last executing test programs:
1.856423184s ago: executing program 2 (id=3):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000180)=@multiplanar_mmap={0x0, 0x2, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'y)\x00'}, 0x0, 0x1, {0x0}, 0xea})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000080)=0x2)
1.701121018s ago: executing program 2 (id=6):
socket$vsock_stream(0x28, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="2800000014001901000000000000000228"], 0x28}}, 0x0)
1.534114291s ago: executing program 2 (id=7):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000140)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1, 0x2, 0xfffffffc}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x7, 0x1, 0x80, 0x0, 0x1})
1.443838558s ago: executing program 2 (id=8):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffb, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)='\x00\x00\x00\x00\x00\x00', 0x0, 0x0, 0x0, 0xffffffff, 0x0})
write$tun(r1, &(0x7f0000000400)=ANY=[], 0xa2)
1.312824948s ago: executing program 2 (id=9):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000000000000000000000001850000000000020000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffff0, 0x0, 0x0, 0x0, &(0x7f0000000080)}, 0x9a)
1.204070844s ago: executing program 0 (id=1):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000700)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@resgid}, {@errors_continue}, {@quota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
fadvise64(r0, 0x7f, 0x0, 0x4)
1.143944905s ago: executing program 2 (id=10):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x5, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_ep_write(r0, 0x81, 0x1, &(0x7f00000001c0)='P')
846.953668ms ago: executing program 3 (id=4):
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f00000000c0)='./file2\x00', 0x3200c00, &(0x7f0000000340)=ANY=[], 0x1, 0xab6, &(0x7f0000000ec0)="$eJzs3U2MG1cBAOBn73qTTVLilIQuSWkTftry091ms4SfCJqqERJRU3GrVHGJ0rREpOEnlaBVJZJc6I1WVbhCEaciUQFCai8o6olLJRqJS0+FAweiIFXiAKWJ0drveccvdsfOZtf2+vukt88z79nvzezMeDwz770ATKxq8+/S0lwlhItvvHzkn/f8Y3Z5zoPtHPXm3+k0WQmh1oo650fvTrXia+89f6JbXAmLzb9pOjx6tf3erSGEc2FvuBTqYffFyy+9tfjIsfNHL+x7+9VDV9Zk4QEAYMJ869KhpV1/+8ueHe+/dtfhsKk9P52f1+P0ttA67z8cT/zT+X81dE5XCqFoJss3HUM1yzfVJV+xnFqWb7pH+TPZ59ba6Xs68m0qKX+qMK/bcsM4S9txPcyE+Y7panV+vvWbPDR/189U5s+cOv3k2SFVFLjl/n13CGGvMGhoNBo/aa7AEaiLINxsaGwf9hEIoCW/X3iDc/mVhdVpf9p0f+Vffaja/f1wC6z39q/88Sr/1+cdcbh1NurWlJYr7Ufb4nR+HyF/fmnQ/T99Xn4/otZnPXvdRxiX+wu96jm1zvW4Wb3qn28XG9XX4p2ytB6+nqUX95/8fzou/2Ogu/+s1/X/V2aHfq1zOexd3/Jua6/otSxnrT9/kFAb47pPYGgM5agDjIOV5+ZaGlFKz5/ry9M3laRvLkmfLUnfUpK+tSQdJtkfnvlZeLGy8js//00/6PWwdJ0tnfh+ZMD65NcjBy0/f+53UKstP3+eGEbZ68cfO/nlJx6/3Hr+v9Le/q/H7T39RKvHfetSzJCuF+bX1dvP/tc7y6n2yHd7Vp/bbsjfaJW4szNfZefK54TCceaGeswV3/WDG+rTzndn5+fXs3yzMWzO6pufn2zJ3pfOP9JxNa2v6Wx5a9lyzGT1SMeVHTHO6wE3I22P9VCpdnv+P22fc6FWefLU6ZMPxOm0nf55qrZpef7+4of+Zn3qDqzOyv7eff9P319zobP9z7b2/Fq1eFzYvjK/Ujwu1LP5i63J9m3yNP9AnE7fc9+Zmm3Onz/xvdNP3OqFhwl39tnnvnv89OmTP9wwLw6HVX7O7FislnTkHJX69PPig8ZIVMOLfl6UHTk26pODMDkWnnn6+wtnn33u/lNPH3/q5FMnzxw4ePDA4uLBrxxYWmie1y8Uz+6BjWTlS3/YNQEAAAAAAAAAAAD69aOjRy7/9c0vvdNq/7/S/i+1/09P/qb2/y9k7f/zdvKpVUBqB7ijS3pz3L3XO+sxk+WrxfDRrL47s3J2Ze/7WIzb4/jF9v+pvX3er2uqzx3Z/Lz/3pRvLpuf95cyk/VB0h4vMDbY/2ScvhDjXwUYosps99kx/tD+rX/7Qjt/6p9CvxTjKf3f0taQ+jFJ7b979euUjv871qGO3Hrr0Zxw2MsIdPevkR//s3Am3jvf1PDrGRqN4ddh9eHD17OwwUKjYRQPYDQMe/zPdN0zxWf+9M3NyyFlu/pQ5/Ey778UVmPUx59U/sYa/7M9/l1fx78uvat39PPc/+gK//3FlXcKxYbd/R5/8+VP/UDvLC+z6P1Yflr+e0N/5TdeycrPbwj16X9Z+Vv6LP+G5b+zrKTuIxl+EMtPq+2+T/VbfqvGlWpnPfLrxun+X37dOLmWLX/q23Pg5b/JgRqvx/JhkvUeZ7bfEWxHU7fxf6dHcPzfXvLnML4Yp9OBMD3nkH8jD1r/9HxF+h7YlX1+peT7bVzGKe5l0sf//WqMy/aHNP5v2h7rXaarhelal3U77tsKbDTvjvz9vzEL50agDoOGn45AHSYijMYY2MXQaDSG2pF3eeFb1qUek2rYvbgP++7zsMsf9vovk4//m5/D5+P/VrMfEPn4v/n78/F/8/R8fL08fUsspJLlS/Lxf/P0O7LPza9gz5Wkf7wkfXdJ+p6V9Nks/RvFevZ6/ydK0veVpN9Vkn53SfrtJelTJemfLkn/TEn6PSXp95Wkf7YkfaNrtkcp7FSTtvwwyfL2efZ/mBzp/k+v/X9nSTowvn7+2v6HH//9t+ut9v8z7d9r6T7e4Thdi7+dfxyn8/veoTC9nPZmnP57lj7q1ztgkuT9Z+Tf7/eWpAPjKz3nZf+GCVTp3mNPfr+tV79Vvc7zGS+fi/HnY/yFGN8f4/kYL8R4f4wX16l+rI2Hf/fHQy9WVn7vb8/S+32ePG8PlPcTdaDP+uTXBwZ9nj3vx29Qqy3/JpuDAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADE21+Xdpaa4SwsU3Xj7y2LFTC8tzHmznqDf/Themau33hfBAjKdi/Mv44tp7z58oxtdjXAmLoRIq7fnh0avtkraGEM6FveFSqIfdFy+/9NbiI8fOH72w7+1XD11ZuzUAAAAAG9//AwAA//+1ERnn")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffa)
sendfile(r0, r0, 0x0, 0x800000009)
409.383891ms ago: executing program 3 (id=11):
r0 = semget(0x1, 0x4, 0x39c)
semop(r0, &(0x7f0000000080)=[{0x1, 0x8001, 0x1000}, {0x1, 0x5b7a, 0x800}], 0x2)
semop(r0, &(0x7f00000001c0)=[{0x1, 0xbbdd, 0x1000}], 0x1)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000300)=[0x6, 0x7fff])
307.938749ms ago: executing program 1 (id=2):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000001200)={[{@nodiscard}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@nobarrier}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xeb}}, {@abort}, {@user_xattr}, {@bh}, {@errors_remount}]}, 0x1, 0x577, &(0x7f0000000b80)="$eJzs3c9rHOUbAPBnNkl/f79JoRQVkUAPVmo3TWK1god6FC0W9F6XZBpKNt2S3ZQmFmwP9uJFiiBiQbzrXfBS/Af8KwpaKFKCHrxEZjObbptNd9tOm23384EJ77szu+88887z5p2dXTaAgTWe/SlFvBwRXycRoxGR5OuGI185vr7d6t3LM9mSxNraJ38lze2yeuu1Ws/bm1deiojfvow4Utrcbn15Zb5SraaLeX2isXBhor68cvTcQmUunUvPT01Pnzg+PfXuO28XFusbp//57uObH5z46tDqtz/f3n89iZOxL1/XHscTuNJeGY/x/JiMxMkHNpwsoLH+MbrR9zxfhvI8H4lsDBiNoTzrgRffFxGxBgyoRP7DgGrNA1rX9gVdBz837ry/fgG0Of7h9fdGYlfz2mjPanLflVF2vTtWQPtZG7/8eeN6tkRx70MAdHXlakQcGx7ePP4l+fj3+I71sM2DbRj/4Nm5mc1/3uw0/yltzH+iw/xnb4fcfRzd8790u4BmtpTN/97rOP/duGk1NpTX/tec840kZ89V02xs+39EHI6RnVn9YfdzTqzeWttqXfv8L1uy9ltzwXw/bg/vvP85s5VG5UlibnfnasQrHee/yUb/Jx36Pzsep3ts42B647Wt1nWP/+la+zHi9Y79f++OVvLw+5MTzfNhonVWbPb3tYO/b9X+dsef9f+eh8c/lrTfr60/ehs/7Po33WrdffFH7+f/juTTZnlH/tilSqOxOBmxI/lo8+NT957bqre2z+I/fCiP/9eI6DD+dTr/d0fEZz3Gf+3AT6/2FH+3/n8KN1mz+Gcfqf8fvXDrw8+/f/z4s/5/q1k6nD/Sy/jX6w4+ybEDAAAAAACAflOKiH2RlMob5VKpXF7/fMeB2FOq1uqNI2drS+dno/ld2bEYKbXudI+2fR5iMv88bKs+9UB9OiL2R8Q3Q7ub9fJMrTq73cEDAAAAAAAAAAAAAAAAAABAn9i7xff/M38MbffeAU+dn/yGwdU1/4v4pSegL/n/D4NL/sPgkv8wuOQ/DC75D4NL/sPgkv8wuOQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAFOr0qVPZsrZ69/JMVp+9uLw0X7t4dDatz5cXlmbKM7XFC+W5Wm2umpZnagvdXq9aq12YnIqlSxONtN6YqC+vnFmoLZ1vnDm3UJlLz6QjzyQqAAAAAAAAAAAAAAAAAAAAeL7Ul1fmK9VqulhQ4XjRL1hMYXcebr/sT3GFJCK2dTeG++AgNAsRfbEbL0phmwcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjzXwAAAP//JocvbA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x20042, 0x0)
pwrite64(r0, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)='system.posix_acl_access\x00', &(0x7f0000000380)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
237.578801ms ago: executing program 0 (id=12):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000180)=0xffff7b6e, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f00000001c0)=0x7, 0x4)
getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000280))
69.841076ms ago: executing program 4 (id=5):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f00000000c0)={@hyper})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000040)={&(0x7f0000000780)={{@host}, {@hyper}, 0x400, "884fbe2726aa0a32f3e65f908292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c51a69bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b83172d07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8babfc02975ad0d60ed8de9cf8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f303000000a640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c607000000000000008e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411da80e8ab2102a97e539c34e9c769a7dafb87c5918deb59ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e6579c69e6466bc0cbef1536519ca409876268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162e6abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c90000000000000100"}, 0x418, 0xfffffffe})
0s ago: executing program 3 (id=13):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4)
membarrier(0x4, 0x0)
kernel console output (not intermixed with test programs):
Warning: Permanently added '10.128.1.136' (ED25519) to the list of known hosts.
[ 78.471161][ T5813] cgroup: Unknown subsys name 'net'
[ 78.641799][ T5813] cgroup: Unknown subsys name 'cpuset'
[ 78.650680][ T5813] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 80.082143][ T5813] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 82.171483][ T5842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 82.171488][ T5841] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 82.173117][ T5841] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 82.179729][ T5842] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 82.187097][ T5841] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 82.193754][ T5842] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 82.202511][ T5841] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 82.209144][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 82.215457][ T5841] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 82.222706][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 82.235912][ T5841] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 82.250473][ T5841] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 82.250976][ T5842] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 82.258080][ T5841] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 82.267181][ T5843] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 82.272891][ T5841] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 82.281171][ T5842] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 82.287411][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 82.293752][ T5842] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 82.302304][ T5841] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 82.309881][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 82.314931][ T5841] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 82.329083][ T5842] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 82.337364][ T5842] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 82.345048][ T5842] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 82.935887][ T5823] chnl_net:caif_netlink_parms(): no params data found
[ 83.105387][ T5828] chnl_net:caif_netlink_parms(): no params data found
[ 83.195944][ T5826] chnl_net:caif_netlink_parms(): no params data found
[ 83.237368][ T5824] chnl_net:caif_netlink_parms(): no params data found
[ 83.293236][ T5827] chnl_net:caif_netlink_parms(): no params data found
[ 83.318345][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.325603][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state
[ 83.334345][ T5823] bridge_slave_0: entered allmulticast mode
[ 83.346385][ T5823] bridge_slave_0: entered promiscuous mode
[ 83.404016][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.411635][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state
[ 83.418866][ T5823] bridge_slave_1: entered allmulticast mode
[ 83.425863][ T5823] bridge_slave_1: entered promiscuous mode
[ 83.460125][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.467401][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state
[ 83.474773][ T5828] bridge_slave_0: entered allmulticast mode
[ 83.481795][ T5828] bridge_slave_0: entered promiscuous mode
[ 83.523743][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.530938][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state
[ 83.538073][ T5828] bridge_slave_1: entered allmulticast mode
[ 83.545554][ T5828] bridge_slave_1: entered promiscuous mode
[ 83.605902][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 83.651995][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 83.692123][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 83.725319][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.732799][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state
[ 83.740398][ T5826] bridge_slave_0: entered allmulticast mode
[ 83.747512][ T5826] bridge_slave_0: entered promiscuous mode
[ 83.768178][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 83.788742][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.795985][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state
[ 83.803969][ T5824] bridge_slave_0: entered allmulticast mode
[ 83.812408][ T5824] bridge_slave_0: entered promiscuous mode
[ 83.821022][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.828329][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state
[ 83.835552][ T5826] bridge_slave_1: entered allmulticast mode
[ 83.842980][ T5826] bridge_slave_1: entered promiscuous mode
[ 83.876149][ T5823] team0: Port device team_slave_0 added
[ 83.886577][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.894184][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state
[ 83.901988][ T5824] bridge_slave_1: entered allmulticast mode
[ 83.909336][ T5824] bridge_slave_1: entered promiscuous mode
[ 83.928002][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.935381][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state
[ 83.942809][ T5827] bridge_slave_0: entered allmulticast mode
[ 83.950016][ T5827] bridge_slave_0: entered promiscuous mode
[ 83.969944][ T5823] team0: Port device team_slave_1 added
[ 83.998661][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state
[ 84.005886][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state
[ 84.013897][ T5827] bridge_slave_1: entered allmulticast mode
[ 84.021358][ T5827] bridge_slave_1: entered promiscuous mode
[ 84.029941][ T5828] team0: Port device team_slave_0 added
[ 84.059943][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 84.083317][ T5828] team0: Port device team_slave_1 added
[ 84.103459][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 84.114984][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 84.151957][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 84.158948][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 84.184873][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 84.198894][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 84.221002][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 84.242895][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 84.250495][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 84.276852][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 84.310543][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 84.320788][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 84.327729][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 84.353868][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 84.368992][ T5835] Bluetooth: hci1: command tx timeout
[ 84.369036][ T5841] Bluetooth: hci4: command tx timeout
[ 84.374731][ T5148] Bluetooth: hci0: command tx timeout
[ 84.385959][ T5842] Bluetooth: hci3: command tx timeout
[ 84.400437][ T5826] team0: Port device team_slave_0 added
[ 84.420464][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 84.427478][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 84.454233][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 84.458439][ T5842] Bluetooth: hci2: command tx timeout
[ 84.468860][ T5824] team0: Port device team_slave_0 added
[ 84.478295][ T5826] team0: Port device team_slave_1 added
[ 84.505044][ T5824] team0: Port device team_slave_1 added
[ 84.535231][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 84.542913][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 84.569647][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 84.593688][ T5827] team0: Port device team_slave_0 added
[ 84.612146][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 84.619513][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 84.645455][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 84.669712][ T5827] team0: Port device team_slave_1 added
[ 84.725183][ T5823] hsr_slave_0: entered promiscuous mode
[ 84.732747][ T5823] hsr_slave_1: entered promiscuous mode
[ 84.752519][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 84.759628][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 84.787130][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 84.805158][ T5828] hsr_slave_0: entered promiscuous mode
[ 84.811547][ T5828] hsr_slave_1: entered promiscuous mode
[ 84.817701][ T5828] debugfs: 'hsr0' already exists in 'hsr'
[ 84.823732][ T5828] Cannot create hsr debugfs directory
[ 84.842804][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 84.850074][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 84.876455][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 84.891262][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 84.898467][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 84.924941][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 84.986393][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 84.993515][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 85.020045][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 85.068848][ T5826] hsr_slave_0: entered promiscuous mode
[ 85.075259][ T5826] hsr_slave_1: entered promiscuous mode
[ 85.082090][ T5826] debugfs: 'hsr0' already exists in 'hsr'
[ 85.087973][ T5826] Cannot create hsr debugfs directory
[ 85.208062][ T5824] hsr_slave_0: entered promiscuous mode
[ 85.214622][ T5824] hsr_slave_1: entered promiscuous mode
[ 85.220918][ T5824] debugfs: 'hsr0' already exists in 'hsr'
[ 85.226650][ T5824] Cannot create hsr debugfs directory
[ 85.267881][ T5827] hsr_slave_0: entered promiscuous mode
[ 85.274296][ T5827] hsr_slave_1: entered promiscuous mode
[ 85.280684][ T5827] debugfs: 'hsr0' already exists in 'hsr'
[ 85.286421][ T5827] Cannot create hsr debugfs directory
[ 85.748053][ T5823] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 85.774381][ T5823] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 85.791111][ T5823] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 85.829370][ T5823] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 85.905063][ T5826] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 85.946147][ T5826] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 85.956648][ T5826] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 85.985048][ T5826] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 86.043619][ T5828] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 86.064842][ T5828] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 86.077630][ T5828] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 86.095203][ T5828] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 86.252994][ T5824] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 86.273427][ T5824] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 86.284971][ T5824] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 86.296818][ T5824] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 86.354977][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[ 86.433376][ T5827] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 86.443789][ T5827] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 86.450715][ T5148] Bluetooth: hci3: command tx timeout
[ 86.450736][ T5841] Bluetooth: hci0: command tx timeout
[ 86.456186][ T5835] Bluetooth: hci1: command tx timeout
[ 86.467974][ T5842] Bluetooth: hci4: command tx timeout
[ 86.484316][ T5827] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 86.495280][ T5827] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 86.512202][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[ 86.528682][ T5835] Bluetooth: hci2: command tx timeout
[ 86.555008][ T2085] bridge0: port 1(bridge_slave_0) entered blocking state
[ 86.562222][ T2085] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 86.572611][ T2085] bridge0: port 2(bridge_slave_1) entered blocking state
[ 86.579800][ T2085] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 86.610019][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0
[ 86.716903][ T5826] 8021q: adding VLAN 0 to HW filter on device team0
[ 86.743714][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0
[ 86.756207][ T2085] bridge0: port 1(bridge_slave_0) entered blocking state
[ 86.763348][ T2085] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 86.810840][ T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 86.817974][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 86.842004][ T5828] 8021q: adding VLAN 0 to HW filter on device team0
[ 86.882140][ T2085] bridge0: port 1(bridge_slave_0) entered blocking state
[ 86.889285][ T2085] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 86.936209][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0
[ 86.953705][ T2085] bridge0: port 2(bridge_slave_1) entered blocking state
[ 86.960947][ T2085] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 86.980066][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0
[ 87.061121][ T5824] 8021q: adding VLAN 0 to HW filter on device team0
[ 87.072664][ T5827] 8021q: adding VLAN 0 to HW filter on device team0
[ 87.120966][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 87.128214][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 87.152087][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 87.159300][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 87.206339][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 87.213571][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 87.232076][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 87.239289][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 87.289584][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 87.475072][ T5824] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 87.498178][ T5824] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 87.685405][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 87.751529][ T5823] veth0_vlan: entered promiscuous mode
[ 87.790538][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 87.827366][ T5823] veth1_vlan: entered promiscuous mode
[ 87.947148][ T5823] veth0_macvtap: entered promiscuous mode
[ 87.961743][ T5826] veth0_vlan: entered promiscuous mode
[ 87.977320][ T5823] veth1_macvtap: entered promiscuous mode
[ 87.997839][ T5826] veth1_vlan: entered promiscuous mode
[ 88.011844][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 88.026352][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 88.066713][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 88.074779][ T5828] veth0_vlan: entered promiscuous mode
[ 88.101170][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 88.150805][ T1342] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.161623][ T1342] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.172049][ T5828] veth1_vlan: entered promiscuous mode
[ 88.182274][ T1342] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.213207][ T1342] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.263910][ T5826] veth0_macvtap: entered promiscuous mode
[ 88.305256][ T5826] veth1_macvtap: entered promiscuous mode
[ 88.352448][ T5827] veth0_vlan: entered promiscuous mode
[ 88.396280][ T5828] veth0_macvtap: entered promiscuous mode
[ 88.442716][ T2085] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 88.452988][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 88.461383][ T2085] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 88.477819][ T5828] veth1_macvtap: entered promiscuous mode
[ 88.501241][ T5827] veth1_vlan: entered promiscuous mode
[ 88.518858][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 88.529058][ T5148] Bluetooth: hci3: command tx timeout
[ 88.529259][ T5841] Bluetooth: hci0: command tx timeout
[ 88.534507][ T5842] Bluetooth: hci4: command tx timeout
[ 88.545556][ T5835] Bluetooth: hci1: command tx timeout
[ 88.565617][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 88.573666][ T2085] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.582820][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 88.594313][ T2085] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.608494][ T5835] Bluetooth: hci2: command tx timeout
[ 88.620193][ T2085] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.630827][ T2085] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.666029][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 88.672836][ T5823] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 88.687742][ T5824] veth0_vlan: entered promiscuous mode
[ 88.710432][ T5824] veth1_vlan: entered promiscuous mode
[ 88.759684][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 88.832243][ T1342] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.842533][ T1342] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.861539][ T1342] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.870410][ T1342] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.897552][ T5827] veth0_macvtap: entered promiscuous mode
[ 88.943366][ T5827] veth1_macvtap: entered promiscuous mode
[ 88.982385][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 89.010797][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 89.034957][ T5824] veth0_macvtap: entered promiscuous mode
[ 89.085601][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 89.131853][ T5824] veth1_macvtap: entered promiscuous mode
[ 89.146130][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 89.173896][ T3443] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 89.196674][ T3443] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 89.225323][ T3443] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.243426][ T3443] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.272650][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 89.280621][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 89.299230][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 89.323563][ T3443] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.351510][ T3443] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.448872][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 89.474211][ T5958] loop0: detected capacity change from 0 to 2048
[ 89.521972][ T1154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 89.550120][ T5958] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 89.561206][ T1154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 89.563673][ T5958] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 89.593393][ T36] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.647649][ T36] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.697907][ T36] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.726856][ T36] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.738901][ T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 89.748490][ T5965] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1: bg 0: block 345: padding at end of block bitmap is not set
[ 89.791939][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 89.812765][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 89.814638][ T5965] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 737 with error 117
[ 89.835377][ T5965] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 89.835377][ T5965]
[ 89.863975][ T5967] loop3: detected capacity change from 0 to 2048
[ 89.906281][ T5967] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 89.908485][ T9] usb 3-1: Using ep0 maxpacket: 16
[ 89.931587][ T2968] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 89.948158][ T2968] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 89.959394][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 89.969241][ T5889] udevd[5889]: incorrect nilfs2 checksum on /dev/loop3
[ 89.979152][ T9] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 89.992040][ T5968] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 90.021832][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 90.041897][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 90.058495][ T30] audit: type=1800 audit(1764838669.646:2): pid=5967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4" name="file1" dev="loop3" ino=15 res=0 errno=0
[ 90.074593][ T9] usb 3-1: config 0 descriptor??
[ 90.082325][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 90.124731][ T5967] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[ 90.144381][ T5967] Remounting filesystem read-only
[ 90.227794][ T3443] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 90.261195][ T3443] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 90.358989][ T2085] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 753 with max blocks 1 with error 28
[ 90.403826][ T2085] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 90.403826][ T2085]
[ 90.438050][ T5973] loop1: detected capacity change from 0 to 1024
[ 90.438957][ T2085] EXT4-fs (loop0): Total free blocks count 0
[ 90.452943][ T2085] EXT4-fs (loop0): Free/Dirty block details
[ 90.462120][ T2085] EXT4-fs (loop0): free_blocks=0
[ 90.467642][ T2085] EXT4-fs (loop0): dirty_blocks=16
[ 90.479097][ T5973] =======================================================
[ 90.479097][ T5973] WARNING: The mand mount option has been deprecated and
[ 90.479097][ T5973] and is ignored by this kernel. Remove the mand
[ 90.479097][ T5973] option from the mount to silence this warning.
[ 90.479097][ T5973] =======================================================
[ 90.523521][ T2085] EXT4-fs (loop0): Block reservation details
[ 90.576247][ T5973] EXT4-fs: Ignoring removed bh option
[ 90.591237][ T9] mcp2221 0003:04D8:00DD.0001: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0
[ 90.630937][ T5835] Bluetooth: hci4: command tx timeout
[ 90.636401][ T5835] Bluetooth: hci1: command tx timeout
[ 90.644566][ T5841] Bluetooth: hci3: command tx timeout
[ 90.651337][ T5842] Bluetooth: hci0: command tx timeout
[ 90.689782][ T5842] Bluetooth: hci2: command tx timeout
[ 90.713628][ T5973] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 90.746834][ C0] ==================================================================
[ 90.755025][ C0] BUG: KASAN: slab-out-of-bounds in mcp2221_raw_event+0x106a/0x1240
[ 90.763027][ C0] Read of size 1 at addr ffff8880556b3fff by task syz-executor/5826
[ 90.771025][ C0]
[ 90.773378][ C0] CPU: 0 UID: 0 PID: 5826 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)
[ 90.773406][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 90.773425][ C0] Call Trace:
[ 90.773434][ C0]
[ 90.773442][ C0] dump_stack_lvl+0x189/0x250
[ 90.773471][ C0] ? __virt_addr_valid+0x1c8/0x5c0
[ 90.773498][ C0] ? rcu_is_watching+0x15/0xb0
[ 90.773522][ C0] ? __pfx_dump_stack_lvl+0x10/0x10
[ 90.773545][ C0] ? rcu_is_watching+0x15/0xb0
[ 90.773569][ C0] ? lock_release+0x4b/0x3b0
[ 90.773587][ C0] ? _raw_spin_lock_irqsave+0xb3/0xf0
[ 90.773615][ C0] ? __virt_addr_valid+0x1c8/0x5c0
[ 90.773638][ C0] ? __virt_addr_valid+0x4a5/0x5c0
[ 90.773662][ C0] print_report+0xca/0x240
[ 90.773682][ C0] ? mcp2221_raw_event+0x106a/0x1240
[ 90.773705][ C0] kasan_report+0x118/0x150
[ 90.773728][ C0] ? mcp2221_raw_event+0x106a/0x1240
[ 90.773754][ C0] mcp2221_raw_event+0x106a/0x1240
[ 90.773779][ C0] ? down_trylock+0x50/0xb0
[ 90.773797][ C0] hid_input_report+0x41d/0x580
[ 90.773828][ C0] ? __pfx_mcp2221_raw_event+0x10/0x10
[ 90.773852][ C0] hid_irq_in+0x47e/0x6d0
[ 90.773880][ C0] __usb_hcd_giveback_urb+0x376/0x540
[ 90.773905][ C0] dummy_timer+0x85f/0x45b0
[ 90.773946][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 90.773982][ C0] ? __pfx_dummy_timer+0x10/0x10
[ 90.774003][ C0] ? debug_object_deactivate+0x6d/0x360
[ 90.774027][ C0] ? __pfx_dummy_timer+0x10/0x10
[ 90.774047][ C0] ? __pfx_dummy_timer+0x10/0x10
[ 90.774066][ C0] __hrtimer_run_queues+0x51c/0xc30
[ 90.774090][ C0] ? ktime_get_update_offsets_now+0x67/0x3d0
[ 90.774118][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10
[ 90.774140][ C0] ? read_tsc+0x9/0x20
[ 90.774165][ C0] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 90.774189][ C0] hrtimer_run_softirq+0x187/0x2b0
[ 90.774219][ C0] handle_softirqs+0x27d/0x850
[ 90.774241][ C0] ? __irq_exit_rcu+0xca/0x1f0
[ 90.774263][ C0] ? __pfx_handle_softirqs+0x10/0x10
[ 90.774285][ C0] ? irqtime_account_irq+0xb6/0x1c0
[ 90.774312][ C0] __irq_exit_rcu+0xca/0x1f0
[ 90.774331][ C0] ? __pfx___irq_exit_rcu+0x10/0x10
[ 90.774354][ C0] irq_exit_rcu+0x9/0x30
[ 90.774372][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 90.774402][ C0]
[ 90.774408][ C0]
[ 90.774415][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 90.774438][ C0] RIP: 0010:_raw_spin_unlock_irq+0x29/0x50
[ 90.774464][ C0] Code: 90 f3 0f 1e fa 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 1a 29 41 f6 48 89 df e8 52 a0 41 f6 e8 8d 0a 6c f6 fb bf 01 00 00 00 f2 8f 33 f6 65 8b 05 ab e0 20 07 85 c0 74 07 5b e9 d1 4b 00 00
[ 90.774479][ C0] RSP: 0000:ffffc90003e7f5d8 EFLAGS: 00000286
[ 90.774498][ C0] RAX: 85d1a74d730c5d00 RBX: ffff888067be83a8 RCX: 85d1a74d730c5d00
[ 90.774513][ C0] RDX: 0000000000000006 RSI: ffffffff8d7902e8 RDI: 0000000000000001
[ 90.774527][ C0] RBP: ffffc90003e7f9f0 R08: ffffffff8f81f577 R09: 1ffffffff1f03eae
[ 90.774541][ C0] R10: dffffc0000000000 R11: fffffbfff1f03eaf R12: dffffc0000000000
[ 90.774556][ C0] R13: 1ffff1100cf7d074 R14: ffff888067be83a0 R15: ffff888067be83a8
[ 90.774579][ C0] ? _raw_spin_unlock_irq+0x23/0x50
[ 90.774604][ C0] filemap_remove_folio+0xee/0x1f0
[ 90.774633][ C0] truncate_inode_folio+0x5d/0x70
[ 90.774659][ C0] shmem_undo_range+0x3a9/0x1490
[ 90.774691][ C0] ? __pfx_shmem_undo_range+0x10/0x10
[ 90.774724][ C0] ? is_bpf_text_address+0x26/0x2b0
[ 90.774753][ C0] ? __lock_acquire+0x6b6/0x2cf0
[ 90.774777][ C0] ? stack_depot_save_flags+0x40/0x850
[ 90.774805][ C0] shmem_evict_inode+0x26e/0xa70
[ 90.774828][ C0] ? inode_wait_for_writeback+0x14d/0x370
[ 90.774859][ C0] ? __pfx_shmem_evict_inode+0x10/0x10
[ 90.774879][ C0] ? __pfx_inode_wait_for_writeback+0x10/0x10
[ 90.774919][ C0] ? do_raw_spin_unlock+0x122/0x240
[ 90.774946][ C0] ? __pfx_shmem_evict_inode+0x10/0x10
[ 90.774967][ C0] evict+0x5f4/0xae0
[ 90.774986][ C0] ? __pfx_evict+0x10/0x10
[ 90.775002][ C0] ? do_raw_spin_unlock+0x122/0x240
[ 90.775031][ C0] ? _raw_spin_unlock+0x28/0x50
[ 90.775057][ C0] ? iput+0xcc6/0x1030
[ 90.775085][ C0] __dentry_kill+0x209/0x660
[ 90.775106][ C0] ? finish_dput+0xad/0x480
[ 90.775129][ C0] finish_dput+0xc9/0x480
[ 90.775152][ C0] __fput+0x68e/0xa70
[ 90.775182][ C0] task_work_run+0x1d4/0x260
[ 90.775212][ C0] ? __pfx_task_work_run+0x10/0x10
[ 90.775239][ C0] ? exit_to_user_mode_loop+0x55/0x4f0
[ 90.775260][ C0] exit_to_user_mode_loop+0xff/0x4f0
[ 90.775279][ C0] ? rcu_is_watching+0x15/0xb0
[ 90.775302][ C0] do_syscall_64+0x2e3/0xf80
[ 90.775328][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.775348][ C0] ? clear_bhb_loop+0x60/0xb0
[ 90.775371][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.775391][ C0] RIP: 0033:0x7ff655f8e3aa
[ 90.775417][ C0] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 43 91 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 a3 91 02 00 8b 44 24
[ 90.775434][ C0] RSP: 002b:00007ffe51aee670 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 90.775456][ C0] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 00007ff655f8e3aa
[ 90.775470][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 90.775481][ C0] RBP: 00007ffe51aee6cc R08: 0000000000000000 R09: 00007ffe51aee3d7
[ 90.775511][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 90.775523][ C0] R13: 00000000000927c0 R14: 0000000000016031 R15: 00007ffe51aee720
[ 90.775541][ C0]
[ 90.775549][ C0]
[ 91.318076][ C0] Allocated by task 5974:
[ 91.322487][ C0] kasan_save_track+0x3e/0x80
[ 91.327162][ C0] __kasan_slab_alloc+0x6c/0x80
[ 91.332007][ C0] kmem_cache_alloc_node_noprof+0x43c/0x720
[ 91.337896][ C0] __alloc_skb+0x255/0x430
[ 91.342304][ C0] inet6_rt_notify+0x170/0x470
[ 91.347053][ C0] fib6_add_rt2node+0x187f/0x3470
[ 91.352078][ C0] fib6_add+0x8da/0x18a0
[ 91.356324][ C0] ip6_ins_rt+0xc8/0x120
[ 91.360561][ C0] __ipv6_ifa_notify+0x62f/0xaa0
[ 91.365488][ C0] addrconf_dad_completed+0x180/0xd60
[ 91.370852][ C0] addrconf_dad_work+0xc36/0x14b0
[ 91.375867][ C0] process_one_work+0x93a/0x15a0
[ 91.380789][ C0] worker_thread+0x9b0/0xee0
[ 91.385366][ C0] kthread+0x711/0x8a0
[ 91.389441][ C0] ret_from_fork+0x599/0xb30
[ 91.394016][ C0] ret_from_fork_asm+0x1a/0x30
[ 91.398781][ C0]
[ 91.401095][ C0] Freed by task 5974:
[ 91.405062][ C0] kasan_save_track+0x3e/0x80
[ 91.409726][ C0] kasan_save_free_info+0x46/0x50
[ 91.414740][ C0] __kasan_slab_free+0x5c/0x80
[ 91.419492][ C0] kmem_cache_free+0x197/0x620
[ 91.424242][ C0] netlink_broadcast_filtered+0xec7/0x1000
[ 91.430136][ C0] nlmsg_notify+0xf0/0x1a0
[ 91.434550][ C0] fib6_add_rt2node+0x187f/0x3470
[ 91.439585][ C0] fib6_add+0x8da/0x18a0
[ 91.443826][ C0] ip6_ins_rt+0xc8/0x120
[ 91.448065][ C0] __ipv6_ifa_notify+0x62f/0xaa0
[ 91.453024][ C0] addrconf_dad_completed+0x180/0xd60
[ 91.458399][ C0] addrconf_dad_work+0xc36/0x14b0
[ 91.463419][ C0] process_one_work+0x93a/0x15a0
[ 91.468341][ C0] worker_thread+0x9b0/0xee0
[ 91.472922][ C0] kthread+0x711/0x8a0
[ 91.476976][ C0] ret_from_fork+0x599/0xb30
[ 91.481550][ C0] ret_from_fork_asm+0x1a/0x30
[ 91.486305][ C0]
[ 91.488610][ C0] The buggy address belongs to the object at ffff8880556b3dc0
[ 91.488610][ C0] which belongs to the cache skbuff_head_cache of size 240
[ 91.503171][ C0] The buggy address is located 335 bytes to the right of
[ 91.503171][ C0] allocated 240-byte region [ffff8880556b3dc0, ffff8880556b3eb0)
[ 91.517844][ C0]
[ 91.520164][ C0] The buggy address belongs to the physical page:
[ 91.526570][ C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x556b3
[ 91.535319][ C0] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 91.542428][ C0] page_type: f5(slab)
[ 91.546397][ C0] raw: 00fff00000000000 ffff88801cac2dc0 dead000000000122 0000000000000000
[ 91.554968][ C0] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000
[ 91.563539][ C0] page dumped because: kasan: bad access detected
[ 91.569953][ C0] page_owner tracks the page as allocated
[ 91.575740][ C0] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 2085, tgid 2085 (kworker/u8:8), ts 90602811101, free_ts 90590365712
[ 91.595010][ C0] post_alloc_hook+0x234/0x290
[ 91.599778][ C0] get_page_from_freelist+0x2365/0x2440
[ 91.605325][ C0] __alloc_frozen_pages_noprof+0x181/0x370
[ 91.611126][ C0] alloc_pages_mpol+0x232/0x4a0
[ 91.615968][ C0] allocate_slab+0x86/0x3b0
[ 91.620461][ C0] ___slab_alloc+0xf2b/0x1960
[ 91.625221][ C0] __slab_alloc+0x65/0x100
[ 91.629631][ C0] kmem_cache_alloc_node_noprof+0x4ce/0x720
[ 91.635523][ C0] __alloc_skb+0x255/0x430
[ 91.639935][ C0] nsim_dev_trap_report_work+0x29a/0xb80
[ 91.645551][ C0] process_one_work+0x93a/0x15a0
[ 91.650485][ C0] worker_thread+0x9b0/0xee0
[ 91.655081][ C0] kthread+0x711/0x8a0
[ 91.659151][ C0] ret_from_fork+0x599/0xb30
[ 91.663737][ C0] ret_from_fork_asm+0x1a/0x30
[ 91.668495][ C0] page last free pid 9 tgid 9 stack trace:
[ 91.674284][ C0] __free_frozen_pages+0xbc8/0xd30
[ 91.679384][ C0] vfree+0x25a/0x400
[ 91.683286][ C0] hid_open_report+0xa51/0xee0
[ 91.688040][ C0] mcp2221_probe+0x5f/0x880
[ 91.692526][ C0] hid_device_probe+0x416/0x7a0
[ 91.697357][ C0] really_probe+0x26d/0xad0
[ 91.701850][ C0] __driver_probe_device+0x18c/0x320
[ 91.707128][ C0] driver_probe_device+0x4f/0x240
[ 91.712145][ C0] __device_attach_driver+0x279/0x430
[ 91.717504][ C0] bus_for_each_drv+0x251/0x2e0
[ 91.722359][ C0] __device_attach+0x2b8/0x430
[ 91.727138][ C0] device_initial_probe+0xa1/0xd0
[ 91.732178][ C0] bus_probe_device+0x12a/0x220
[ 91.737022][ C0] device_add+0x7b6/0xb80
[ 91.741344][ C0] hid_add_device+0x272/0x3e0
[ 91.746008][ C0] usbhid_probe+0xe13/0x12c0
[ 91.750665][ C0]
[ 91.753061][ C0] Memory state around the buggy address:
[ 91.758681][ C0] ffff8880556b3e80: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[ 91.766744][ C0] ffff8880556b3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 91.774870][ C0] >ffff8880556b3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 91.782920][ C0] ^
[ 91.790901][ C0] ffff8880556b4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 91.798959][ C0] ffff8880556b4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 91.807016][ C0] ==================================================================
[ 91.815111][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 91.822299][ C0] CPU: 0 UID: 0 PID: 5826 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)
[ 91.831762][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 91.841811][ C0] Call Trace:
[ 91.845083][ C0]
[ 91.847920][ C0] dump_stack_lvl+0x99/0x250
[ 91.852507][ C0] ? __asan_memcpy+0x40/0x70
[ 91.857092][ C0] ? __pfx_dump_stack_lvl+0x10/0x10
[ 91.862295][ C0] ? __pfx__printk+0x10/0x10
[ 91.866891][ C0] vpanic+0x237/0x6d0
[ 91.870866][ C0] ? __pfx_vpanic+0x10/0x10
[ 91.875364][ C0] panic+0xb9/0xc0
[ 91.879090][ C0] ? __pfx_panic+0x10/0x10
[ 91.883500][ C0] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 91.889391][ C0] ? is_module_address+0x17/0xf0
[ 91.894324][ C0] ? mcp2221_raw_event+0x106a/0x1240
[ 91.899604][ C0] check_panic_on_warn+0x89/0xb0
[ 91.904543][ C0] ? mcp2221_raw_event+0x106a/0x1240
[ 91.909874][ C0] end_report+0x6f/0x140
[ 91.914147][ C0] kasan_report+0x129/0x150
[ 91.918664][ C0] ? mcp2221_raw_event+0x106a/0x1240
[ 91.923951][ C0] mcp2221_raw_event+0x106a/0x1240
[ 91.929056][ C0] ? down_trylock+0x50/0xb0
[ 91.933551][ C0] hid_input_report+0x41d/0x580
[ 91.938481][ C0] ? __pfx_mcp2221_raw_event+0x10/0x10
[ 91.943938][ C0] hid_irq_in+0x47e/0x6d0
[ 91.948265][ C0] __usb_hcd_giveback_urb+0x376/0x540
[ 91.953650][ C0] dummy_timer+0x85f/0x45b0
[ 91.958179][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 91.963651][ C0] ? __pfx_dummy_timer+0x10/0x10
[ 91.968589][ C0] ? debug_object_deactivate+0x6d/0x360
[ 91.974139][ C0] ? __pfx_dummy_timer+0x10/0x10
[ 91.979071][ C0] ? __pfx_dummy_timer+0x10/0x10
[ 91.984003][ C0] __hrtimer_run_queues+0x51c/0xc30
[ 91.989195][ C0] ? ktime_get_update_offsets_now+0x67/0x3d0
[ 91.995171][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10
[ 92.000907][ C0] ? read_tsc+0x9/0x20
[ 92.004977][ C0] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 92.010780][ C0] hrtimer_run_softirq+0x187/0x2b0
[ 92.015891][ C0] handle_softirqs+0x27d/0x850
[ 92.020645][ C0] ? __irq_exit_rcu+0xca/0x1f0
[ 92.025398][ C0] ? __pfx_handle_softirqs+0x10/0x10
[ 92.030672][ C0] ? irqtime_account_irq+0xb6/0x1c0
[ 92.035864][ C0] __irq_exit_rcu+0xca/0x1f0
[ 92.040442][ C0] ? __pfx___irq_exit_rcu+0x10/0x10
[ 92.045632][ C0] irq_exit_rcu+0x9/0x30
[ 92.049870][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 92.055513][ C0]
[ 92.058434][ C0]
[ 92.061357][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 92.067337][ C0] RIP: 0010:_raw_spin_unlock_irq+0x29/0x50
[ 92.073151][ C0] Code: 90 f3 0f 1e fa 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 1a 29 41 f6 48 89 df e8 52 a0 41 f6 e8 8d 0a 6c f6 fb bf 01 00 00 00 f2 8f 33 f6 65 8b 05 ab e0 20 07 85 c0 74 07 5b e9 d1 4b 00 00
[ 92.092786][ C0] RSP: 0000:ffffc90003e7f5d8 EFLAGS: 00000286
[ 92.098849][ C0] RAX: 85d1a74d730c5d00 RBX: ffff888067be83a8 RCX: 85d1a74d730c5d00
[ 92.106815][ C0] RDX: 0000000000000006 RSI: ffffffff8d7902e8 RDI: 0000000000000001
[ 92.114788][ C0] RBP: ffffc90003e7f9f0 R08: ffffffff8f81f577 R09: 1ffffffff1f03eae
[ 92.122746][ C0] R10: dffffc0000000000 R11: fffffbfff1f03eaf R12: dffffc0000000000
[ 92.130746][ C0] R13: 1ffff1100cf7d074 R14: ffff888067be83a0 R15: ffff888067be83a8
[ 92.138718][ C0] ? _raw_spin_unlock_irq+0x23/0x50
[ 92.143925][ C0] filemap_remove_folio+0xee/0x1f0
[ 92.149031][ C0] truncate_inode_folio+0x5d/0x70
[ 92.154052][ C0] shmem_undo_range+0x3a9/0x1490
[ 92.158985][ C0] ? __pfx_shmem_undo_range+0x10/0x10
[ 92.164355][ C0] ? is_bpf_text_address+0x26/0x2b0
[ 92.169555][ C0] ? __lock_acquire+0x6b6/0x2cf0
[ 92.174491][ C0] ? stack_depot_save_flags+0x40/0x850
[ 92.179956][ C0] shmem_evict_inode+0x26e/0xa70
[ 92.184902][ C0] ? inode_wait_for_writeback+0x14d/0x370
[ 92.190626][ C0] ? __pfx_shmem_evict_inode+0x10/0x10
[ 92.196068][ C0] ? __pfx_inode_wait_for_writeback+0x10/0x10
[ 92.202143][ C0] ? do_raw_spin_unlock+0x122/0x240
[ 92.207334][ C0] ? __pfx_shmem_evict_inode+0x10/0x10
[ 92.212781][ C0] evict+0x5f4/0xae0
[ 92.216665][ C0] ? __pfx_evict+0x10/0x10
[ 92.221063][ C0] ? do_raw_spin_unlock+0x122/0x240
[ 92.226252][ C0] ? _raw_spin_unlock+0x28/0x50
[ 92.231095][ C0] ? iput+0xcc6/0x1030
[ 92.235154][ C0] __dentry_kill+0x209/0x660
[ 92.239731][ C0] ? finish_dput+0xad/0x480
[ 92.244285][ C0] finish_dput+0xc9/0x480
[ 92.248609][ C0] __fput+0x68e/0xa70
[ 92.252598][ C0] task_work_run+0x1d4/0x260
[ 92.257180][ C0] ? __pfx_task_work_run+0x10/0x10
[ 92.262285][ C0] ? exit_to_user_mode_loop+0x55/0x4f0
[ 92.267734][ C0] exit_to_user_mode_loop+0xff/0x4f0
[ 92.273017][ C0] ? rcu_is_watching+0x15/0xb0
[ 92.277952][ C0] do_syscall_64+0x2e3/0xf80
[ 92.282538][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.288591][ C0] ? clear_bhb_loop+0x60/0xb0
[ 92.293257][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.299139][ C0] RIP: 0033:0x7ff655f8e3aa
[ 92.303540][ C0] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 43 91 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 a3 91 02 00 8b 44 24
[ 92.323135][ C0] RSP: 002b:00007ffe51aee670 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 92.331540][ C0] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 00007ff655f8e3aa
[ 92.339500][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 92.347458][ C0] RBP: 00007ffe51aee6cc R08: 0000000000000000 R09: 00007ffe51aee3d7
[ 92.355441][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 92.363397][ C0] R13: 00000000000927c0 R14: 0000000000016031 R15: 00007ffe51aee720
[ 92.371366][ C0]
[ 92.374506][ C0] Kernel Offset: disabled
[ 92.378810][ C0] Rebooting in 86400 seconds..