5882] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 95.988027][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.125545][ T1005] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.174762][ T1005] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.198997][ T5783] Bluetooth: hci2: command tx timeout [ 96.200549][ T51] Bluetooth: hci0: command tx timeout [ 96.204497][ T5783] Bluetooth: hci3: command tx timeout [ 96.279018][ T5783] Bluetooth: hci1: command tx timeout [ 98.031024][ T5898] loop1: detected capacity change from 0 to 512 [ 98.384117][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 98.486335][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 98.549623][ T5898] EXT4-fs: Ignoring removed bh option [ 98.594471][ T5898] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 98.793480][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 98.838228][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 98.895827][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 99.103358][ T5898] EXT4-fs (loop1): 1 truncate cleaned up [ 99.137479][ T5898] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.439248][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 99.658215][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.824064][ T5933] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 100.923355][ T5935] loop3: detected capacity change from 0 to 1024 [ 101.187656][ T5939] loop0: detected capacity change from 0 to 4096 [ 101.276688][ T5939] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.369404][ T5941] support for the xor transformation has been removed. [ 101.458005][ T27] audit: type=1800 audit(1770514055.654:2): pid=5939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.20" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 101.600716][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.661046][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 101.670233][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 103.480637][ T5952] loop3: detected capacity change from 0 to 512 [ 103.507592][ T5952] ======================================================= [ 103.507592][ T5952] WARNING: The mand mount option has been deprecated and [ 103.507592][ T5952] and is ignored by this kernel. Remove the mand [ 103.507592][ T5952] option from the mount to silence this warning. [ 103.507592][ T5952] ======================================================= [ 103.556872][ T967] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 103.859056][ T967] usb 2-1: Using ep0 maxpacket: 16 [ 103.867666][ T5952] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 103.949959][ T967] usb 2-1: config 8 has an invalid interface number: 189 but max is 0 [ 104.028888][ T967] usb 2-1: config 8 has no interface number 0 [ 104.066774][ T967] usb 2-1: string descriptor 0 read error: -22 [ 104.108583][ T967] usb 2-1: New USB device found, idVendor=0ace, idProduct=20ff, bcdDevice= 1.01 [ 104.138111][ T967] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.903521][ T967] usb-storage 2-1:8.189: USB Mass Storage device detected [ 104.962499][ T967] usb-storage 2-1:8.189: device ignored [ 105.298925][ T5968] loop3: detected capacity change from 0 to 16 [ 106.621991][ T5966] sched: RT throttling activated [ 106.651463][ T5968] erofs: (device loop3): mounted with root inode @ nid 36. [ 106.680345][ T967] usb 2-1: USB disconnect, device number 2 [ 107.368430][ T5972] usb usb8: usbfs: process 5972 (syz.0.28) did not claim interface 0 before use [ 113.994566][ T6006] loop0: detected capacity change from 0 to 16 [ 114.150852][ T6006] erofs: (device loop0): mounted with root inode @ nid 36. [ 115.944216][ T6019] loop0: detected capacity change from 0 to 512 [ 116.003429][ T6019] ext4: Unknown parameter 'fsuuid' [ 119.598027][ T788] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 119.821655][ T788] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 119.858265][ T788] usb 2-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 119.899853][ T788] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 121.609398][ T788] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 121.641892][ T788] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 121.655653][ T788] usb 2-1: SerialNumber: syz [ 122.150218][ T788] cdc_acm 2-1:1.0: skipping garbage [ 122.190478][ T788] cdc_acm 2-1:1.0: skipping garbage [ 122.195754][ T788] cdc_acm 2-1:1.0: skipping garbage [ 122.359837][ T6053] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 124.461715][ T9] usb 2-1: USB disconnect, device number 3 [ 125.231959][ T6061] loop1: detected capacity change from 0 to 1024 [ 125.433060][ T6064] loop3: detected capacity change from 0 to 2048 [ 125.509656][ T6064] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 127.151801][ T6080] loop2: detected capacity change from 0 to 1024 [ 127.616435][ T6068] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set [ 128.443588][ T6084] loop0: detected capacity change from 0 to 16 [ 128.642530][ T6084] erofs: (device loop0): mounted with root inode @ nid 36. [ 129.119282][ T5782] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.447741][ T59] hfsplus: b-tree write err: -5, ino 4 [ 131.466771][ T9] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 132.030976][ T9] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 132.096293][ T6104] loop1: detected capacity change from 0 to 512 [ 132.105132][ T9] usb 3-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 132.182291][ T9] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 132.251975][ T9] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 132.273921][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 132.287317][ T9] usb 3-1: SerialNumber: syz [ 132.324004][ T9] cdc_acm 3-1:1.0: skipping garbage [ 132.344661][ T9] cdc_acm 3-1:1.0: skipping garbage [ 132.349948][ T9] cdc_acm 3-1:1.0: skipping garbage [ 132.773876][ T8] usb 3-1: USB disconnect, device number 2 [ 134.862256][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 134.883527][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 135.663535][ T8] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 135.953719][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 135.977680][ T8] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 136.022852][ T8] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 136.061207][ T8] usb 3-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28 [ 136.104088][ T8] usb 3-1: config 0 interface 0 has no altsetting 0 [ 136.110818][ T8] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 136.163021][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.195066][ T6130] loop0: detected capacity change from 0 to 2048 [ 136.212216][ T8] usb 3-1: config 0 descriptor?? [ 136.260677][ T6130] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 136.503489][ T788] kernel write not supported for file bpf-prog (pid: 788 comm: kworker/1:2) [ 136.553566][ T6134] loop1: detected capacity change from 0 to 2048 [ 136.623764][ T6134] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 136.895455][ T6126] loop2: detected capacity change from 0 to 2048 [ 137.210461][ T6138] loop3: detected capacity change from 0 to 1024 [ 137.243022][ T6126] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 137.402967][ T6126] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 137.471597][ T8] hid (null): global environment stack underflow [ 137.502151][ T8] hid (null): unknown global tag 0xc [ 137.507540][ T8] hid (null): unknown global tag 0xd [ 137.569387][ T8] hid (null): unknown global tag 0xe [ 137.585209][ T8] hid (null): unknown global tag 0xc [ 137.605495][ T8] hid (null): unknown global tag 0xe [ 137.626341][ T8] hid (null): unknown global tag 0xf0 [ 137.631815][ T8] hid (null): unknown global tag 0xd [ 137.697595][ T8] hid (null): invalid report_count 20617 [ 137.714360][ T8] hid (null): unknown global tag 0xd [ 137.719746][ T8] hid (null): unknown global tag 0xd [ 137.731028][ T8] hid (null): unknown global tag 0xe [ 137.736517][ T5828] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 137.766900][ T8] hid (null): unknown global tag 0xd [ 137.787331][ T8] hid (null): unknown global tag 0xd [ 137.955704][ T5828] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 137.966187][ T5828] usb 1-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 137.986121][ T5828] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 138.012707][ T5828] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 138.032485][ T5828] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 138.032571][ T8] hid (null): unknown global tag 0xe [ 138.041046][ T5828] usb 1-1: SerialNumber: syz [ 138.218956][ T6148] loop1: detected capacity change from 0 to 2048 [ 138.289521][ T6148] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 138.428771][ T5828] cdc_acm 1-1:1.0: skipping garbage [ 138.586723][ T5828] cdc_acm 1-1:1.0: skipping garbage [ 138.854017][ T5828] cdc_acm 1-1:1.0: skipping garbage [ 140.097926][ T8] hid (null): unknown global tag 0xe [ 140.150783][ T8] hid (null): invalid report_count 36403 [ 140.157142][ T8] hid (null): unknown global tag 0xe [ 140.176137][ T5828] usb 1-1: USB disconnect, device number 2 [ 140.211165][ T8] usb 3-1: USB disconnect, device number 3 [ 140.644032][ T6155] loop0: detected capacity change from 0 to 16 [ 140.783213][ T6155] erofs: (device loop0): mounted with root inode @ nid 36. [ 143.819176][ T6180] loop2: detected capacity change from 0 to 256 [ 143.884853][ T6180] exFAT-fs (loop2): error, The cluster chain has a loop [ 143.908974][ T6180] exFAT-fs (loop2): Filesystem has been set read-only [ 143.915839][ T6180] exFAT-fs (loop2): failed to count the number of clusters in root [ 143.969915][ T6180] exFAT-fs (loop2): failed to recognize exfat type [ 145.988121][ T5758] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 146.182632][ T5758] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 146.234516][ T5758] usb 1-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 146.413842][ T5758] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 146.429361][ T5758] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 146.438533][ T5758] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 146.446685][ T5758] usb 1-1: SerialNumber: syz [ 146.465547][ T5758] cdc_acm 1-1:1.0: skipping garbage [ 146.477615][ T5758] cdc_acm 1-1:1.0: skipping garbage [ 146.483892][ T5758] cdc_acm 1-1:1.0: skipping garbage [ 147.073132][ T788] usb 1-1: USB disconnect, device number 3 [ 147.434086][ T6195] loop3: detected capacity change from 0 to 1024 [ 147.663431][ T6195] hfsplus: invalid file type 0174377 for inode 21 [ 147.749282][ T6195] hfsplus: invalid file type 0174377 for inode 21 [ 148.001216][ T6199] loop0: detected capacity change from 0 to 1024 [ 148.240081][ T6199] x_tables: ip6_tables: icmp6 match: only valid for protocol 58 [ 155.823123][ T788] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 156.312194][ T788] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 157.513839][ T788] usb 3-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 157.552185][ T788] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 157.713625][ T788] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 157.730586][ T788] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 157.741917][ T788] usb 3-1: SerialNumber: syz [ 157.759233][ T788] cdc_acm 3-1:1.0: skipping garbage [ 157.772017][ T788] cdc_acm 3-1:1.0: skipping garbage [ 157.779288][ T788] cdc_acm 3-1:1.0: skipping garbage [ 159.555379][ T788] usb 3-1: USB disconnect, device number 4 [ 160.071633][ T6255] loop2: detected capacity change from 0 to 1024 [ 160.147034][ T6255] hfsplus: invalid file type 0174377 for inode 21 [ 160.193780][ T6255] hfsplus: invalid file type 0174377 for inode 21 [ 161.674710][ T6261] loop1: detected capacity change from 0 to 256 [ 161.845538][ T6261] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 161.884010][ T6261] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 161.906658][ T6261] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 162.069814][ T27] audit: type=1800 audit(1770514116.148:3): pid=6261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.104" name="file1" dev="loop1" ino=1048592 res=0 errno=0 [ 162.314125][ T6265] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 162.325458][ T6265] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 162.335722][ T6265] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 162.374396][ T6264] syz.3.107 (6264) used greatest stack depth: 19984 bytes left [ 165.595062][ T6274] bond0: (slave bond_slave_0): Releasing backup interface [ 166.057842][ T5769] FAT-fs (loop1): error, corrupted directory (invalid entries) [ 166.067426][ T5769] FAT-fs (loop1): error, corrupted directory (invalid entries) [ 166.121336][ T6283] loop3: detected capacity change from 0 to 2048 [ 166.135658][ T6283] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 166.276253][ T5821] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 166.481105][ T5821] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 166.498463][ T5821] usb 3-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 166.554064][ T5821] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 166.609694][ T5821] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 166.631914][ T5821] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 166.640434][ T5821] usb 3-1: SerialNumber: syz [ 166.670482][ T5821] cdc_acm 3-1:1.0: skipping garbage [ 166.675762][ T5821] cdc_acm 3-1:1.0: skipping garbage [ 166.686022][ T5821] cdc_acm 3-1:1.0: skipping garbage [ 168.602155][ T59] kworker/u4:4: attempt to access beyond end of device [ 168.602155][ T59] loop1: rw=1, sector=256, nr_sectors = 288 limit=256 [ 168.618823][ T59] kworker/u4:4: attempt to access beyond end of device [ 168.618823][ T59] loop1: rw=1, sector=608, nr_sectors = 416 limit=256 [ 168.648541][ T59] kworker/u4:4: attempt to access beyond end of device [ 168.648541][ T59] loop1: rw=1, sector=1056, nr_sectors = 1496 limit=256 [ 168.707965][ T1126] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.910652][ T1126] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.105479][ T1126] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.195008][ T6295] loop0: detected capacity change from 0 to 1024 [ 169.308220][ T6295] hfsplus: invalid file type 0174377 for inode 21 [ 169.349987][ T1126] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.363359][ T6295] hfsplus: invalid file type 0174377 for inode 21 [ 169.451039][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 169.462797][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 169.506611][ T788] usb 3-1: USB disconnect, device number 5 [ 169.514330][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 169.537973][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 169.546716][ T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 169.554605][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 169.968940][ T6303] netlink: 8 bytes leftover after parsing attributes in process `syz.2.122'. [ 169.998245][ T6303] netlink: 'syz.2.122': attribute type 8 has an invalid length. [ 171.997207][ T51] Bluetooth: hci0: command tx timeout [ 172.335487][ T6319] loop3: detected capacity change from 0 to 2048 [ 172.402728][ T6319] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 173.357671][ T6297] chnl_net:caif_netlink_parms(): no params data found [ 174.040820][ T51] Bluetooth: hci0: command tx timeout [ 174.124051][ T6340] loop0: detected capacity change from 0 to 256 [ 175.284967][ T6348] syz.2.124 uses obsolete (PF_INET,SOCK_PACKET) [ 176.316028][ T51] Bluetooth: hci0: command tx timeout [ 177.648695][ T6297] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.662118][ T6297] bridge0: port 1(bridge_slave_0) entered disabled state [ 177.669515][ T6297] bridge_slave_0: entered allmulticast mode [ 177.693549][ T6297] bridge_slave_0: entered promiscuous mode [ 177.714542][ T6297] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.742018][ T6297] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.749317][ T6297] bridge_slave_1: entered allmulticast mode [ 177.793473][ T6297] bridge_slave_1: entered promiscuous mode [ 179.384511][ T51] Bluetooth: hci0: command tx timeout [ 179.472555][ T6297] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 179.543974][ T6297] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 179.912054][ T6297] team0: Port device team_slave_0 added [ 179.992754][ T6297] team0: Port device team_slave_1 added [ 180.261693][ T6297] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 180.268722][ T6297] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.351162][ T6297] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 180.441413][ T1126] hsr_slave_0: left promiscuous mode [ 180.451155][ T1126] hsr_slave_1: left promiscuous mode [ 180.480828][ T1126] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 180.488364][ T1126] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 180.536391][ T1126] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 180.570977][ T1126] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 180.603215][ T1126] bridge_slave_1: left allmulticast mode [ 180.608934][ T1126] bridge_slave_1: left promiscuous mode [ 180.642301][ T1126] bridge0: port 2(bridge_slave_1) entered disabled state [ 180.722166][ T1126] bridge_slave_0: left allmulticast mode [ 180.727897][ T1126] bridge_slave_0: left promiscuous mode [ 180.751755][ T1126] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.850639][ T6375] loop3: detected capacity change from 0 to 512 [ 180.853864][ T6373] loop2: detected capacity change from 0 to 2048 [ 180.893088][ T1126] veth1_macvtap: left promiscuous mode [ 180.899131][ T1126] veth0_macvtap: left promiscuous mode [ 180.909886][ T6377] loop0: detected capacity change from 0 to 512 [ 180.921592][ T6373] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 180.942569][ T1126] veth1_vlan: left promiscuous mode [ 180.948291][ T1126] veth0_vlan: left promiscuous mode [ 180.957782][ T6377] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities [ 180.991050][ T6375] EXT4-fs error (device loop3): ext4_iget_extra_inode:4732: inode #15: comm syz.3.133: corrupted in-inode xattr: invalid ea_ino [ 181.006061][ T6375] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.133: couldn't read orphan inode 15 (err -117) [ 181.020690][ T6375] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 181.031065][ T5777] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 182.537797][ T5782] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.575466][ T6385] 9pnet_fd: p9_fd_create_tcp (6385): problem connecting socket to 127.0.0.1 [ 182.593197][ T6385] 9pnet_fd: p9_fd_create_tcp (6385): problem connecting socket to 127.0.0.1 [ 182.607299][ T6385] 9pnet_fd: p9_fd_create_tcp (6385): problem connecting socket to 127.0.0.1 [ 182.633129][ T6385] 9pnet_fd: p9_fd_create_tcp (6385): problem connecting socket to 127.0.0.1 [ 182.652976][ T6385] 9pnet_fd: p9_fd_create_tcp (6385): problem connecting socket to 127.0.0.1 [ 182.665660][ T6385] 9pnet_fd: p9_fd_create_tcp (6385): problem connecting socket to 127.0.0.1 [ 182.699632][ T6385] 9pnet_fd: p9_fd_create_tcp (6385): problem connecting socket to 127.0.0.1 [ 182.726903][ T6385] 9pnet_fd: p9_fd_create_tcp (6385): problem connecting socket to 127.0.0.1 [ 182.792390][ T6385] 9pnet_fd: p9_fd_create_tcp (6385): problem connecting socket to 127.0.0.1 [ 182.887481][ T6385] 9pnet_fd: p9_fd_create_tcp (6385): problem connecting socket to 127.0.0.1 [ 182.979948][ T6385] 9pnet_fd: p9_fd_create_tcp (6385): problem connecting socket to 127.0.0.1 [ 183.222078][ T6385] 9pnet_fd: p9_fd_create_tcp (6385): problem connecting socket to 127.0.0.1 [ 183.584292][ T6385] 9pnet_fd: p9_fd_create_tcp (6385): problem connecting socket to 127.0.0.1 [ 185.488933][ T6401] kvm: kvm [6400]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0x5 [ 185.552603][ T6401] kvm: kvm [6400]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x186) = 0x5 [ 186.393769][ T6464] loop3: detected capacity change from 0 to 512 [ 186.447630][ T6464] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 188.023996][ T6474] loop3: detected capacity change from 0 to 2048 [ 188.067975][ T6474] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 188.116556][ T6474] UDF-fs: error (device loop3): udf_read_inode: (ino 1345) failed !bh [ 188.707186][ T1126] team0 (unregistering): Port device team_slave_1 removed [ 188.724892][ T6477] loop3: detected capacity change from 0 to 512 [ 188.768416][ T6477] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e01c, mo2=0002] [ 188.791041][ T6477] System zones: 1-12 [ 188.835313][ T6477] EXT4-fs error (device loop3): dx_probe:823: inode #2: comm syz.3.144: Directory hole found for htree index block 0 [ 188.887679][ T1126] team0 (unregistering): Port device team_slave_0 removed [ 188.903027][ T6477] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 188.911446][ T6477] EXT4-fs error (device loop3): dx_probe:823: inode #2: comm syz.3.144: Directory hole found for htree index block 0 [ 188.936428][ T6477] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 188.946039][ T6477] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 189.000636][ T1126] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 189.087622][ T5782] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.129773][ T1126] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 193.488436][ T1126] bond0 (unregistering): Released all slaves [ 193.741716][ T6297] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 193.768344][ T6297] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 193.831724][ T6297] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 194.649890][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.656888][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.412638][ T6297] hsr_slave_0: entered promiscuous mode [ 195.515176][ T6297] hsr_slave_1: entered promiscuous mode [ 195.578658][ T6297] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 195.635424][ T6297] Cannot create hsr debugfs directory [ 196.569402][ T6525] loop0: detected capacity change from 0 to 1024 [ 196.697725][ T6525] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 196.794101][ T6525] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #3: block 2: comm syz.0.153: lblock 2 mapped to illegal pblock 2 (length 1) [ 198.446283][ T6525] Quota error (device loop0): write_blk: dquota write failed [ 198.504169][ T6525] Quota error (device loop0): find_free_dqentry: Can't write quota data block 2 [ 198.540756][ T6525] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 198.560284][ T6297] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 198.588929][ T6297] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 198.604432][ T6525] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.153: Failed to acquire dquot type 0 [ 198.625876][ T6297] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 198.639971][ T6525] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #3: block 2: comm syz.0.153: lblock 2 mapped to illegal pblock 2 (length 1) [ 198.658313][ T6297] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 198.686262][ T6525] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 198.718759][ T6525] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.153: Failed to acquire dquot type 0 [ 198.748708][ T6525] EXT4-fs error (device loop0): ext4_free_blocks:6692: comm syz.0.153: Freeing blocks not in datazone - block = 0, count = 4096 [ 198.794581][ T6525] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #3: block 2: comm syz.0.153: lblock 2 mapped to illegal pblock 2 (length 1) [ 198.843849][ T6525] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 198.861500][ T6525] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.153: Failed to acquire dquot type 0 [ 198.896420][ T6525] EXT4-fs (loop0): 1 orphan inode deleted [ 198.928430][ T6525] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 199.037763][ T6297] 8021q: adding VLAN 0 to HW filter on device bond0 [ 199.130697][ T6297] 8021q: adding VLAN 0 to HW filter on device team0 [ 199.144578][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.203942][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.211235][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 199.335914][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 199.343155][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 199.624203][ T6556] Zero length message leads to an empty skb [ 201.695561][ T6297] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 204.228503][ T6297] veth0_vlan: entered promiscuous mode [ 204.272952][ T6297] veth1_vlan: entered promiscuous mode [ 204.377352][ T6297] veth0_macvtap: entered promiscuous mode [ 204.425342][ T6297] veth1_macvtap: entered promiscuous mode [ 204.490984][ T6297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 204.508359][ T6297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.519560][ T6297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 204.540390][ T6297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.550803][ T6297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 204.566120][ T6297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.594006][ T6297] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 204.642843][ T6297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 204.698525][ T6297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.728496][ T6297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 204.748954][ T6297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.768480][ T6297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 204.799317][ T6297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.822701][ T6297] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 204.852579][ T6297] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.888359][ T6297] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.897226][ T6297] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.934245][ T6297] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.190987][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 205.223555][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 205.300416][ T545] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 205.324589][ T545] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 208.674163][ T6598] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 212.014811][ T5774] Bluetooth: hci2: command 0x0406 tx timeout [ 212.020921][ T5774] Bluetooth: hci1: command 0x0406 tx timeout [ 212.410283][ T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 212.425368][ T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 212.433709][ T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 212.454780][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 212.469684][ T51] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 212.478605][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 212.750051][ T6646] loop3: detected capacity change from 0 to 512 [ 212.769321][ T6646] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 214.006587][ T6654] loop4: detected capacity change from 0 to 16 [ 214.076809][ T6654] erofs: (device loop4): mounted with root inode @ nid 36. [ 214.768737][ T51] Bluetooth: hci4: command tx timeout [ 214.827971][ T6663] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 214.886050][ T6663] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 215.446522][ T545] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.501498][ T6670] loop3: detected capacity change from 0 to 8 [ 215.531836][ T6640] chnl_net:caif_netlink_parms(): no params data found [ 215.644603][ T6670] SQUASHFS error: Failed to read block 0x4de: -5 [ 215.651995][ T6670] SQUASHFS error: Failed to read block 0x4de: -5 [ 215.728214][ T27] audit: type=1800 audit(1770514169.985:4): pid=6670 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.172" name="file1" dev="loop3" ino=5 res=0 errno=0 [ 215.749874][ T6677] loop0: detected capacity change from 0 to 1024 [ 215.761189][ T6670] SQUASHFS error: Failed to read block 0x4de: -5 [ 215.786206][ T6670] SQUASHFS error: Failed to read block 0x4de: -5 [ 215.829715][ T6670] SQUASHFS error: Failed to read block 0x4de: -5 [ 215.861912][ T545] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.883869][ T6677] hfsplus: invalid file type 0174377 for inode 21 [ 215.893304][ T6670] SQUASHFS error: Failed to read block 0x4de: -5 [ 215.911282][ T6677] hfsplus: invalid file type 0174377 for inode 21 [ 215.929626][ T6679] SQUASHFS error: Failed to read block 0x4de: -5 [ 216.003056][ T6679] SQUASHFS error: Failed to read block 0x4de: -5 [ 216.066884][ T6679] SQUASHFS error: Failed to read block 0x4de: -5 [ 216.100877][ T6679] SQUASHFS error: Failed to read block 0x4de: -5 [ 216.185197][ T545] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.519703][ T6691] loop4: detected capacity change from 0 to 16 [ 216.584194][ T6691] erofs: (device loop4): mounted with root inode @ nid 36. [ 216.688943][ T545] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.824569][ T51] Bluetooth: hci4: command tx timeout [ 217.316916][ T6640] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.352660][ T6640] bridge0: port 1(bridge_slave_0) entered disabled state [ 218.919263][ T51] Bluetooth: hci4: command tx timeout [ 218.938232][ T6640] bridge_slave_0: entered allmulticast mode [ 218.946337][ T6640] bridge_slave_0: entered promiscuous mode [ 219.087981][ T6640] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.096750][ T6640] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.104493][ T6640] bridge_slave_1: entered allmulticast mode [ 219.147378][ T6640] bridge_slave_1: entered promiscuous mode [ 220.946213][ T6640] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 220.960864][ T51] Bluetooth: hci4: command tx timeout [ 221.051858][ T6640] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 221.223396][ T6640] team0: Port device team_slave_0 added [ 221.283512][ T6640] team0: Port device team_slave_1 added [ 221.405103][ T6640] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 221.430116][ T6640] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 221.490031][ T6640] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 221.522905][ T6640] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 221.530461][ T6640] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 221.584068][ T6640] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 222.008332][ T6640] hsr_slave_0: entered promiscuous mode [ 222.064933][ T6640] hsr_slave_1: entered promiscuous mode [ 222.108135][ T6640] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 222.131893][ T6640] Cannot create hsr debugfs directory [ 222.326779][ T28] kernel write not supported for file bpf-prog (pid: 28 comm: kworker/1:1) [ 222.481188][ T6727] loop0: detected capacity change from 0 to 8 [ 223.679249][ T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 225.334548][ T27] audit: type=1326 audit(1770514179.600:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.0.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1079aeb9 code=0x7ffc0000 [ 225.406478][ T27] audit: type=1326 audit(1770514179.630:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.0.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1079aeb9 code=0x7ffc0000 [ 225.482271][ T8] usb 5-1: unable to get BOS descriptor or descriptor too short [ 225.492690][ T27] audit: type=1326 audit(1770514179.630:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.0.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1079aeb9 code=0x7ffc0000 [ 225.514717][ T8] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 119, changing to 7 [ 225.520411][ T8] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 225.568026][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 225.588005][ T8] usb 5-1: Product: syz [ 225.592262][ T8] usb 5-1: Manufacturer: syz [ 225.596916][ T8] usb 5-1: SerialNumber: syz [ 225.598735][ T27] audit: type=1326 audit(1770514179.630:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.0.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f4e1079aeb9 code=0x7ffc0000 [ 225.670635][ T8] usb 5-1: can't set config #1, error -71 [ 225.706415][ T6751] loop0: detected capacity change from 0 to 1024 [ 225.726749][ T8] usb 5-1: USB disconnect, device number 2 [ 225.730077][ T27] audit: type=1326 audit(1770514179.630:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.0.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1079aeb9 code=0x7ffc0000 [ 225.836332][ T27] audit: type=1326 audit(1770514179.630:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.0.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1079aeb9 code=0x7ffc0000 [ 225.871151][ T6751] hfsplus: invalid file type 0174377 for inode 21 [ 225.907256][ T6751] hfsplus: invalid file type 0174377 for inode 21 [ 225.953963][ T27] audit: type=1326 audit(1770514179.630:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.0.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f4e1079aeb9 code=0x7ffc0000 [ 225.999629][ T27] audit: type=1326 audit(1770514179.630:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.0.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f4e1079aeb9 code=0x7ffc0000 [ 227.599186][ T6640] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 227.663210][ T6640] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 227.804517][ T6640] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 227.841946][ T6640] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 227.943691][ T545] hsr_slave_0: left promiscuous mode [ 227.977152][ T545] hsr_slave_1: left promiscuous mode [ 228.022769][ T545] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 228.036098][ T545] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 228.157630][ T545] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 228.193443][ T545] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 228.253765][ T545] bridge_slave_1: left allmulticast mode [ 228.278290][ T545] bridge_slave_1: left promiscuous mode [ 228.284152][ T545] bridge0: port 2(bridge_slave_1) entered disabled state [ 229.884551][ T545] bridge_slave_0: left allmulticast mode [ 229.895907][ T545] bridge_slave_0: left promiscuous mode [ 229.906704][ T545] bridge0: port 1(bridge_slave_0) entered disabled state [ 230.026501][ T545] veth1_macvtap: left promiscuous mode [ 230.032231][ T545] veth0_macvtap: left promiscuous mode [ 230.042627][ T545] veth1_vlan: left promiscuous mode [ 230.055323][ T545] veth0_vlan: left promiscuous mode [ 231.371481][ T6805] loop4: detected capacity change from 0 to 8 [ 232.385177][ T6805] SQUASHFS error: lzo decompression failed, data probably corrupt [ 232.393293][ T6805] SQUASHFS error: Failed to read block 0x91: -5 [ 232.399631][ T6805] SQUASHFS error: Unable to read metadata cache entry [8f] [ 232.406873][ T6805] SQUASHFS error: Unable to read inode 0x11f [ 233.297663][ T6811] loop0: detected capacity change from 0 to 8 [ 233.382951][ T6811] SQUASHFS error: Failed to read block 0x4de: -5 [ 233.391277][ T6811] SQUASHFS error: Failed to read block 0x4de: -5 [ 233.406359][ T27] audit: type=1800 audit(1770514187.674:13): pid=6811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.196" name="file1" dev="loop0" ino=5 res=0 errno=0 [ 233.407576][ T6811] SQUASHFS error: Failed to read block 0x4de: -5 [ 233.450718][ T6811] SQUASHFS error: Failed to read block 0x4de: -5 [ 233.462950][ T6811] SQUASHFS error: Failed to read block 0x4de: -5 [ 233.482450][ T6814] SQUASHFS error: Failed to read block 0x4de: -5 [ 233.499989][ T6811] SQUASHFS error: Failed to read block 0x4de: -5 [ 233.512398][ T6814] SQUASHFS error: Failed to read block 0x4de: -5 [ 233.536409][ T6814] SQUASHFS error: Failed to read block 0x4de: -5 [ 233.543243][ T6814] SQUASHFS error: Failed to read block 0x4de: -5 [ 234.797740][ T6820] loop0: detected capacity change from 0 to 1024 [ 234.819077][ T6820] hfsplus: invalid file type 0174377 for inode 21 [ 234.831292][ T6820] hfsplus: invalid file type 0174377 for inode 21 [ 234.972495][ T545] team0 (unregistering): Port device team_slave_1 removed [ 235.111100][ T545] team0 (unregistering): Port device team_slave_0 removed [ 235.237234][ T545] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 235.346348][ T545] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 237.624456][ T545] bond0 (unregistering): Released all slaves [ 238.241326][ T6640] 8021q: adding VLAN 0 to HW filter on device bond0 [ 238.333994][ T6640] 8021q: adding VLAN 0 to HW filter on device team0 [ 238.439901][ T6441] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.447185][ T6441] bridge0: port 1(bridge_slave_0) entered forwarding state [ 238.503375][ T6441] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.510578][ T6441] bridge0: port 2(bridge_slave_1) entered forwarding state [ 242.153258][ T6640] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 243.103843][ T6640] veth0_vlan: entered promiscuous mode [ 243.170698][ T6640] veth1_vlan: entered promiscuous mode [ 243.324034][ T6640] veth0_macvtap: entered promiscuous mode [ 243.358314][ T6640] veth1_macvtap: entered promiscuous mode [ 243.448245][ T6640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 243.505626][ T6640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.537283][ T6640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 243.568363][ T6640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.624005][ T6640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 243.639762][ T6640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.662637][ T6640] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 243.681048][ T6895] loop0: detected capacity change from 0 to 256 [ 243.696196][ T6892] loop3: detected capacity change from 0 to 1024 [ 243.697428][ T6640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 243.745578][ T6895] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 243.777841][ T6895] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 243.788485][ T6640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.803911][ T6892] hfsplus: invalid file type 0174377 for inode 21 [ 243.809182][ T6640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 243.819903][ T6895] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 243.857809][ T6640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.869118][ T6892] hfsplus: invalid file type 0174377 for inode 21 [ 243.878990][ T27] audit: type=1800 audit(1770514198.149:14): pid=6895 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.208" name="file1" dev="loop0" ino=1048624 res=0 errno=0 [ 243.907592][ T6640] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 243.928680][ T6640] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 244.000830][ T6640] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 244.059593][ T6640] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.068368][ T6640] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.125905][ T6640] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.161910][ T6640] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.434267][ T6453] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 244.488946][ T6453] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 244.602197][ T6441] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 244.631790][ T6441] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 244.852942][ T6896] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 244.864910][ T6896] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 244.875530][ T6896] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 248.945405][ T6453] kworker/u4:21: attempt to access beyond end of device [ 248.945405][ T6453] loop0: rw=1048577, sector=256, nr_sectors = 288 limit=256 [ 250.154948][ T6453] kworker/u4:21: attempt to access beyond end of device [ 250.154948][ T6453] loop0: rw=1048577, sector=608, nr_sectors = 416 limit=256 [ 250.305319][ T6453] kworker/u4:21: attempt to access beyond end of device [ 250.305319][ T6453] loop0: rw=1048577, sector=1056, nr_sectors = 11136 limit=256 [ 250.492330][ T6453] kworker/u4:21: attempt to access beyond end of device [ 250.492330][ T6453] loop0: rw=1048577, sector=12192, nr_sectors = 8192 limit=256 [ 251.586980][ T6938] loop4: detected capacity change from 0 to 1024 [ 251.613076][ T6938] EXT4-fs: Ignoring removed nobh option [ 251.633698][ T6453] kworker/u4:21: attempt to access beyond end of device [ 251.633698][ T6453] loop0: rw=1048577, sector=20384, nr_sectors = 12448 limit=256 [ 251.827251][ T6938] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 252.746278][ T6297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 253.756280][ T6958] loop0: detected capacity change from 0 to 8 [ 254.868081][ T6958] SQUASHFS error: lzo decompression failed, data probably corrupt [ 254.876101][ T6958] SQUASHFS error: Failed to read block 0x91: -5 [ 254.882356][ T6958] SQUASHFS error: Unable to read metadata cache entry [8f] [ 254.890285][ T6958] SQUASHFS error: Unable to read inode 0x11f [ 256.375561][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.381948][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.393135][ T5776] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 266.007009][ T7015] loop5: detected capacity change from 0 to 256 [ 266.217193][ T7015] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 266.237976][ T7015] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 266.298878][ T7015] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 266.330870][ T27] audit: type=1800 audit(1770514220.620:15): pid=7015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.227" name="file1" dev="loop5" ino=1048629 res=0 errno=0 [ 267.068820][ T7020] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 267.170743][ T7020] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 267.237419][ T7020] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 267.252369][ T7015] syz.5.227 (7015) used greatest stack depth: 19920 bytes left [ 267.810525][ T6449] kworker/u4:19: attempt to access beyond end of device [ 267.810525][ T6449] loop5: rw=1, sector=256, nr_sectors = 288 limit=256 [ 267.858062][ T6449] kworker/u4:19: attempt to access beyond end of device [ 267.858062][ T6449] loop5: rw=1, sector=608, nr_sectors = 416 limit=256 [ 267.971741][ T6449] kworker/u4:19: attempt to access beyond end of device [ 267.971741][ T6449] loop5: rw=1, sector=1056, nr_sectors = 10720 limit=256 [ 268.101737][ T6449] kworker/u4:19: attempt to access beyond end of device [ 268.101737][ T6449] loop5: rw=1, sector=11776, nr_sectors = 8024 limit=256 [ 268.186377][ T6449] kworker/u4:19: attempt to access beyond end of device [ 268.186377][ T6449] loop5: rw=1, sector=19800, nr_sectors = 5328 limit=256 [ 268.245767][ T6449] kworker/u4:19: attempt to access beyond end of device [ 268.245767][ T6449] loop5: rw=1, sector=25128, nr_sectors = 2064 limit=256 [ 268.298302][ T5783] Bluetooth: hci3: command 0x0406 tx timeout [ 268.342118][ T6449] kworker/u4:19: attempt to access beyond end of device [ 268.342118][ T6449] loop5: rw=1, sector=27192, nr_sectors = 2064 limit=256 [ 268.560133][ T6449] kworker/u4:19: attempt to access beyond end of device [ 268.560133][ T6449] loop5: rw=1, sector=29256, nr_sectors = 3576 limit=256 [ 269.396226][ T5758] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 269.631116][ T7043] loop4: detected capacity change from 0 to 2048 [ 269.660330][ T5758] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 269.696573][ T5758] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 269.705704][ T5758] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.819526][ T5758] usb 4-1: config 0 descriptor?? [ 269.957279][ T7043] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 270.206962][ T7043] EXT4-fs error (device loop4): ext4_do_update_inode:5248: inode #12: comm syz.4.229: corrupted inode contents [ 270.265810][ T7043] EXT4-fs (loop4): Remounting filesystem read-only [ 270.390834][ T6297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 271.054526][ T7061] loop3: detected capacity change from 0 to 512 [ 273.094650][ T5888] usb 4-1: USB disconnect, device number 2 [ 273.260828][ T7073] loop3: detected capacity change from 0 to 512 [ 274.651950][ T7073] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.746400][ T7073] ext4 filesystem being mounted at /70/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 275.224384][ T5758] usb 6-1: new full-speed USB device number 2 using dummy_hcd [ 275.726307][ T5758] usb 6-1: device descriptor read/64, error -71 [ 276.133245][ T5758] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 278.144743][ T5782] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.519543][ T7111] process 'syz.5.243' launched './file0' with NULL argv: empty string added [ 281.807359][ T7118] loop5: detected capacity change from 0 to 2048 [ 281.895131][ T7118] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 282.226439][ T7124] loop4: detected capacity change from 0 to 2048 [ 283.835348][ T7124] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 283.909043][ T7121] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh [ 284.454382][ T51] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 284.939135][ T7137] loop4: detected capacity change from 0 to 512 [ 285.811874][ T7137] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 285.841830][ T7137] ext4 filesystem being mounted at /26/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 290.570188][ T6297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.280407][ T7175] loop0: detected capacity change from 0 to 256 [ 292.366064][ T7175] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 292.436977][ T7175] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 292.675765][ T7175] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 292.864081][ T7188] loop5: detected capacity change from 0 to 16 [ 292.894400][ T7188] erofs: (device loop5): mounted with root inode @ nid 36. [ 293.277492][ T7193] loop5: detected capacity change from 0 to 256 [ 294.353814][ T5783] Bluetooth: hci0: command 0x0406 tx timeout [ 309.851853][ T7278] loop0: detected capacity change from 0 to 512 [ 310.636279][ T7278] EXT4-fs (loop0): bad block size 8192 [ 315.343431][ T7312] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input7 [ 318.787830][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.794513][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 321.352683][ T7354] loop5: detected capacity change from 0 to 8 [ 321.411838][ T7354] SQUASHFS error: Failed to read block 0x4de: -5 [ 321.419754][ T7354] SQUASHFS error: Failed to read block 0x4de: -5 [ 321.444025][ T5888] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 321.452043][ T27] audit: type=1800 audit(1770514275.768:16): pid=7354 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.281" name="file1" dev="loop5" ino=5 res=0 errno=0 [ 321.487955][ T7354] SQUASHFS error: Failed to read block 0x4de: -5 [ 321.507972][ T7354] SQUASHFS error: Failed to read block 0x4de: -5 [ 321.672243][ T5888] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 321.709653][ T5888] usb 5-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 321.734751][ T5888] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 323.349530][ T5888] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 323.358741][ T5888] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 323.367381][ T5888] usb 5-1: SerialNumber: syz [ 323.381006][ T5888] cdc_acm 5-1:1.0: skipping garbage [ 323.386299][ T5888] cdc_acm 5-1:1.0: skipping garbage [ 323.409070][ T5888] cdc_acm 5-1:1.0: skipping garbage [ 333.437023][ T5783] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 333.449549][ T5783] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 333.463834][ T5783] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 333.485419][ T5783] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 333.504162][ T5783] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 333.511681][ T5783] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 333.978819][ T8] usb 5-1: USB disconnect, device number 3 [ 334.033866][ T7430] loop3: detected capacity change from 0 to 256 [ 334.642968][ T42] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 336.383823][ T5783] Bluetooth: hci2: command tx timeout [ 336.436512][ T42] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.784448][ T42] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.049112][ T42] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.112465][ T7423] chnl_net:caif_netlink_parms(): no params data found [ 338.412853][ T5783] Bluetooth: hci2: command tx timeout [ 338.781973][ T7423] bridge0: port 1(bridge_slave_0) entered blocking state [ 338.789171][ T7423] bridge0: port 1(bridge_slave_0) entered disabled state [ 338.826885][ T7423] bridge_slave_0: entered allmulticast mode [ 338.848556][ T7423] bridge_slave_0: entered promiscuous mode [ 338.899064][ T7423] bridge0: port 2(bridge_slave_1) entered blocking state [ 338.916408][ T7423] bridge0: port 2(bridge_slave_1) entered disabled state [ 338.961501][ T7423] bridge_slave_1: entered allmulticast mode [ 338.996072][ T7423] bridge_slave_1: entered promiscuous mode [ 340.779924][ T5783] Bluetooth: hci2: command tx timeout [ 340.986541][ T7423] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 341.011606][ T7423] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 341.084810][ T7477] loop3: detected capacity change from 0 to 256 [ 341.220857][ T7477] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 341.250987][ T7477] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 341.282572][ T7477] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 341.474315][ T27] audit: type=1800 audit(1770514295.618:17): pid=7477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.301" name="file1" dev="loop3" ino=1048636 res=0 errno=0 [ 341.608410][ T7480] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 341.619105][ T7480] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 341.629420][ T7480] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 341.740258][ T7423] team0: Port device team_slave_0 added [ 341.750188][ T7423] team0: Port device team_slave_1 added [ 342.160672][ T7487] loop0: detected capacity change from 0 to 2048 [ 342.355125][ T7487] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 342.385529][ T7487] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh [ 342.790185][ T7423] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 342.797205][ T7423] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 342.811250][ T5783] Bluetooth: hci2: command tx timeout [ 342.876149][ T7477] syz.3.301 (7477) used greatest stack depth: 19184 bytes left [ 343.092750][ T5782] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 344.014967][ T5782] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 344.023265][ T7423] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 344.439125][ T7423] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 344.468644][ T7423] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 344.616575][ T7423] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 346.499893][ T6449] kworker/u4:19: attempt to access beyond end of device [ 346.499893][ T6449] loop3: rw=1048577, sector=256, nr_sectors = 288 limit=256 [ 346.538767][ T6449] kworker/u4:19: attempt to access beyond end of device [ 346.538767][ T6449] loop3: rw=1048577, sector=608, nr_sectors = 416 limit=256 [ 346.595675][ T6449] kworker/u4:19: attempt to access beyond end of device [ 346.595675][ T6449] loop3: rw=1048577, sector=1056, nr_sectors = 4040 limit=256 [ 346.676594][ T6449] kworker/u4:19: attempt to access beyond end of device [ 346.676594][ T6449] loop3: rw=1048577, sector=5096, nr_sectors = 3296 limit=256 [ 346.760074][ T7423] hsr_slave_0: entered promiscuous mode [ 346.837908][ T7423] hsr_slave_1: entered promiscuous mode [ 346.879515][ T7423] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 346.897985][ T7423] Cannot create hsr debugfs directory [ 348.166143][ T7525] loop0: detected capacity change from 0 to 16 [ 348.251543][ T7525] erofs: (device loop0): mounted with root inode @ nid 36. [ 349.469567][ T7423] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 349.498718][ T7423] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 349.517020][ T7533] loop5: detected capacity change from 0 to 256 [ 349.544050][ T7423] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 351.196689][ T7423] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 351.240723][ T7533] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 351.266110][ T7533] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 351.278817][ T7533] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 351.290366][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 351.302134][ T27] audit: type=1800 audit(1770514305.623:18): pid=7533 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.314" name="file1" dev="loop5" ino=1048663 res=0 errno=0 [ 351.324336][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 351.334475][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 351.345696][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 351.354372][ T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 351.363342][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 351.674881][ T7544] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 351.713027][ T7544] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 351.724901][ T7544] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 352.544523][ T42] hsr_slave_0: left promiscuous mode [ 352.552484][ T6453] kworker/u4:21: attempt to access beyond end of device [ 352.552484][ T6453] loop5: rw=1, sector=256, nr_sectors = 288 limit=256 [ 352.577175][ T6453] kworker/u4:21: attempt to access beyond end of device [ 352.577175][ T6453] loop5: rw=1, sector=608, nr_sectors = 416 limit=256 [ 352.599447][ T6453] kworker/u4:21: attempt to access beyond end of device [ 352.599447][ T6453] loop5: rw=1, sector=1056, nr_sectors = 5128 limit=256 [ 352.623460][ T6453] kworker/u4:21: attempt to access beyond end of device [ 352.623460][ T6453] loop5: rw=1, sector=6184, nr_sectors = 3416 limit=256 [ 352.639176][ T42] hsr_slave_1: left promiscuous mode [ 352.651345][ T6453] kworker/u4:21: attempt to access beyond end of device [ 352.651345][ T6453] loop5: rw=1, sector=9600, nr_sectors = 2056 limit=256 [ 352.684676][ T42] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 352.692164][ T42] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 352.720444][ T6453] kworker/u4:21: attempt to access beyond end of device [ 352.720444][ T6453] loop5: rw=1, sector=11656, nr_sectors = 21176 limit=256 [ 352.735992][ T42] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 352.743490][ T42] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 352.786144][ T42] bridge_slave_1: left allmulticast mode [ 352.791960][ T42] bridge_slave_1: left promiscuous mode [ 352.813969][ T42] bridge0: port 2(bridge_slave_1) entered disabled state [ 352.842871][ T42] bridge_slave_0: left allmulticast mode [ 352.852944][ T42] bridge_slave_0: left promiscuous mode [ 352.864652][ T42] bridge0: port 1(bridge_slave_0) entered disabled state [ 352.926269][ T42] veth1_macvtap: left promiscuous mode [ 352.931889][ T42] veth0_macvtap: left promiscuous mode [ 352.961303][ T42] veth1_vlan: left promiscuous mode [ 352.974822][ T42] veth0_vlan: left promiscuous mode [ 355.504234][ T5783] Bluetooth: hci0: command tx timeout [ 357.522480][ T5783] Bluetooth: hci0: command tx timeout [ 357.644110][ T42] team0 (unregistering): Port device team_slave_1 removed [ 357.794269][ T42] team0 (unregistering): Port device team_slave_0 removed [ 357.938919][ T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 358.075016][ T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 358.181348][ T7574] loop0: detected capacity change from 0 to 256 [ 359.116594][ T7580] loop0: detected capacity change from 0 to 16 [ 359.193929][ T7580] erofs: (device loop0): mounted with root inode @ nid 36. [ 359.630684][ T5783] Bluetooth: hci0: command tx timeout [ 359.669600][ T42] bond0 (unregistering): Released all slaves [ 361.773746][ T5783] Bluetooth: hci0: command tx timeout [ 363.949271][ T7601] loop5: detected capacity change from 0 to 256 [ 364.059242][ T7601] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 365.107545][ T7601] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 365.264752][ T7601] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 365.438036][ T27] audit: type=1800 audit(1770514319.610:19): pid=7601 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.324" name="file1" dev="loop5" ino=1048667 res=0 errno=0 [ 365.616671][ T7601] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 365.685074][ T7601] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 365.716593][ T7601] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 365.742942][ T7423] 8021q: adding VLAN 0 to HW filter on device bond0 [ 365.878900][ T6640] FAT-fs (loop5): error, corrupted directory (invalid entries) [ 365.940531][ T6640] FAT-fs (loop5): error, corrupted directory (invalid entries) [ 365.980164][ T7423] 8021q: adding VLAN 0 to HW filter on device team0 [ 366.100348][ T6449] bridge0: port 1(bridge_slave_0) entered blocking state [ 366.107777][ T6449] bridge0: port 1(bridge_slave_0) entered forwarding state [ 366.207392][ T6449] bridge0: port 2(bridge_slave_1) entered blocking state [ 366.215478][ T6449] bridge0: port 2(bridge_slave_1) entered forwarding state [ 366.474578][ T42] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 366.501769][ T7315] ================================================================== [ 366.509909][ T7315] BUG: KASAN: slab-use-after-free in __mutex_lock+0x6c2/0xcc0 [ 366.517442][ T7315] Read of size 8 at addr ffff88807d6f80a0 by task khidpd_04580058/7315 [ 366.525729][ T7315] [ 366.528114][ T7315] CPU: 1 PID: 7315 Comm: khidpd_04580058 Not tainted syzkaller #0 [ 366.536132][ T7315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 366.546257][ T7315] Call Trace: [ 366.549590][ T7315] [ 366.552561][ T7315] dump_stack_lvl+0x18c/0x250 [ 366.557279][ T7315] ? __lock_acquire+0x7d40/0x7d40 [ 366.562333][ T7315] ? show_regs_print_info+0x20/0x20 [ 366.567567][ T7315] ? load_image+0x400/0x400 [ 366.572109][ T7315] ? __virt_addr_valid+0x469/0x540 [ 366.577255][ T7315] print_report+0xa8/0x210 [ 366.581704][ T7315] ? __mutex_lock+0x6c2/0xcc0 [ 366.586417][ T7315] kasan_report+0x117/0x150 [ 366.590954][ T7315] ? __mutex_lock+0x6c2/0xcc0 [ 366.595672][ T7315] __mutex_lock+0x6c2/0xcc0 [ 366.600212][ T7315] ? __mutex_lock+0x4f9/0xcc0 [ 366.604935][ T7315] ? l2cap_unregister_user+0x6a/0x1a0 [ 366.610339][ T7315] ? mutex_lock_nested+0x20/0x20 [ 366.615306][ T7315] ? __wake_up+0x132/0x1a0 [ 366.619755][ T7315] ? __wake_up_bit+0x210/0x210 [ 366.624553][ T7315] ? _raw_spin_unlock+0x40/0x40 [ 366.629428][ T7315] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 366.635438][ T7315] l2cap_unregister_user+0x6a/0x1a0 [ 366.640675][ T7315] hidp_session_thread+0x3ec/0x430 [ 366.645831][ T7315] ? hidp_session_get+0x80/0x80 [ 366.650720][ T7315] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 366.656642][ T7315] ? hidp_session_thread+0x430/0x430 [ 366.661968][ T7315] ? hidp_session_thread+0x430/0x430 [ 366.667292][ T7315] ? __kthread_parkme+0x7a/0x1c0 [ 366.672259][ T7315] ? __kthread_parkme+0x162/0x1c0 [ 366.677314][ T7315] kthread+0x2fa/0x390 [ 366.681414][ T7315] ? hidp_session_get+0x80/0x80 [ 366.686296][ T7315] ? kthread_blkcg+0xd0/0xd0 [ 366.690917][ T7315] ret_from_fork+0x48/0x80 [ 366.695359][ T7315] ? kthread_blkcg+0xd0/0xd0 [ 366.699973][ T7315] ret_from_fork_asm+0x11/0x20 [ 366.704777][ T7315] [ 366.707823][ T7315] [ 366.710172][ T7315] Allocated by task 6640: [ 366.714522][ T7315] kasan_set_track+0x4e/0x70 [ 366.719138][ T7315] __kasan_kmalloc+0x8f/0xa0 [ 366.723755][ T7315] __kmalloc+0xb4/0x230 [ 366.727964][ T7315] hci_alloc_dev_priv+0x28/0x2060 [ 366.733018][ T7315] vhci_create_device+0x11b/0x650 [ 366.738070][ T7315] vhci_write+0x3b5/0x470 [ 366.742424][ T7315] vfs_write+0x46c/0x990 [ 366.746702][ T7315] ksys_write+0x150/0x260 [ 366.751060][ T7315] do_syscall_64+0x55/0xa0 [ 366.755515][ T7315] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 366.761437][ T7315] [ 366.763805][ T7315] Freed by task 7608: [ 366.767818][ T7315] kasan_set_track+0x4e/0x70 [ 366.772432][ T7315] kasan_save_free_info+0x2e/0x50 [ 366.777484][ T7315] ____kasan_slab_free+0x126/0x1e0 [ 366.782626][ T7315] slab_free_freelist_hook+0x130/0x1a0 [ 366.788110][ T7315] __kmem_cache_free+0xba/0x1e0 [ 366.792995][ T7315] bt_host_release+0x82/0x90 [ 366.797613][ T7315] device_release+0x96/0x1c0 [ 366.802232][ T7315] kobject_put+0x221/0x460 [ 366.806675][ T7315] vhci_release+0x15d/0x1a0 [ 366.811211][ T7315] __fput+0x234/0x970 [ 366.815228][ T7315] task_work_run+0x1d4/0x260 [ 366.819851][ T7315] do_exit+0x95a/0x2460 [ 366.824047][ T7315] do_group_exit+0x21b/0x2d0 [ 366.828679][ T7315] get_signal+0x12fc/0x13f0 [ 366.833205][ T7315] arch_do_signal_or_restart+0xc2/0x800 [ 366.838790][ T7315] exit_to_user_mode_loop+0x70/0x110 [ 366.844114][ T7315] exit_to_user_mode_prepare+0xee/0x180 [ 366.849694][ T7315] irqentry_exit_to_user_mode+0x9/0x30 [ 366.855178][ T7315] exc_page_fault+0x8c/0x100 [ 366.859792][ T7315] asm_exc_page_fault+0x26/0x30 [ 366.864673][ T7315] [ 366.867023][ T7315] Last potentially related work creation: [ 366.872770][ T7315] kasan_save_stack+0x3e/0x60 [ 366.877485][ T7315] __kasan_record_aux_stack+0xaf/0xc0 [ 366.882910][ T7315] insert_work+0x3d/0x310 [ 366.887275][ T7315] __queue_work+0xd2c/0x1020 [ 366.891903][ T7315] queue_work_on+0x128/0x1f0 [ 366.896523][ T7315] process_scheduled_works+0xa5d/0x15d0 [ 366.902098][ T7315] worker_thread+0xa55/0xfc0 [ 366.906741][ T7315] kthread+0x2fa/0x390 [ 366.910847][ T7315] ret_from_fork+0x48/0x80 [ 366.915298][ T7315] ret_from_fork_asm+0x11/0x20 [ 366.920099][ T7315] [ 366.922448][ T7315] Second to last potentially related work creation: [ 366.929052][ T7315] kasan_save_stack+0x3e/0x60 [ 366.933767][ T7315] __kasan_record_aux_stack+0xaf/0xc0 [ 366.939169][ T7315] insert_work+0x3d/0x310 [ 366.943530][ T7315] __queue_work+0xc39/0x1020 [ 366.948206][ T7315] call_timer_fn+0x189/0x540 [ 366.952825][ T7315] __run_timers+0x56d/0x800 [ 366.957353][ T7315] run_timer_softirq+0x67/0xf0 [ 366.962156][ T7315] handle_softirqs+0x280/0x820 [ 366.966951][ T7315] __irq_exit_rcu+0xd3/0x190 [ 366.971652][ T7315] irq_exit_rcu+0x9/0x20 [ 366.975919][ T7315] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 366.981577][ T7315] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 366.987588][ T7315] [ 366.989940][ T7315] The buggy address belongs to the object at ffff88807d6f8000 [ 366.989940][ T7315] which belongs to the cache kmalloc-8k of size 8192 [ 367.004022][ T7315] The buggy address is located 160 bytes inside of [ 367.004022][ T7315] freed 8192-byte region [ffff88807d6f8000, ffff88807d6fa000) [ 367.017934][ T7315] [ 367.020286][ T7315] The buggy address belongs to the physical page: [ 367.026730][ T7315] page:ffffea0001f5be00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d6f8 [ 367.036912][ T7315] head:ffffea0001f5be00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 367.045875][ T7315] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 367.053897][ T7315] page_type: 0xffffffff() [ 367.058258][ T7315] raw: 00fff00000000840 ffff888017c42280 ffffea00006edc00 0000000000000004 [ 367.066872][ T7315] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000 [ 367.075475][ T7315] page dumped because: kasan: bad access detected [ 367.081924][ T7315] page_owner tracks the page as allocated [ 367.087670][ T7315] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5529, tgid 5529 (init), ts 57293871099, free_ts 57246182696 [ 367.107593][ T7315] post_alloc_hook+0x1c1/0x200 [ 367.112404][ T7315] get_page_from_freelist+0x1951/0x19e0 [ 367.117978][ T7315] __alloc_pages+0x1f0/0x460 [ 367.122603][ T7315] alloc_slab_page+0x5d/0x160 [ 367.127309][ T7315] new_slab+0x87/0x2d0 [ 367.131416][ T7315] ___slab_alloc+0xc5d/0x12f0 [ 367.136135][ T7315] __kmem_cache_alloc_node+0x19e/0x250 [ 367.141626][ T7315] kmalloc_trace+0x2a/0xe0 [ 367.146077][ T7315] tomoyo_init_log+0x1114/0x1f50 [ 367.151048][ T7315] tomoyo_supervisor+0x363/0x1170 [ 367.156102][ T7315] tomoyo_env_perm+0x152/0x1f0 [ 367.160901][ T7315] tomoyo_find_next_domain+0x1592/0x1a60 [ 367.166574][ T7315] tomoyo_bprm_check_security+0x116/0x170 [ 367.172325][ T7315] security_bprm_check+0x62/0xa0 [ 367.177303][ T7315] bprm_execve+0xa6e/0x1700 [ 367.181843][ T7315] do_execveat_common+0x51b/0x6c0 [ 367.186912][ T7315] page last free stack trace: [ 367.191607][ T7315] free_unref_page_prepare+0x7b2/0x8c0 [ 367.197120][ T7315] free_unref_page+0x32/0x2e0 [ 367.201893][ T7315] __slab_free+0x35a/0x400 [ 367.206429][ T7315] qlist_free_all+0x75/0xd0 [ 367.210966][ T7315] kasan_quarantine_reduce+0x143/0x160 [ 367.216464][ T7315] __kasan_slab_alloc+0x22/0x80 [ 367.221345][ T7315] slab_post_alloc_hook+0x6e/0x4b0 [ 367.226496][ T7315] kmem_cache_alloc+0x11a/0x2d0 [ 367.231389][ T7315] vm_area_dup+0x27/0x270 [ 367.235747][ T7315] copy_mm+0xca8/0x1d50 [ 367.239933][ T7315] copy_process+0x16f7/0x3d80 [ 367.244640][ T7315] kernel_clone+0x24b/0x8a0 [ 367.249189][ T7315] __x64_sys_clone+0x1b7/0x230 [ 367.253994][ T7315] do_syscall_64+0x55/0xa0 [ 367.258452][ T7315] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 367.264374][ T7315] [ 367.266719][ T7315] Memory state around the buggy address: [ 367.272456][ T7315] ffff88807d6f7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 367.280545][ T7315] ffff88807d6f8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 367.288661][ T7315] >ffff88807d6f8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 367.296744][ T7315] ^ [ 367.301880][ T7315] ffff88807d6f8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 367.310054][ T7315] ffff88807d6f8180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 367.318154][ T7315] ================================================================== [ 367.328381][ T7315] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 367.335683][ T7315] CPU: 1 PID: 7315 Comm: khidpd_04580058 Not tainted syzkaller #0 [ 367.343637][ T7315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 367.353834][ T7315] Call Trace: [ 367.357158][ T7315] [ 367.360130][ T7315] dump_stack_lvl+0x18c/0x250 [ 367.364868][ T7315] ? show_regs_print_info+0x20/0x20 [ 367.370123][ T7315] ? load_image+0x400/0x400 [ 367.374693][ T7315] panic+0x2dc/0x730 [ 367.378741][ T7315] ? bpf_jit_dump+0xd0/0xd0 [ 367.383320][ T7315] ? _raw_spin_unlock_irqrestore+0xc0/0x120 [ 367.389364][ T7315] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 367.395403][ T7315] ? _raw_spin_unlock+0x40/0x40 [ 367.400308][ T7315] ? print_memory_metadata+0x314/0x400 [ 367.405831][ T7315] ? __mutex_lock+0x6c2/0xcc0 [ 367.410566][ T7315] check_panic_on_warn+0x84/0xa0 [ 367.415556][ T7315] ? __mutex_lock+0x6c2/0xcc0 [ 367.420290][ T7315] end_report+0x6f/0x130 [ 367.424578][ T7315] kasan_report+0x128/0x150 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 367.429128][ T7315] ? __mutex_lock+0x6c2/0xcc0 [ 367.433940][ T7315] __mutex_lock+0x6c2/0xcc0 [ 367.438513][ T7315] ? __mutex_lock+0x4f9/0xcc0 [ 367.443256][ T7315] ? l2cap_unregister_user+0x6a/0x1a0 [ 367.448681][ T7315] ? mutex_lock_nested+0x20/0x20 [ 367.453771][ T7315] ? __wake_up+0x132/0x1a0 [ 367.458240][ T7315] ? __wake_up_bit+0x210/0x210 [ 367.463065][ T7315] ? _raw_spin_unlock+0x40/0x40 [ 367.467967][ T7315] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 367.473999][ T7315] l2cap_unregister_user+0x6a/0x1a0 [ 367.479252][ T7315] hidp_session_thread+0x3ec/0x430 [ 367.484415][ T7315] ? hidp_session_get+0x80/0x80 [ 367.489317][ T7315] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 367.495256][ T7315] ? hidp_session_thread+0x430/0x430 [ 367.500599][ T7315] ? hidp_session_thread+0x430/0x430 [ 367.505933][ T7315] ? __kthread_parkme+0x7a/0x1c0 [ 367.511161][ T7315] ? __kthread_parkme+0x162/0x1c0 [ 367.516241][ T7315] kthread+0x2fa/0x390 [ 367.520359][ T7315] ? hidp_session_get+0x80/0x80 [ 367.525267][ T7315] ? kthread_blkcg+0xd0/0xd0 [ 367.529903][ T7315] ret_from_fork+0x48/0x80 [ 367.534366][ T7315] ? kthread_blkcg+0xd0/0xd0 [ 367.538999][ T7315] ret_from_fork_asm+0x11/0x20 [ 367.543821][ T7315] [ 367.547497][ T7315] Kernel Offset: disabled [ 367.551838][ T7315] Rebooting in 86400 seconds..