last executing test programs: 8.135377645s ago: executing program 2 (id=406): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(0x0, r0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000005580)=""/102392, 0x18ff8) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0) r2 = fsopen(&(0x7f0000000080)='ext3\x00', 0x0) socket$nl_generic(0x10, 0x3, 0x10) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000280)='auto_da_alloc', &(0x7f00000002c0)='8\x00', 0x0) 7.884174378s ago: executing program 1 (id=409): ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc040564a, &(0x7f0000000140)={0x8, 0x0, @value=0x100000000001013}) sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000b1e000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0xe1}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_DYNSET_SREG_KEY={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_DYNSET_OP={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_DYNSET_FLAGS={0x8, 0x9, 0x1, 0x0, 0x2}, @NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz1\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x90}}, 0x10) sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000025c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x4c}}, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0xc0000000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 7.165715086s ago: executing program 2 (id=411): sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r1, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) preadv(r1, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000b1e000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0xe1}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x10) sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000025c0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000140)='i', 0x1}], 0x1}}], 0x1, 0x40) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x4c}}, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0xc0000000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 6.88911741s ago: executing program 2 (id=413): sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0d0}, 0x4044800) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r1, 0x0, 0x0, 0x0, 0x0}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r7 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x3c78, 0x4000, 0xb, 0x10c}) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000003a00010325bdde00fcff2fd803000900"], 0x14}}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x9, 0x0, 0x7fff0000}]}) sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='/', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845) io_uring_enter(r7, 0x2219, 0x7721, 0x16, 0x0, 0x0) ioctl$sock_inet_SIOCSARP(r3, 0x8955, 0x0) ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f0000000300)={{0x101}, 0x100, './file0\x00'}) ioctl$EVIOCGMASK(0xffffffffffffffff, 0x80104592, &(0x7f0000000900)={0x1a, 0xa6, &(0x7f0000000840)="87be909102c518aad6413c4b9e59fe19900fdeb4c77af66608e02e3e58397fb26e179a78a26006ea7750b98f2576fd84249c2c2ec216e641031691fb07f70646ef6395228616c7d4b5b2dc1638df13b20d473f64bda628023e1f1946df978a190c9d01b782cdeb040df24e5e9026140ca7902a7a738e4b1d58d650752c16101cebc26e31584103a4e7d9459155a5d29bf442d273d26184c39aa06026841d390be24b8fb64294"}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f0000000000)={0x48, 0x2, r1}) ioctl$IOMMU_HWPT_ALLOC$NONE(r0, 0x3b89, &(0x7f0000000180)={0x28, 0x1, r2, r1, 0x0, 0x0, 0x0, 0xffffffffffffffa8, 0x0}) ioctl$IOMMU_HWPT_ALLOC$TEST(r0, 0x3b89, &(0x7f0000000200)={0x28, 0x0, r2, r9, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000240)}) ioctl$IOMMU_HWPT_INVALIDATE$TEST(r0, 0x3b8d, &(0x7f0000000280)={0x20, r10, &(0x7f00000002c0)}) 6.88716506s ago: executing program 1 (id=415): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x14, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8b, 0x0, 0x0, 0x0, 0x80}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfeff}, {0x85, 0x0, 0x0, 0x86}, {0x7, 0x1, 0xb, 0x9, 0x0, 0x20}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0x80000000}}, [@jmp={0x5, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3f}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x84}, {0x7, 0x0, 0xb, 0x0, 0x0, 0x0, 0x500}}}, &(0x7f0000000000)='GPL\x00', 0xb, 0xfed, &(0x7f0000000780)=""/4077, 0x41000, 0x4b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000d}, 0x94) 6.863876081s ago: executing program 3 (id=416): socket(0x10, 0x803, 0x0) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x121040, 0x0) ioctl$F2FS_IOC_GET_FEATURES(r0, 0x8004f50c, &(0x7f0000000100)) 6.805446724s ago: executing program 3 (id=417): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) recvmsg(r1, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000007400)=[{0x0, 0x0, &(0x7f0000006580)=[{&(0x7f0000000480)="06c3505f", 0x4}, {0x0}], 0x2, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000000000001701000002000000000000000000000018"], 0x30, 0x24040000}], 0x1, 0x20008080) 6.580714376s ago: executing program 1 (id=418): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0) setsockopt$IP_VS_SO_SET_DELDEST(0xffffffffffffffff, 0x0, 0x488, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 5.54340251s ago: executing program 2 (id=419): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(0x0, r0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000005580)=""/102392, 0x18ff8) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0) r2 = fsopen(&(0x7f0000000080)='ext3\x00', 0x0) socket$nl_generic(0x10, 0x3, 0x10) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000280)='auto_da_alloc', &(0x7f00000002c0)='8\x00', 0x0) 5.410492497s ago: executing program 3 (id=420): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]}) openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) add_key(&(0x7f00000000c0)='pkcs7_test\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3f, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) 4.548948542s ago: executing program 0 (id=422): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x15}}, 0x6}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='veth0_macvtap\x00', 0x10) sendmmsg$inet6(r0, &(0x7f0000004840)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000240)="9ef7f54d", 0x4}], 0x1}}, {{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000600)='0', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000001f80)=[{&(0x7f0000001e80)="d2", 0x1}], 0x1}}], 0x3, 0x4001015) 3.840407939s ago: executing program 3 (id=423): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) syz_emit_vhci(&(0x7f0000000640)=ANY=[@ANYRES16=r0], 0x2) 3.82121574s ago: executing program 1 (id=424): ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc040564a, &(0x7f0000000140)={0x8, 0x0, @value=0x100000000001013}) sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000b1e000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0xe1}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_DYNSET_SREG_KEY={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_DYNSET_OP={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_DYNSET_FLAGS={0x8, 0x9, 0x1, 0x0, 0x2}, @NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz1\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x90}}, 0x10) sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000025c0)=[{{0x0, 0x0, &(0x7f0000000340)}}], 0x1, 0x40) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x4c}}, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0xc0000000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 3.781304893s ago: executing program 2 (id=425): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r1, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @loopback}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) 3.63728404s ago: executing program 0 (id=426): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x14, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8b, 0x0, 0x0, 0x0, 0x80}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfeff}, {0x85, 0x0, 0x0, 0x86}, {0x7, 0x1, 0xb, 0x9, 0x0, 0x20}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0x80000000}}, [@jmp={0x5, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3f}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x84}, {0x7, 0x0, 0xb, 0x0, 0x0, 0x0, 0x500}}}, &(0x7f0000000000)='GPL\x00', 0xb, 0xfed, &(0x7f0000000780)=""/4077, 0x41000, 0x4b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000d}, 0x94) 3.63695248s ago: executing program 3 (id=427): sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0d0}, 0x4044800) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r1, 0x0, 0x0, 0x0, 0x0}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r7 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x3c78, 0x4000, 0xb, 0x10c}) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000003a00010325bdde00fcff2fd803000900"], 0x14}}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x9, 0x0, 0x7fff0000}]}) sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='/', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845) io_uring_enter(r7, 0x2219, 0x7721, 0x16, 0x0, 0x0) ioctl$sock_inet_SIOCSARP(r3, 0x8955, 0x0) ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f0000000300)={{0x101}, 0x100, './file0\x00'}) ioctl$EVIOCGMASK(0xffffffffffffffff, 0x80104592, &(0x7f0000000900)={0x1a, 0xa6, &(0x7f0000000840)="87be909102c518aad6413c4b9e59fe19900fdeb4c77af66608e02e3e58397fb26e179a78a26006ea7750b98f2576fd84249c2c2ec216e641031691fb07f70646ef6395228616c7d4b5b2dc1638df13b20d473f64bda628023e1f1946df978a190c9d01b782cdeb040df24e5e9026140ca7902a7a738e4b1d58d650752c16101cebc26e31584103a4e7d9459155a5d29bf442d273d26184c39aa06026841d390be24b8fb64294"}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f0000000000)={0x48, 0x2, r1}) ioctl$IOMMU_HWPT_ALLOC$NONE(r0, 0x3b89, &(0x7f0000000180)={0x28, 0x1, r2, r1, 0x0, 0x0, 0x0, 0xffffffffffffffa8, 0x0}) ioctl$IOMMU_HWPT_ALLOC$TEST(r0, 0x3b89, &(0x7f0000000200)={0x28, 0x0, r2, r9, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000240)}) ioctl$IOMMU_HWPT_INVALIDATE$TEST(r0, 0x3b8d, &(0x7f0000000280)={0x20, r10, &(0x7f00000002c0)}) 3.390314203s ago: executing program 0 (id=428): syz_open_procfs(0x0, &(0x7f0000000080)='mountstats\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, 0x0, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x10) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_CT_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xf}}}, 0x78}}, 0x10) r6 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r6, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10) setsockopt$sock_int(r6, 0x1, 0x6, &(0x7f0000000140)=0x8, 0x4) connect$inet(r6, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10) sendmmsg$inet(r6, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00) sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0) 3.389511023s ago: executing program 2 (id=429): r0 = socket(0x2b, 0x80801, 0x1) listen(r0, 0x9) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x3d6d9000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfff}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x6, 0x7, 0x0, 0x7fff8000}]}) close_range(r4, 0xffffffffffffffff, 0x0) 2.193550606s ago: executing program 3 (id=430): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010800d972a440b72040155ab7010203010902120001000000000904000000ff"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac2(r0, 0x0, &(0x7f0000000bc0)={0x44, &(0x7f0000000900)=ANY=[@ANYBLOB="e01506"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$rtl8150(r0, 0x0, &(0x7f0000000500)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="400505"], 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac2(r0, 0x0, &(0x7f0000000540)={0x44, &(0x7f0000000240)={0x20, 0xb, 0x2, "eda5"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.035164134s ago: executing program 1 (id=431): sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0d0}, 0x4044800) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r1, 0x0, 0x0, 0x0, 0x0}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r7 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x3c78, 0x4000, 0xb, 0x10c}) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000003a00010325bdde00fcff2fd803000900"], 0x14}}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x9, 0x0, 0x7fff0000}]}) sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='/', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845) io_uring_enter(r7, 0x2219, 0x7721, 0x16, 0x0, 0x0) ioctl$sock_inet_SIOCSARP(r3, 0x8955, 0x0) ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f0000000300)={{0x101}, 0x100, './file0\x00'}) ioctl$EVIOCGMASK(0xffffffffffffffff, 0x80104592, &(0x7f0000000900)={0x1a, 0xa5, &(0x7f0000000840)="87be909102c518aad6413c4b9e59fe19900fdeb4c77af66608e02e3e58397fb26e179a78a26006ea7750b98f2576fd84249c2c2ec216e641031691fb07f70646ef6395228616c7d4b5b2dc1638df13b20d473f64bda628023e1f1946df978a190c9d01b782cdeb040df24e5e9026140ca7902a7a738e4b1d58d650752c16101cebc26e31584103a4e7d9459155a5d29bf442d273d26184c39aa06026841d390be24b8fb642"}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f0000000000)={0x48, 0x2, r1}) ioctl$IOMMU_HWPT_ALLOC$NONE(r0, 0x3b89, &(0x7f0000000180)={0x28, 0x1, r2, r1, 0x0, 0x0, 0x0, 0xffffffffffffffa8, 0x0}) ioctl$IOMMU_HWPT_ALLOC$TEST(r0, 0x3b89, &(0x7f0000000200)={0x28, 0x0, r2, r9, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000240)}) ioctl$IOMMU_HWPT_INVALIDATE$TEST(r0, 0x3b8d, &(0x7f0000000280)={0x20, r10, &(0x7f00000002c0)=[{0x0, 0x1}], 0xdeadbeef, 0x8, 0x2000007f}) 1.841046004s ago: executing program 0 (id=432): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0) setsockopt$IP_VS_SO_SET_DELDEST(0xffffffffffffffff, 0x0, 0x488, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 863.397095ms ago: executing program 0 (id=433): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(0x0, r0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000005580)=""/102392, 0x18ff8) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0) r2 = fsopen(&(0x7f0000000080)='ext3\x00', 0x0) socket$nl_generic(0x10, 0x3, 0x10) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000280)='auto_da_alloc', &(0x7f00000002c0)='8\x00', 0x0) 711.344973ms ago: executing program 1 (id=434): sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0x20000000) write$P9_RFLUSH(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000a00)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@resgid}, {@barrier}, {@quota}, {@delalloc}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR") r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab) fadvise64(r0, 0x7f, 0x0, 0x4) setsockopt(0xffffffffffffffff, 0x1c, 0xfff, 0x0, 0x0) syz_io_uring_setup(0x5b0f, &(0x7f0000000000)={0x0, 0xfffffff9, 0x2, 0x1, 0x359}, 0x0, 0x0, 0x0) munlockall() 0s ago: executing program 0 (id=435): r0 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0) read$midi(r0, 0x0, 0x3b) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x80383, 0x0) ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100) openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x84000, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.73' (ED25519) to the list of known hosts. [ 73.620141][ T5758] cgroup: Unknown subsys name 'net' [ 73.759403][ T5758] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 75.441881][ T5758] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 77.688551][ T5786] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 77.696837][ T5786] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 77.706657][ T5786] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 77.707836][ T5780] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 77.715112][ T5786] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 77.722500][ T5781] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 77.729918][ T5786] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 77.745854][ T5780] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 77.746356][ T5786] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 77.753170][ T5780] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 77.762026][ T5786] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 77.768492][ T5780] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 77.775486][ T5787] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 77.782473][ T5780] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 77.789372][ T5787] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 77.796219][ T5780] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 77.803652][ T5787] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 77.810133][ T5780] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 77.817071][ T5787] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 77.824570][ T5780] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 77.831809][ T5784] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 77.839172][ T5780] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 77.845444][ T5784] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 77.887682][ T5784] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 78.344863][ T5771] chnl_net:caif_netlink_parms(): no params data found [ 78.419084][ T5772] chnl_net:caif_netlink_parms(): no params data found [ 78.455635][ T5770] chnl_net:caif_netlink_parms(): no params data found [ 78.526496][ T5773] chnl_net:caif_netlink_parms(): no params data found [ 78.635629][ T5771] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.643832][ T5771] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.651593][ T5771] bridge_slave_0: entered allmulticast mode [ 78.658762][ T5771] bridge_slave_0: entered promiscuous mode [ 78.694617][ T5771] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.704065][ T5771] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.711306][ T5771] bridge_slave_1: entered allmulticast mode [ 78.718452][ T5771] bridge_slave_1: entered promiscuous mode [ 78.736637][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.744602][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.751909][ T5772] bridge_slave_0: entered allmulticast mode [ 78.759001][ T5772] bridge_slave_0: entered promiscuous mode [ 78.772184][ T5770] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.779322][ T5770] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.786667][ T5770] bridge_slave_0: entered allmulticast mode [ 78.793663][ T5770] bridge_slave_0: entered promiscuous mode [ 78.810960][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.818223][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.825605][ T5772] bridge_slave_1: entered allmulticast mode [ 78.832710][ T5772] bridge_slave_1: entered promiscuous mode [ 78.843988][ T5770] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.851126][ T5770] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.858980][ T5770] bridge_slave_1: entered allmulticast mode [ 78.866304][ T5770] bridge_slave_1: entered promiscuous mode [ 78.875629][ T5771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.929467][ T5771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.970781][ T5773] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.978391][ T5773] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.986572][ T5773] bridge_slave_0: entered allmulticast mode [ 78.995225][ T5773] bridge_slave_0: entered promiscuous mode [ 79.003564][ T5773] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.010648][ T5773] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.017991][ T5773] bridge_slave_1: entered allmulticast mode [ 79.025093][ T5773] bridge_slave_1: entered promiscuous mode [ 79.035016][ T5772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.058744][ T5770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.081066][ T5772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.094183][ T5771] team0: Port device team_slave_0 added [ 79.105033][ T5770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.137077][ T5771] team0: Port device team_slave_1 added [ 79.157487][ T5773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.197949][ T5773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.210230][ T5772] team0: Port device team_slave_0 added [ 79.231551][ T5770] team0: Port device team_slave_0 added [ 79.250450][ T5772] team0: Port device team_slave_1 added [ 79.266605][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.273825][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.300041][ T5771] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.314297][ T5770] team0: Port device team_slave_1 added [ 79.320950][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.328162][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.354320][ T5771] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.427268][ T5773] team0: Port device team_slave_0 added [ 79.434412][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.441395][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.468120][ T5772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.481806][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.489053][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.515869][ T5772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.528930][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.538985][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.565623][ T5770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.585238][ T5773] team0: Port device team_slave_1 added [ 79.619725][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.627092][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.653358][ T5770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.702539][ T5772] hsr_slave_0: entered promiscuous mode [ 79.709352][ T5772] hsr_slave_1: entered promiscuous mode [ 79.726041][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.735866][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.765101][ T5773] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.792770][ T5771] hsr_slave_0: entered promiscuous mode [ 79.799270][ T5771] hsr_slave_1: entered promiscuous mode [ 79.806275][ T5771] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.814299][ T5771] Cannot create hsr debugfs directory [ 79.832012][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.839221][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.866721][ T5773] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.892774][ T5784] Bluetooth: hci1: command tx timeout [ 79.892789][ T51] Bluetooth: hci0: command tx timeout [ 79.954547][ T5770] hsr_slave_0: entered promiscuous mode [ 79.961272][ T5770] hsr_slave_1: entered promiscuous mode [ 79.970671][ T5770] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.972470][ T5784] Bluetooth: hci3: command tx timeout [ 79.978723][ T51] Bluetooth: hci2: command tx timeout [ 79.991969][ T5770] Cannot create hsr debugfs directory [ 80.070388][ T5773] hsr_slave_0: entered promiscuous mode [ 80.078222][ T5773] hsr_slave_1: entered promiscuous mode [ 80.084830][ T5773] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.092770][ T5773] Cannot create hsr debugfs directory [ 80.446584][ T5771] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 80.460217][ T5771] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 80.471346][ T5771] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 80.493262][ T5771] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 80.584692][ T5772] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 80.597196][ T5772] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 80.611507][ T5772] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 80.621719][ T5772] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 80.688999][ T5770] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 80.725583][ T5770] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 80.737228][ T5770] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 80.762385][ T5770] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 80.833620][ T5773] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 80.851706][ T5773] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 80.879627][ T5773] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 80.893594][ T5773] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 80.914430][ T5771] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.970029][ T5771] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.021375][ T1076] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.028877][ T1076] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.045892][ T1076] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.053293][ T1076] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.108203][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.136110][ T5772] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.175592][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.183003][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.196106][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.203636][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.276963][ T5773] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.288702][ T5770] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.356941][ T5770] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.379518][ T5773] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.406035][ T136] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.413387][ T136] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.430396][ T136] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.437641][ T136] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.491190][ T1076] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.498543][ T1076] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.524377][ T1076] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.531586][ T1076] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.554965][ T5772] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 81.706525][ T5771] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.741327][ T5773] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 81.864647][ T5771] veth0_vlan: entered promiscuous mode [ 81.885833][ T5771] veth1_vlan: entered promiscuous mode [ 81.949142][ T5771] veth0_macvtap: entered promiscuous mode [ 81.972533][ T51] Bluetooth: hci0: command tx timeout [ 81.973409][ T5784] Bluetooth: hci1: command tx timeout [ 81.985621][ T5771] veth1_macvtap: entered promiscuous mode [ 82.053828][ T5784] Bluetooth: hci2: command tx timeout [ 82.053935][ T51] Bluetooth: hci3: command tx timeout [ 82.093553][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.109146][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.127916][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.154459][ T5771] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.164359][ T5771] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.178687][ T5771] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.189730][ T5771] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.298634][ T5773] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.363292][ T5770] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.407240][ T5772] veth0_vlan: entered promiscuous mode [ 82.419321][ T2939] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.435800][ T2939] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.465734][ T5772] veth1_vlan: entered promiscuous mode [ 82.501277][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.513428][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.553705][ T5773] veth0_vlan: entered promiscuous mode [ 82.591020][ T5773] veth1_vlan: entered promiscuous mode [ 82.620693][ T5772] veth0_macvtap: entered promiscuous mode [ 82.633341][ T5770] veth0_vlan: entered promiscuous mode [ 82.650988][ T5772] veth1_macvtap: entered promiscuous mode [ 82.684439][ T5770] veth1_vlan: entered promiscuous mode [ 82.716548][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.738517][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.751250][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.800874][ T5773] veth0_macvtap: entered promiscuous mode [ 82.810797][ T5833] hfsplus: unable to find HFS+ superblock [ 82.813721][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.829509][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.847627][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.867105][ T5772] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.877169][ T5772] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.886337][ T5772] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.901265][ T5772] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.064989][ T5770] veth0_macvtap: entered promiscuous mode [ 83.072598][ T5834] libceph: resolve '400' (ret=-3): failed [ 83.181408][ T5773] veth1_macvtap: entered promiscuous mode [ 83.340143][ T5770] veth1_macvtap: entered promiscuous mode [ 83.687246][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.702899][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.722613][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.745780][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.763800][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.809583][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.825531][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.837822][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.848726][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.858905][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.877700][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.900606][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.921155][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.937711][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.949202][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.966068][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.979820][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.000184][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.018970][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.029476][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.062808][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.072903][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.083553][ T51] Bluetooth: hci1: command tx timeout [ 84.083599][ T51] Bluetooth: hci0: command tx timeout [ 84.095983][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.108626][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.130486][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.138780][ T5784] Bluetooth: hci2: command tx timeout [ 84.139070][ T5770] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.145054][ T5784] Bluetooth: hci3: command tx timeout [ 84.425248][ T5770] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.454367][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.487074][ T5770] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.540399][ T5770] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.745663][ T5773] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.764627][ T5773] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.773728][ T5773] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.791936][ T5773] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.999630][ T2939] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.013667][ T2939] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.176034][ T2939] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.192938][ T2939] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.277776][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.300954][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.409317][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.443195][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.585524][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.594898][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.715369][ T5856] Zero length message leads to an empty skb [ 86.142095][ T5784] Bluetooth: hci0: command tx timeout [ 86.148941][ T5784] Bluetooth: hci1: command tx timeout [ 86.264458][ T51] Bluetooth: hci2: command tx timeout [ 86.302116][ T51] Bluetooth: hci3: command tx timeout [ 88.919448][ T5877] netlink: 104 bytes leftover after parsing attributes in process `syz.1.10'. [ 90.725503][ T5775] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 91.219562][ T5895] tmpfs: Unknown parameter 'smackfsrootVusrq' [ 91.771897][ T5775] usb 1-1: Using ep0 maxpacket: 8 [ 91.785273][ T5775] usb 1-1: config 0 has an invalid interface number: 186 but max is 0 [ 91.794265][ T5775] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 91.812324][ T5775] usb 1-1: config 0 has no interface number 0 [ 91.818498][ T5775] usb 1-1: config 0 interface 186 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 91.861948][ T5775] usb 1-1: config 0 interface 186 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 91.952467][ T5775] usb 1-1: config 0 interface 186 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 92.056293][ T5775] usb 1-1: config 0 interface 186 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 92.289423][ T5775] usb 1-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 92.294928][ T788] cfg80211: failed to load regulatory.db [ 92.512359][ T5775] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 92.551654][ T5775] usb 1-1: Product: syz [ 92.572183][ T5775] usb 1-1: Manufacturer: syz [ 92.576861][ T5775] usb 1-1: SerialNumber: syz [ 92.799170][ T5775] usb 1-1: config 0 descriptor?? [ 92.887254][ T5911] comedi comedi3: 8255: I/O port conflict (0xffffffff80002002,4) [ 92.895690][ T5911] comedi comedi3: 8255: I/O port conflict (0x10003,4) [ 92.902941][ T5911] comedi comedi3: 8255: I/O port conflict (0x8,4) [ 93.672369][ T5775] usb 1-1: can't set config #0, error -71 [ 93.744510][ T5775] usb 1-1: USB disconnect, device number 2 [ 93.767553][ T5914] syz.2.23[5914]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 93.900959][ T5913] netlink: 8 bytes leftover after parsing attributes in process `syz.0.25'. [ 93.908123][ T5918] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 95.665912][ T5935] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 95.673771][ T5935] IPv6: NLM_F_CREATE should be set when creating new route [ 96.467367][ T5944] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 97.584347][ T5957] netlink: 'syz.3.38': attribute type 7 has an invalid length. [ 97.592562][ T5957] netlink: 'syz.3.38': attribute type 8 has an invalid length. [ 97.607396][ T5954] netlink: 'syz.3.38': attribute type 7 has an invalid length. [ 97.618247][ T5954] netlink: 'syz.3.38': attribute type 8 has an invalid length. [ 98.594915][ T5963] capability: warning: `syz.1.42' uses deprecated v2 capabilities in a way that may be insecure [ 98.936114][ T5978] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 99.242606][ T5760] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 99.242898][ T5987] IPVS: set_ctl: invalid protocol: 22 224.0.0.1:20001 [ 100.061923][ T5760] usb 1-1: Using ep0 maxpacket: 32 [ 100.085910][ T5760] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 100.119988][ T5760] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 100.143271][ T5993] netlink: 8 bytes leftover after parsing attributes in process `syz.2.53'. [ 100.152685][ T5760] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 100.170492][ T5760] usb 1-1: config 1 has no interface number 0 [ 100.196092][ T5760] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 100.231424][ T5760] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 100.286784][ T5760] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 100.325762][ T5760] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.407824][ T5760] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [ 100.625993][ T5760] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached [ 101.051395][ T5760] usb 1-1: USB disconnect, device number 3 [ 101.077116][ T5760] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected [ 101.328264][ T28] audit: type=1326 audit(1777246404.717:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.2.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bf4d9cdd9 code=0x7ffc0000 [ 101.409263][ T28] audit: type=1326 audit(1777246404.717:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.2.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bf4d9cdd9 code=0x7ffc0000 [ 101.478928][ T28] audit: type=1326 audit(1777246404.747:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.2.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bf4d9cdd9 code=0x7ffc0000 [ 101.534318][ T28] audit: type=1326 audit(1777246404.747:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.2.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bf4d9cdd9 code=0x7ffc0000 [ 101.558270][ T28] audit: type=1326 audit(1777246404.747:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.2.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f1bf4d9cdd9 code=0x7ffc0000 [ 101.581629][ T28] audit: type=1326 audit(1777246404.747:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.2.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bf4d9cdd9 code=0x7ffc0000 [ 101.676497][ T28] audit: type=1326 audit(1777246404.747:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.2.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bf4d9cdd9 code=0x7ffc0000 [ 101.714918][ T28] audit: type=1326 audit(1777246404.747:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.2.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f1bf4d9cdd9 code=0x7ffc0000 [ 101.758266][ T28] audit: type=1326 audit(1777246404.747:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.2.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f1bf4d9cdd9 code=0x7ffc0000 [ 103.921034][ T6040] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 104.199206][ T6044] kvm: kvm [6041]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xc9a00000065 [ 104.229622][ T6044] kvm: kvm [6041]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0xc9a00000066 [ 104.247854][ T6043] kvm: kvm [6042]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0x1 [ 104.286391][ T6043] kvm: kvm [6042]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x187) = 0x1 [ 104.319541][ T6043] kvm: kvm [6042]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x186) = 0x1 [ 104.343974][ T6043] kvm: kvm [6042]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x0 [ 104.363072][ T6043] kvm: kvm [6042]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0x1 [ 104.394426][ T6043] kvm_intel: kvm [6042]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x1d9) = 0x1 [ 104.413029][ T6043] kvm: kvm [6042]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x187) = 0x1 [ 104.433597][ T6043] kvm: kvm [6042]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x0 [ 104.482861][ T6043] kvm: kvm [6042]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0x1 [ 104.503042][ T6043] kvm_intel: kvm [6042]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x1d9) = 0x1 [ 106.458834][ T6068] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 106.763764][ T6075] mmap: syz.0.79 (6075) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 108.127341][ T6081] hfsplus: unable to find HFS+ superblock [ 108.551858][ T6085] libceph: resolve '400' (ret=-3): failed [ 108.977981][ T6090] netlink: 16 bytes leftover after parsing attributes in process `syz.0.84'. [ 109.983663][ T6100] netlink: 'syz.1.87': attribute type 1 has an invalid length. [ 111.674023][ T6100] 8021q: adding VLAN 0 to HW filter on device bond1 [ 111.688736][ T6097] bond1: (slave gretap1): making interface the new active one [ 111.697409][ T6097] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 111.951931][ T5813] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 112.173064][ T5813] usb 2-1: Using ep0 maxpacket: 16 [ 112.193862][ T5813] usb 2-1: config 0 interface 0 altsetting 44 has an invalid endpoint with address 0xFF, skipping [ 112.208203][ T5813] usb 2-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 112.227631][ T5813] usb 2-1: config 0 interface 0 has no altsetting 0 [ 112.238621][ T5813] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 112.249221][ T5813] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 112.257854][ T5813] usb 2-1: Product: syz [ 112.262641][ T5813] usb 2-1: Manufacturer: syz [ 112.268634][ T5813] usb 2-1: SerialNumber: syz [ 112.282378][ T5813] usb 2-1: config 0 descriptor?? [ 112.288649][ T6104] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 114.354928][ T5813] usb 2-1: USB disconnect, device number 2 [ 116.576149][ T6152] IPv6: syztnl0: Disabled Multicast RS [ 116.956047][ T6154] vivid-007: disconnect [ 117.104636][ T6148] vivid-007: reconnect [ 117.953666][ T968] usb 3-1: new low-speed USB device number 2 using dummy_hcd [ 118.252353][ T968] usb 3-1: config 0 interface 0 altsetting 64 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 118.488905][ T968] usb 3-1: config 0 interface 0 altsetting 64 endpoint 0x81 has invalid maxpacket 1056, setting to 8 [ 118.572029][ T968] usb 3-1: config 0 interface 0 altsetting 64 has 1 endpoint descriptor, different from the interface descriptor's value: 8 [ 118.615522][ T968] usb 3-1: config 0 interface 0 has no altsetting 0 [ 118.625828][ T968] usb 3-1: New USB device found, idVendor=1a34, idProduct=0002, bcdDevice= 0.00 [ 118.645534][ T968] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.672990][ T968] usb 3-1: config 0 descriptor?? [ 118.679334][ T6165] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 119.019992][ T968] usbhid 3-1:0.0: can't add hid device: -71 [ 119.032135][ T968] usbhid: probe of 3-1:0.0 failed with error -71 [ 119.048642][ T968] usb 3-1: USB disconnect, device number 2 [ 122.685723][ T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 122.987942][ T6241] kvm_pr_unimpl_wrmsr: 1 callbacks suppressed [ 122.987962][ T6241] kvm: kvm [6240]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x77c100000001 [ 123.050311][ T6241] kvm: kvm [6240]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0x77c100000002 [ 123.079207][ T6241] kvm: kvm [6240]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x3d7a00000001 [ 123.089420][ T6241] kvm: kvm [6240]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0x3d7a00000002 [ 123.101949][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 123.125484][ T9] usb 2-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config [ 123.149060][ T9] usb 2-1: New USB device found, idVendor=0e8d, idProduct=2000, bcdDevice=21.c6 [ 123.171945][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.193760][ T9] usb 2-1: config 0 descriptor?? [ 123.200702][ T6251] warning: `syz.3.140' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 123.210909][ T9] cdc_acm 2-1:0.0: skipping garbage [ 123.414639][ T5813] usb 2-1: USB disconnect, device number 3 [ 123.927629][ T6258] (null): rxe_set_mtu: Set mtu to 256 [ 124.122688][ T6258] vxcan1 speed is unknown, defaulting to 1000 [ 124.145593][ T6258] vxcan1 speed is unknown, defaulting to 1000 [ 124.161515][ T6258] vxcan1 speed is unknown, defaulting to 1000 [ 125.118783][ T6258] infiniband syz2: set active [ 125.125512][ T27] vxcan1 speed is unknown, defaulting to 1000 [ 125.154648][ T6258] infiniband syz2: added vxcan1 [ 125.164209][ T6258] syz2: rxe_create_cq: returned err = -12 [ 125.175062][ T6258] infiniband syz2: Couldn't create ib_mad CQ [ 125.188158][ T6258] infiniband syz2: Couldn't open port 1 [ 125.260700][ T6258] RDS/IB: syz2: added [ 125.278897][ T6258] smc: adding ib device syz2 with port count 1 [ 125.288836][ T6258] smc: ib device syz2 port 1 has pnetid [ 125.301972][ T5847] vxcan1 speed is unknown, defaulting to 1000 [ 125.318664][ T6258] vxcan1 speed is unknown, defaulting to 1000 [ 125.320620][ T6283] kvm: kvm [6282]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x77c100000001 [ 125.341629][ T6283] kvm: kvm [6282]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0x77c100000002 [ 125.360590][ T6283] kvm: kvm [6282]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x3d7a00000001 [ 125.378582][ T6283] kvm: kvm [6282]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0x3d7a00000002 [ 125.605345][ T6258] vxcan1 speed is unknown, defaulting to 1000 [ 126.773099][ T6258] vxcan1 speed is unknown, defaulting to 1000 [ 126.882281][ T6301] ======================================================= [ 126.882281][ T6301] WARNING: The mand mount option has been deprecated and [ 126.882281][ T6301] and is ignored by this kernel. Remove the mand [ 126.882281][ T6301] option from the mount to silence this warning. [ 126.882281][ T6301] ======================================================= [ 127.168444][ T6258] vxcan1 speed is unknown, defaulting to 1000 [ 129.212032][ T5760] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 129.419849][ T5760] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 129.705000][ T5760] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 129.933995][ T5760] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80 [ 130.145851][ T5760] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 130.165439][ T5760] usb 3-1: config 0 descriptor?? [ 130.186165][ T5760] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 131.861101][ T6355] kvm: kvm [6354]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x100000000 [ 131.878498][ T6355] kvm: kvm [6354]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x0 [ 131.887963][ T6355] kvm: kvm [6354]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111 [ 131.956898][ T6369] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 131.956898][ T6369] The task syz.0.182 (6369) triggered the difference, watch for misbehavior. [ 132.421704][ T6380] netlink: 16 bytes leftover after parsing attributes in process `syz.3.189'. [ 132.579930][ T6383] netlink: 8 bytes leftover after parsing attributes in process `syz.3.190'. [ 132.589540][ T6383] bond0: option primary: mode dependency failed, not supported in mode balance-rr(0) [ 133.049181][ T5813] usb 3-1: USB disconnect, device number 3 [ 133.263231][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.277161][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.543646][ T6390] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 133.550718][ T6390] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 133.576299][ T6390] vhci_hcd vhci_hcd.0: Device attached [ 133.597773][ T6394] vhci_hcd: connection closed [ 133.621938][ T1088] vhci_hcd: stop threads [ 133.646085][ T1088] vhci_hcd: release socket [ 133.650629][ T1088] vhci_hcd: disconnect device [ 136.366667][ T6431] netlink: 60 bytes leftover after parsing attributes in process `syz.2.210'. [ 136.655591][ T6441] hfsplus: unable to find HFS+ superblock [ 136.855140][ T6443] libceph: resolve '400' (ret=-3): failed [ 142.369765][ T6479] netlink: 'syz.1.226': attribute type 2 has an invalid length. [ 143.277101][ T6490] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 143.518539][ T6502] team0: No ports can be present during mode change [ 144.224359][ T6505] netlink: 8 bytes leftover after parsing attributes in process `syz.2.236'. [ 145.722097][ T5760] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 145.983905][ T5760] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 145.996539][ T5760] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 146.007652][ T5760] usb 4-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00 [ 146.017927][ T5760] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 146.067731][ T5760] usb 4-1: config 0 descriptor?? [ 146.582991][ T5760] playstation 0003:054C:0BA0.0001: unknown main item tag 0x0 [ 146.590909][ T5760] playstation 0003:054C:0BA0.0001: unknown main item tag 0x0 [ 146.611956][ T5760] playstation 0003:054C:0BA0.0001: unknown main item tag 0x0 [ 146.619444][ T5760] playstation 0003:054C:0BA0.0001: unknown main item tag 0x0 [ 146.662083][ T5760] playstation 0003:054C:0BA0.0001: unknown main item tag 0x0 [ 146.671209][ T5760] playstation 0003:054C:0BA0.0001: unknown main item tag 0x0 [ 146.719169][ T5760] playstation 0003:054C:0BA0.0001: unknown main item tag 0x0 [ 146.753628][ T5760] playstation 0003:054C:0BA0.0001: hidraw0: USB HID v0.00 Device [HID 054c:0ba0] on usb-dummy_hcd.3-1/input0 [ 146.860382][ T5760] playstation 0003:054C:0BA0.0001: Invalid byte count transferred, expected 16 got 0 [ 146.870276][ T5760] playstation 0003:054C:0BA0.0001: Failed to retrieve DualShock4 pairing info: -22 [ 146.886284][ T5760] playstation 0003:054C:0BA0.0001: Failed to get MAC address from DualShock4 [ 146.895571][ T5760] playstation 0003:054C:0BA0.0001: Failed to create dualshock4. [ 146.907511][ T5760] playstation: probe of 0003:054C:0BA0.0001 failed with error -22 [ 147.067134][ T968] usb 4-1: USB disconnect, device number 2 [ 168.942149][ T5760] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 169.315446][ T5760] usb 3-1: Using ep0 maxpacket: 8 [ 169.344181][ T5760] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xAD, skipping [ 169.372159][ T5760] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 169.405920][ T5760] usb 3-1: New USB device found, idVendor=0bfd, idProduct=0124, bcdDevice=3a.9f [ 169.431851][ T5760] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 169.440011][ T5760] usb 3-1: Product: syz [ 169.461942][ T5760] usb 3-1: Manufacturer: syz [ 169.466882][ T5760] usb 3-1: SerialNumber: syz [ 169.499107][ T5760] usb 3-1: config 0 descriptor?? [ 169.538877][ T5760] kvaser_usb 3-1:0.0: Cannot get usb endpoint(s) [ 169.991364][ T6596] netlink: 8 bytes leftover after parsing attributes in process `syz.0.267'. [ 170.388776][ T6606] bridge_slave_0: left allmulticast mode [ 170.394900][ T6606] bridge_slave_0: left promiscuous mode [ 170.402417][ T6606] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.450093][ T6606] bridge_slave_1: left allmulticast mode [ 170.471500][ T6606] bridge_slave_1: left promiscuous mode [ 170.488572][ T6606] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.510699][ T6606] bond0: (slave bond_slave_0): Releasing backup interface [ 170.531557][ T6606] bond0: (slave bond_slave_1): Releasing backup interface [ 170.640793][ T6606] team0: Port device team_slave_0 removed [ 170.720758][ T6606] team0: Port device team_slave_1 removed [ 170.883507][ T6606] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 170.978391][ T6606] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 171.175065][ T6606] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 171.334832][ T5847] usb 3-1: USB disconnect, device number 4 [ 171.373384][ T6606] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 171.657321][ T6607] team0: Mode "" not found [ 176.715718][ T6657] syz.0.289 (6657): drop_caches: 2 [ 177.135152][ T6689] hfsplus: unable to find HFS+ superblock [ 177.597197][ T6692] libceph: resolve '400' (ret=-3): failed [ 181.904989][ T6773] netlink: 'syz.0.327': attribute type 7 has an invalid length. [ 181.931968][ T6773] netlink: 'syz.0.327': attribute type 8 has an invalid length. [ 181.941556][ T6764] netlink: 'syz.0.327': attribute type 7 has an invalid length. [ 181.949367][ T6764] netlink: 'syz.0.327': attribute type 8 has an invalid length. [ 182.045820][ T6776] netlink: 68 bytes leftover after parsing attributes in process `syz.1.330'. [ 185.155601][ T6814] netlink: 24 bytes leftover after parsing attributes in process `syz.3.345'. [ 185.586103][ T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 186.612408][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 186.638916][ T9] usb 4-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=b4.8c [ 186.666572][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.690487][ T9] usb 4-1: Product: syz [ 186.695186][ T9] usb 4-1: Manufacturer: syz [ 186.700044][ T9] usb 4-1: SerialNumber: syz [ 186.714641][ T9] usb 4-1: config 0 descriptor?? [ 186.735622][ T9] gspca_main: gspca_topro-2.14.0 probing 06a2:0003 [ 186.940732][ T9] gspca_topro: reg_w err -71 [ 186.991948][ T9] gspca_topro: Sensor soi763a [ 187.086885][ T9] usb 4-1: USB disconnect, device number 3 [ 189.883855][ T968] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 190.076326][ T968] usb 3-1: device descriptor read/64, error -71 [ 190.495010][ T6860] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 190.562101][ T968] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 190.576945][ T6863] macsec2: entered promiscuous mode [ 190.684224][ T6863] macsec2: entered allmulticast mode [ 191.664829][ T968] usb 3-1: device descriptor read/64, error -71 [ 191.952087][ T968] usb usb3-port1: attempt power cycle [ 192.860941][ T6876] binder_alloc: 6874: binder_alloc_buf, no vma [ 193.030262][ T6885] autofs4:pid:6885:autofs_fill_super: called with bogus options [ 193.046579][ T6877] kvm: kvm [6875]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x312f00000000 [ 193.083448][ T6877] kvm: kvm [6875]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0x312f00000001 [ 193.114105][ T6877] kvm: kvm [6875]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x321200000002 [ 193.142077][ T6877] kvm: kvm [6875]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0x321200000003 [ 194.705400][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.713390][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.822215][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 197.884346][ T6928] netlink: 260 bytes leftover after parsing attributes in process `syz.3.385'. [ 197.937705][ T6930] serio: Serial port pts0 [ 201.497959][ T6980] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 202.375840][ T5787] Bluetooth: hci1: command 0x0406 tx timeout [ 202.382252][ T5086] Bluetooth: hci2: command 0x0406 tx timeout [ 202.388465][ T5086] Bluetooth: hci3: command 0x0406 tx timeout [ 202.394554][ T5787] Bluetooth: hci0: command 0x0406 tx timeout [ 203.084630][ T6992] loop8: detected capacity change from 0 to 7 [ 203.344748][ T6992] Dev loop8: unable to read RDB block 7 [ 203.415819][ T6992] loop8: unable to read partition table [ 203.464554][ T6992] loop8: partition table beyond EOD, truncated [ 203.506973][ T6992] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà ) failed (rc=-5) [ 203.554160][ T6991] kvm: kvm [6990]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x312f00000000 [ 203.582388][ T6998] CUSE: unknown device info "" [ 203.592567][ T6991] kvm: kvm [6990]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0x312f00000001 [ 203.600945][ T6998] CUSE: unknown device info "" [ 203.620912][ T6998] CUSE: unknown device info "" [ 203.633935][ T6991] kvm: kvm [6990]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x321200000002 [ 203.636862][ T6998] CUSE: unknown device info "ÿÿÿÿ" [ 203.671974][ T6991] kvm: kvm [6990]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0x321200000003 [ 203.684381][ T6998] CUSE: unknown device info "·" [ 203.689479][ T6998] CUSE: zero length info key specified [ 203.983289][ T7013] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 206.062235][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 206.976798][ T5784] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 207.065530][ T7047] tipc: Started in network mode [ 207.089718][ T7047] tipc: Node identity ac14140f, cluster identity 4711 [ 207.098345][ T7047] tipc: New replicast peer: 127.0.0.1 [ 207.105352][ T7047] tipc: Enabled bearer , priority 10 [ 207.126411][ T7050] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 207.217861][ T7041] kvm: kvm [7040]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x312f00000000 [ 207.257354][ T7041] kvm: kvm [7040]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0x312f00000001 [ 207.279531][ T7041] kvm: kvm [7040]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x321200000002 [ 207.312389][ T7041] kvm: kvm [7040]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0x321200000003 [ 208.598000][ T23] tipc: Node number set to 2886997007 [ 208.848107][ T7063] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 208.936555][ T8] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 210.001893][ T8] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 210.026926][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 210.076141][ T8] usb 4-1: Product: syz [ 210.123826][ T8] usb 4-1: Manufacturer: syz [ 210.190297][ T8] usb 4-1: SerialNumber: syz [ 210.263445][ T8] usb 4-1: config 0 descriptor?? [ 210.758083][ T7075] loop1: detected capacity change from 0 to 2048 [ 210.854669][ T7075] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 210.921374][ T7075] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 211.148814][ T7084] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.434: bg 0: block 345: padding at end of block bitmap is not set [ 211.173172][ T7084] EXT4-fs (loop1): Remounting filesystem read-only [ 211.202422][ T2924] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 211.214317][ T2924] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 211.222933][ T2924] CPU: 0 PID: 2924 Comm: kworker/u4:10 Not tainted syzkaller #0 [ 211.230693][ T2924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 211.240883][ T2924] Workqueue: ext4-rsv-conversion ext4_end_io_rsv_work [ 211.247959][ T2924] RIP: 0010:ext4_ext_map_blocks+0x2d04/0x6800 [ 211.254192][ T2924] Code: 8b 04 24 89 18 89 9c 24 38 01 00 00 4c 8b 7c 24 10 4d 85 ff 0f 84 bd 00 00 00 e8 c7 e0 58 ff 49 8d 7f 08 48 89 f8 48 c1 e8 03 <42> 0f b6 04 30 84 c0 0f 85 3d 1e 00 00 41 0f b7 47 08 c1 e0 04 48 [ 211.274099][ T2924] RSP: 0018:ffffc9000bac7520 EFLAGS: 00010246 [ 211.280379][ T2924] RAX: 0000000000000000 RBX: fffffffffffffffb RCX: ffff88802bdbbc00 [ 211.288391][ T2924] RDX: 0000000000000000 RSI: ffffffff8acac9e0 RDI: 0000000000000003 [ 211.296406][ T2924] RBP: ffffc9000bac77d0 R08: ffffffff911c559f R09: 1ffffffff2238ab3 [ 211.304424][ T2924] R10: dffffc0000000000 R11: fffffbfff2238ab4 R12: 0000000000000001 [ 211.312697][ T2924] R13: 1ffff92001758ed0 R14: dffffc0000000000 R15: fffffffffffffffb [ 211.320796][ T2924] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 211.329837][ T2924] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.336437][ T2924] CR2: 0000200000071000 CR3: 000000002bd65000 CR4: 00000000003506f0 [ 211.344515][ T2924] Call Trace: [ 211.347809][ T2924] [ 211.350854][ T2924] ? rwsem_down_read_slowpath+0x880/0x880 [ 211.356595][ T2924] ? lock_acquire+0x208/0x420 [ 211.361307][ T2924] ? ext4_ext_release+0x10/0x10 [ 211.366439][ T2924] ? ext4_es_lookup_extent+0x60e/0xa00 [ 211.372061][ T2924] ext4_map_blocks+0x9e2/0x1b80 [ 211.377246][ T2924] ? ext4_issue_zeroout+0x250/0x250 [ 211.382479][ T2924] ? ext4_journal_check_start+0x178/0x250 [ 211.388304][ T2924] ? __ext4_journal_start_sb+0x259/0x560 [ 211.393956][ T2924] ext4_convert_unwritten_extents+0x2c2/0x5f0 [ 211.400050][ T2924] ? trace_ext4_fallocate_exit+0x1d0/0x1d0 [ 211.405871][ T2924] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 211.411951][ T2924] ? lockdep_hardirqs_on+0x98/0x150 [ 211.417168][ T2924] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 211.423249][ T2924] ? _raw_spin_unlock+0x40/0x40 [ 211.428110][ T2924] ext4_convert_unwritten_io_end_vec+0xff/0x170 [ 211.434458][ T2924] ext4_end_io_rsv_work+0x2f5/0x690 [ 211.439844][ T2924] ? ext4_last_io_end_vec+0x70/0x70 [ 211.445141][ T2924] ? _raw_spin_unlock_irq+0x23/0x50 [ 211.450522][ T2924] ? process_scheduled_works+0x96f/0x15d0 [ 211.456339][ T2924] ? process_scheduled_works+0x96f/0x15d0 [ 211.462153][ T2924] process_scheduled_works+0xa5d/0x15d0 [ 211.467932][ T2924] ? worker_attach_to_pool+0x380/0x380 [ 211.473440][ T2924] ? assign_work+0x3d2/0x5d0 [ 211.478145][ T2924] worker_thread+0xa55/0xfc0 [ 211.482763][ T2924] kthread+0x2fa/0x390 [ 211.486928][ T2924] ? pr_cont_work+0x560/0x560 [ 211.491618][ T2924] ? kthread_blkcg+0xd0/0xd0 [ 211.496306][ T2924] ret_from_fork+0x48/0x80 [ 211.500752][ T2924] ? kthread_blkcg+0xd0/0xd0 [ 211.505435][ T2924] ret_from_fork_asm+0x11/0x20 [ 211.510226][ T2924] [ 211.513298][ T2924] Modules linked in: [ 211.533937][ T2924] ---[ end trace 0000000000000000 ]--- [ 211.543266][ T2924] RIP: 0010:ext4_ext_map_blocks+0x2d04/0x6800 [ 211.549503][ T2924] Code: 8b 04 24 89 18 89 9c 24 38 01 00 00 4c 8b 7c 24 10 4d 85 ff 0f 84 bd 00 00 00 e8 c7 e0 58 ff 49 8d 7f 08 48 89 f8 48 c1 e8 03 <42> 0f b6 04 30 84 c0 0f 85 3d 1e 00 00 41 0f b7 47 08 c1 e0 04 48 [ 211.616873][ T2924] RSP: 0018:ffffc9000bac7520 EFLAGS: 00010246 [ 211.623706][ T2924] RAX: 0000000000000000 RBX: fffffffffffffffb RCX: ffff88802bdbbc00 [ 211.632737][ T2924] RDX: 0000000000000000 RSI: ffffffff8acac9e0 RDI: 0000000000000003 [ 211.641173][ T2924] RBP: ffffc9000bac77d0 R08: ffffffff911c559f R09: 1ffffffff2238ab3 [ 211.650823][ T2924] R10: dffffc0000000000 R11: fffffbfff2238ab4 R12: 0000000000000001 [ 211.659351][ T2924] R13: 1ffff92001758ed0 R14: dffffc0000000000 R15: fffffffffffffffb [ 211.667967][ T2924] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 211.677386][ T2924] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.684305][ T2924] CR2: 00007fcb8b9ea2f8 CR3: 000000002f22d000 CR4: 00000000003506e0 [ 211.692746][ T2924] Kernel panic - not syncing: Fatal exception [ 211.699055][ T2924] Kernel Offset: disabled [ 211.703741][ T2924] Rebooting in 86400 seconds..