last executing test programs: 4.804660613s ago: executing program 4 (id=144): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) read$FUSE(r0, &(0x7f0000000440)={0x2020}, 0x2020) 3.838787085s ago: executing program 1 (id=150): r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) write$vga_arbiter(r0, &(0x7f0000000c40)=ANY=[@ANYBLOB='lock '], 0xc) 3.379834961s ago: executing program 0 (id=153): setresuid(0xee01, 0xee00, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x0, 0x9}) fanotify_init(0x40, 0x800) 3.300390898s ago: executing program 2 (id=154): syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000040)='./file0\x00', 0x18000, &(0x7f0000000740)=ANY=[], 0xf, 0x2a4, &(0x7f0000000480)="$eJzs3T9rc2UUAPBzkzSNOqSIiyJ4QQen0rq6NEoFsZMSQR002BYkCYUWAlYwduoncPR7+BFcXPwGgqvg1g6VKzf33ia16R/65k3h7e83nd7nnvOc3KckU06+eXPY3z1I4uTsz2i1kqhtxVacJ7EWtaj8FI0AAF4c51kW/2QPyWzUFt8NALAMxed/4bF7AQCW47Mvvvyks7Oz/WmatuL19umom0TE8HTULdY7+/FdDGIvNqIdFxHZpSL+6OOd7WikubV4ZzgedfPM4de/l/U7f0dM8jejHWvz8zfTwmX+y1V3aXT2V6o/2vHa/Pz3/p8fw3F0m/Hu2zP9r0c7/vg2DmIQu5HnTvN/3EzTD7Ofz374Kt8mz09q0V2d3DeV1Zd0JAAAAAAAAAAAAAAAAAAAAAAAPAHraZoU43sm83vyS5P5OaNu/WKyvp5WZuf7jKv5QElVqJgPlEU5omecxS/VfJ2NNE2z8sZpfiPeaPhhAQAAAAAAAAAAAAAAAAAAAMgdfX/c7w0Ge4cLCappANXX+h9aZ2vmyltx3O/Vby64ev+9ZqcN5L3eenM0GrGgx3JX8FLez8Irr04P9/MogupgFrrXqx8URY/7vbRcqh5yv5fctVerOrhfZ5ea8ayNZZN/iYvs6pm2Llu9mtVc0NNovjJ36d8sy+5X5/2/ijMqrySTERv3232lDOa+wDxoXT+L324ueONbRn0hbzwAAAAAAAAAAAAAAAAAAMA10y/9zlk8uTW19tyaAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAlm/7+fxW0IuLqlWvBuEy+7Z4yaMbh0SO/RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ6A/wIAAP//4ipOSw==") r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r0, 0x2007ffc) 3.066705742s ago: executing program 3 (id=155): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c00000052000122000000000000000002"], 0x1c}}, 0x0) 2.769483348s ago: executing program 0 (id=156): capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40}) r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000440)=@ethtool_ringparam={0xe, 0x0, 0x0, 0xfffffffe, 0x0, 0x1002, 0x80000000}}) 2.572639786s ago: executing program 1 (id=157): r0 = fsopen(&(0x7f0000000040)='9p\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000140)='silent\x00', 0x0, 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000200)='.@:\x00', &(0x7f0000000240)='syzkaller\x00', 0x0) 2.526279028s ago: executing program 4 (id=158): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x17, &(0x7f00000006c0)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x7f}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}], {{0x6, 0x1, 0xd, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000200)="9e36d448b388dd965f7a3312779a", 0x0, 0x0, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.486486632s ago: executing program 3 (id=159): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'macvlan1\x00', 0x0}) sendto$packet(r0, 0x0, 0x0, 0x4040840, &(0x7f0000000080)={0x11, 0x8808, r1, 0x1, 0x4b, 0x6, @link_local}, 0x14) 2.42648363s ago: executing program 2 (id=160): r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x4e20, @local}}, 0x24) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r0, 0x110, 0x4, &(0x7f00000000c0)=0x2, 0x4) 2.130454842s ago: executing program 0 (id=161): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1e, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00m\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x8) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) unlink(&(0x7f0000000000)='./file0/file0\x00') 2.030542322s ago: executing program 1 (id=162): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000e43000000018000180140002006e657464657673696d30000000000000080004000600000008000500000000000800030006"], 0x44}}, 0x0) 1.971088455s ago: executing program 4 (id=163): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) getsockopt$netrom_NETROM_N2(r0, 0x103, 0x3, 0x0, &(0x7f0000000500)) 1.900235429s ago: executing program 2 (id=164): mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r0, 0x84, 0x7f, &(0x7f0000000140)="020000000d800089", 0x8) 1.852310762s ago: executing program 3 (id=165): r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002"], 0x58}}, 0x0) 1.660321448s ago: executing program 0 (id=166): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0x40086604, &(0x7f0000000440)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x1ff, 0x8000000000000700}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x100}]}) 1.436043071s ago: executing program 2 (id=167): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000000)=0x201, 0x4) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000cc0)=@ipv6_getaddrlabel={0x68, 0x4a, 0xb, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_LABEL={0x8, 0x2, 0x2}, @IFAL_ADDRESS={0x14, 0x1, @local}, @IFAL_ADDRESS={0x14, 0x1, @mcast1}, @IFAL_ADDRESS={0x14, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}}, @IFAL_LABEL={0x7, 0x2, 0xf}]}, 0x68}}, 0x0) 1.417324014s ago: executing program 1 (id=168): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'comedi_parport\x00', [0x4f27, 0x0, 0x8, 0x6, 0x5, 0x5, 0x9, 0x7, 0x54c6cff3, 0xfd, 0x2, 0x8401, 0x6, 0x5da31c5d, 0x6, 0x101, 0x0, 0x892, 0xa418, 0x40000001, 0x5, 0xcaa3, 0x8, 0x20001e5b, 0x0, 0xe66, 0x4, 0x8, 0x5, 0x0, 0xfffffff8]}) 1.241389224s ago: executing program 4 (id=169): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x3c, r1, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_NODE_NAME={0x5, 0xa8, @random='\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000804}, 0x1000) 1.234579892s ago: executing program 3 (id=170): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000050a03000000000000000000020000000c00024000000000000000010900010073797a30000000002c000000030a0102e8ffffff00000000020000000900010073797a30000000000900030073797a320000000020000000020a03"], 0xa0}, 0x1, 0x0, 0x0, 0x8001}, 0x0) 1.13992453s ago: executing program 1 (id=171): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4) recvmmsg(r0, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0xb}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=""/129, 0x81}, 0x7}], 0x2, 0x0, 0x0) 811.503853ms ago: executing program 2 (id=172): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/rt_cache\x00') preadv(r0, &(0x7f0000000500)=[{&(0x7f0000001f80)=""/4096, 0x1000}], 0x1, 0x80000000, 0x7) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000003140)=""/181, 0xb5}], 0x1, 0x3ce, 0x4) 721.431392ms ago: executing program 0 (id=173): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_INTERFACE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001980)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000fddbdf25050000000c00060001"], 0x48}, 0x1, 0x0, 0x0, 0x20000000}, 0x40010) 709.228145ms ago: executing program 4 (id=174): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) unshare(0x400) syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), r0) 680.617282ms ago: executing program 3 (id=175): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x34, r1, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x1c, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x2001}, 0x0) 320.55206ms ago: executing program 1 (id=176): r0 = socket(0x40000000015, 0x5, 0x0) bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) sendmsg(r0, &(0x7f0000000200)={&(0x7f0000000040)=@in={0x2, 0x0, @rand_addr=0x64010100}, 0x80, 0x0, 0x0, &(0x7f0000019580)=ANY=[@ANYBLOB="1000000000000000040000000000000010"], 0x20}, 0x0) 198.772833ms ago: executing program 3 (id=177): r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005500e502000000000000000007"], 0x38}}, 0x0) sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0) 149.754636ms ago: executing program 2 (id=178): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_INSNLIST(r0, 0x8010640b, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x4000000, 0x92, 0x0, 0x0, 0x4}]}) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x7) 103.209438ms ago: executing program 4 (id=179): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYRESHEX, @ANYRESHEX, @ANYRES64, @ANYRESDEC], 0x1, 0x253, &(0x7f00000002c0)="$eJzs2s9rHGUYB/BnkpTWlHQj/mxBfNGDehmanD00SArigqCNUAXp1Ex0ybgbMktgRWxOCp569uRZPHoTpEcvufgXeNBTLjn2II4km9o0RmuQ7Ab7+Vz2gXe+vM/s+zK8h3f71dsfr65MxUrRj4ksi4krsRl3s5iNibhnM1556fqPz719/d03FtrtxbdSurpwbW4+pXTh+R/e+/TbF+70z7/z3YXvz8bW7PvbO/O/bD29dXH792sfderUqVO3109Futnr9YubVZmWO/VqntLtqizqMnW6dbn+wPhK1VtbG6SiuzwzvbZe1nUquoO0Wg5Sv5f664NUfFh0uinP8zQzHfwXS9/cbZrYac7ciKZpHvs6zt+JmZ+jFdnjKXviSvbUjeyZzeziTtO0xt0qJ8L6P9oOfNTPRVRfbCxtLA1/h+MLK9GJKsq4HK34LXa3yb5hffX19uLltGc2Pq9u7edvbSxN7uW/vJefi1bMHp2fG+bTg/mzMX1w/vloxZN/zf862V6cPzJ/Ll5+8UA+j1b89EH0oorl2M3en/+zuZRee7N9KH9p7zkAgP+bPP3pyPNbnv/d+DB/jPPhofPVVFyaGu+7E1EPPlktqqpcH0mxu6dGNddDimz/D3j4w89OjLnVky6+Oh1tnFAxub/Qp6WffyrO/KsNOZpijB8lRub+oo+7EwAAAAAAAAAAAI7j0KW/1klckxz3OwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKfbHwEAAP//Ok/KeQ==") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, 0x0) 0s ago: executing program 0 (id=180): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x109301) ioctl$USBDEVFS_DROP_PRIVILEGES(r0, 0x4004551e, &(0x7f0000000000)) ioctl$USBDEVFS_CLEAR_HALT(r0, 0x80045503, &(0x7f00000000c0)={0x1, 0x1}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.234' (ED25519) to the list of known hosts. [ 163.110211][ T5794] cgroup: Unknown subsys name 'net' [ 163.254203][ T5794] cgroup: Unknown subsys name 'cpuset' [ 163.268105][ T5794] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 168.796698][ T5794] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 172.641031][ T5815] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 172.650095][ T5815] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 172.660481][ T5822] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 172.669712][ T5822] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 172.677838][ T5825] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 172.690754][ T5822] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 172.701519][ T5827] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 172.710665][ T5827] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 172.721154][ T5827] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 172.737417][ T5828] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 172.741996][ T5827] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 172.747302][ T5828] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 172.754461][ T5106] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 172.762187][ T5828] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 172.770715][ T5106] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 172.778104][ T5828] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 172.798104][ T5106] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 172.809195][ T5106] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 172.809657][ T5828] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 172.819737][ T5106] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 172.829604][ T5828] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 172.834509][ T5106] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 172.843797][ T5828] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 172.865113][ T49] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 172.883191][ T5106] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 173.995921][ T5817] chnl_net:caif_netlink_parms(): no params data found [ 174.400076][ T5821] chnl_net:caif_netlink_parms(): no params data found [ 174.825255][ T5812] chnl_net:caif_netlink_parms(): no params data found [ 174.855046][ T49] Bluetooth: hci0: command tx timeout [ 174.925179][ T49] Bluetooth: hci1: command tx timeout [ 174.931371][ T49] Bluetooth: hci2: command tx timeout [ 174.938391][ T5828] Bluetooth: hci3: command tx timeout [ 174.965303][ T5813] chnl_net:caif_netlink_parms(): no params data found [ 175.037220][ T49] Bluetooth: hci4: command tx timeout [ 175.191531][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 175.322875][ T5817] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.331103][ T5817] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.339175][ T5817] bridge_slave_0: entered allmulticast mode [ 175.348874][ T5817] bridge_slave_0: entered promiscuous mode [ 175.503407][ T5817] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.512450][ T5817] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.520717][ T5817] bridge_slave_1: entered allmulticast mode [ 175.530361][ T5817] bridge_slave_1: entered promiscuous mode [ 175.660650][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.668547][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.676595][ T5821] bridge_slave_0: entered allmulticast mode [ 175.686025][ T5821] bridge_slave_0: entered promiscuous mode [ 175.781617][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.791001][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.799765][ T5821] bridge_slave_1: entered allmulticast mode [ 175.808606][ T5821] bridge_slave_1: entered promiscuous mode [ 175.819731][ T5812] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.830298][ T5812] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.838636][ T5812] bridge_slave_0: entered allmulticast mode [ 175.847899][ T5812] bridge_slave_0: entered promiscuous mode [ 175.873318][ T5817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 175.895140][ T5817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 175.977558][ T5812] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.985413][ T5812] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.993098][ T5812] bridge_slave_1: entered allmulticast mode [ 176.002792][ T5812] bridge_slave_1: entered promiscuous mode [ 176.289944][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 176.310554][ T5812] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 176.327797][ T5817] team0: Port device team_slave_0 added [ 176.336263][ T5813] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.344109][ T5813] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.351810][ T5813] bridge_slave_0: entered allmulticast mode [ 176.361799][ T5813] bridge_slave_0: entered promiscuous mode [ 176.422822][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 176.489490][ T5812] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 176.509086][ T5817] team0: Port device team_slave_1 added [ 176.547990][ T5813] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.556342][ T5813] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.564100][ T5813] bridge_slave_1: entered allmulticast mode [ 176.573284][ T5813] bridge_slave_1: entered promiscuous mode [ 176.782668][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.793218][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.801143][ T5826] bridge_slave_0: entered allmulticast mode [ 176.809510][ T5826] bridge_slave_0: entered promiscuous mode [ 176.889597][ T5821] team0: Port device team_slave_0 added [ 176.899078][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 176.906337][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 176.933143][ T49] Bluetooth: hci0: command tx timeout [ 176.933183][ T5817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 176.949095][ T5813] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 176.960623][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.970386][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.978404][ T5826] bridge_slave_1: entered allmulticast mode [ 176.987772][ T5826] bridge_slave_1: entered promiscuous mode [ 177.005064][ T5813] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 177.014236][ T49] Bluetooth: hci2: command tx timeout [ 177.017265][ T5828] Bluetooth: hci3: command tx timeout [ 177.020684][ T49] Bluetooth: hci1: command tx timeout [ 177.035138][ T5812] team0: Port device team_slave_0 added [ 177.083770][ T5828] Bluetooth: hci4: command tx timeout [ 177.087720][ T5821] team0: Port device team_slave_1 added [ 177.099214][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 177.106844][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 177.133619][ T5817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 177.153014][ T5812] team0: Port device team_slave_1 added [ 177.399536][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 177.417003][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 177.424248][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 177.450733][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 177.498558][ T5813] team0: Port device team_slave_0 added [ 177.507915][ T5812] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 177.515676][ T5812] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 177.542795][ T5812] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 177.563425][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 177.651093][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 177.658710][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 177.686858][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 177.705482][ T5813] team0: Port device team_slave_1 added [ 177.714688][ T5812] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 177.722086][ T5812] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 177.749172][ T5812] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 177.800954][ T5826] team0: Port device team_slave_0 added [ 177.954695][ T5826] team0: Port device team_slave_1 added [ 177.975519][ T5817] hsr_slave_0: entered promiscuous mode [ 177.985855][ T5817] hsr_slave_1: entered promiscuous mode [ 178.005253][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 178.012482][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.038775][ T5813] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 178.191041][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 178.198293][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.224993][ T5813] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 178.309016][ T5821] hsr_slave_0: entered promiscuous mode [ 178.318149][ T5821] hsr_slave_1: entered promiscuous mode [ 178.326694][ T5821] debugfs: 'hsr0' already exists in 'hsr' [ 178.332686][ T5821] Cannot create hsr debugfs directory [ 178.377396][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 178.385069][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.411884][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 178.500715][ T5812] hsr_slave_0: entered promiscuous mode [ 178.510733][ T5812] hsr_slave_1: entered promiscuous mode [ 178.519363][ T5812] debugfs: 'hsr0' already exists in 'hsr' [ 178.525543][ T5812] Cannot create hsr debugfs directory [ 178.537228][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 178.544595][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.571723][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 178.876624][ T5813] hsr_slave_0: entered promiscuous mode [ 178.886875][ T5813] hsr_slave_1: entered promiscuous mode [ 178.895119][ T5813] debugfs: 'hsr0' already exists in 'hsr' [ 178.900976][ T5813] Cannot create hsr debugfs directory [ 179.024661][ T5828] Bluetooth: hci0: command tx timeout [ 179.096166][ T5828] Bluetooth: hci3: command tx timeout [ 179.098489][ T5815] Bluetooth: hci1: command tx timeout [ 179.101893][ T5828] Bluetooth: hci2: command tx timeout [ 179.164283][ T5815] Bluetooth: hci4: command tx timeout [ 179.261541][ T5826] hsr_slave_0: entered promiscuous mode [ 179.271671][ T5826] hsr_slave_1: entered promiscuous mode [ 179.280716][ T5826] debugfs: 'hsr0' already exists in 'hsr' [ 179.287831][ T5826] Cannot create hsr debugfs directory [ 180.394551][ T5817] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 180.419483][ T5812] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 180.457194][ T5817] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 180.481499][ T5812] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 180.515247][ T5812] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 180.536238][ T5817] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 180.557559][ T5812] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 180.639087][ T5817] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 180.698400][ T5821] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 180.740863][ T5821] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 180.831657][ T5821] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 180.857920][ T5821] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 180.916550][ T5813] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 181.002324][ T5813] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 181.084827][ T5815] Bluetooth: hci0: command tx timeout [ 181.111691][ T5813] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 181.158816][ T5813] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 181.168650][ T5815] Bluetooth: hci1: command tx timeout [ 181.168827][ T5828] Bluetooth: hci2: command tx timeout [ 181.179758][ T49] Bluetooth: hci3: command tx timeout [ 181.244491][ T5815] Bluetooth: hci4: command tx timeout [ 181.371079][ T5826] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 181.455325][ T5826] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 181.549104][ T5826] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 181.648050][ T5826] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 181.998246][ T5817] 8021q: adding VLAN 0 to HW filter on device bond0 [ 182.159910][ T5817] 8021q: adding VLAN 0 to HW filter on device team0 [ 182.232575][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.240247][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 182.271684][ T5812] 8021q: adding VLAN 0 to HW filter on device bond0 [ 182.350823][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.358738][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 182.451946][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0 [ 182.473249][ T5813] 8021q: adding VLAN 0 to HW filter on device bond0 [ 182.572812][ T5812] 8021q: adding VLAN 0 to HW filter on device team0 [ 182.678965][ T5821] 8021q: adding VLAN 0 to HW filter on device team0 [ 182.755986][ T1303] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.763790][ T1303] bridge0: port 1(bridge_slave_0) entered forwarding state [ 182.817685][ T3556] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.825225][ T3556] bridge0: port 2(bridge_slave_1) entered forwarding state [ 182.868635][ T5813] 8021q: adding VLAN 0 to HW filter on device team0 [ 182.897037][ T1303] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.904936][ T1303] bridge0: port 1(bridge_slave_0) entered forwarding state [ 182.981408][ T1303] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.990928][ T1303] bridge0: port 1(bridge_slave_0) entered forwarding state [ 183.006561][ T1303] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.014278][ T1303] bridge0: port 2(bridge_slave_1) entered forwarding state [ 183.072990][ T3556] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.080582][ T3556] bridge0: port 2(bridge_slave_1) entered forwarding state [ 183.548831][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 183.772560][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 183.850769][ T203] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.858349][ T203] bridge0: port 1(bridge_slave_0) entered forwarding state [ 183.979239][ T203] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.987037][ T203] bridge0: port 2(bridge_slave_1) entered forwarding state [ 185.050747][ T5817] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 185.393008][ T5812] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 185.440157][ T5813] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 185.543223][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 185.617811][ T5817] veth0_vlan: entered promiscuous mode [ 185.722126][ T5817] veth1_vlan: entered promiscuous mode [ 186.048222][ T5812] veth0_vlan: entered promiscuous mode [ 186.098192][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 186.162470][ T5821] veth0_vlan: entered promiscuous mode [ 186.184024][ T5812] veth1_vlan: entered promiscuous mode [ 186.210479][ T5817] veth0_macvtap: entered promiscuous mode [ 186.282265][ T5817] veth1_macvtap: entered promiscuous mode [ 186.317420][ T5821] veth1_vlan: entered promiscuous mode [ 186.516723][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 186.557975][ T5812] veth0_macvtap: entered promiscuous mode [ 186.614326][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 186.678738][ T5812] veth1_macvtap: entered promiscuous mode [ 186.740539][ T203] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.806484][ T14] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.842438][ T4769] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.881557][ T4769] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.930219][ T5821] veth0_macvtap: entered promiscuous mode [ 186.948202][ T5826] veth0_vlan: entered promiscuous mode [ 187.021566][ T5821] veth1_macvtap: entered promiscuous mode [ 187.055424][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 187.092467][ T5826] veth1_vlan: entered promiscuous mode [ 187.158828][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 187.215920][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 187.299389][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.355025][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 187.385258][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.429037][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.496585][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.522426][ T5826] veth0_macvtap: entered promiscuous mode [ 187.551920][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.608338][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.630292][ T5826] veth1_macvtap: entered promiscuous mode [ 187.667598][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.727981][ T4948] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.837248][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 187.954535][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 188.068557][ T203] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.150921][ T5096] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.256984][ T5096] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.304797][ T3556] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.420675][ T5813] veth0_vlan: entered promiscuous mode [ 188.553409][ T5813] veth1_vlan: entered promiscuous mode [ 188.910876][ T5813] veth0_macvtap: entered promiscuous mode [ 188.970526][ T5813] veth1_macvtap: entered promiscuous mode [ 189.107373][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 189.201002][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 189.340147][ T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.412117][ T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.459924][ T14] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.530955][ T14] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.259661][ T1881] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 193.267910][ T1881] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 193.447999][ T1881] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 193.457493][ T1881] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 193.800835][ T4769] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 193.856326][ T4769] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 193.890250][ T5817] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 193.963405][ T3556] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 193.979439][ T3556] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 194.172581][ T4769] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 194.181967][ T4769] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 194.304002][ T4948] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 194.312696][ T4948] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 194.388477][ T5998] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4'. [ 194.919107][ T203] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 194.928621][ T203] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 195.244303][ T203] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 195.252459][ T203] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 195.332727][ T6006] loop0: detected capacity change from 0 to 1764 [ 195.516231][ T6006] »»»»»»,cruft,ch: renamed from lo (while UP) [ 195.674073][ T11] kernel read not supported for file /rfkill (pid: 11 comm: kworker/0:1) [ 195.847304][ T3556] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 195.856482][ T3556] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 196.231139][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 196.240037][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 198.046870][ T6047] netlink: 44 bytes leftover after parsing attributes in process `syz.4.20'. [ 198.057444][ T6047] netlink: 44 bytes leftover after parsing attributes in process `syz.4.20'. [ 198.144600][ T6052] netlink: 44 bytes leftover after parsing attributes in process `syz.2.21'. [ 198.154020][ T6052] netlink: 'syz.2.21': attribute type 6 has an invalid length. [ 198.166325][ T6052] netlink: 'syz.2.21': attribute type 5 has an invalid length. [ 198.176264][ T6052] netlink: 'syz.2.21': attribute type 4 has an invalid length. [ 198.848883][ T6056] loop3: detected capacity change from 0 to 256 [ 199.057147][ T6053] loop0: detected capacity change from 0 to 40427 [ 199.088337][ T6053] F2FS-fs (loop0): Fix alignment : done, start(4096) end(16896) block(12288) [ 199.097808][ T6053] F2FS-fs (loop0): build fault injection rate: 2 [ 199.105939][ T6053] F2FS-fs (loop0): build fault injection type: 0x3bfe8c [ 199.114142][ T6053] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of get_checkpoint_version+0x4a/0x9b0 [ 199.126538][ C1] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of bio_endio+0xe24/0xf80 [ 199.137577][ C1] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of bio_endio+0xe24/0xf80 [ 199.148434][ T6053] F2FS-fs (loop0): Failed to get valid F2FS checkpoint [ 199.246421][ T6062] loop1: detected capacity change from 0 to 256 [ 200.325868][ T6070] loop0: detected capacity change from 0 to 512 [ 200.352372][ T6070] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 200.369389][ T6070] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 200.503150][ T6073] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 200.700929][ T6076] gtp0: entered promiscuous mode [ 200.706341][ T6076] gtp0: entered allmulticast mode [ 200.733252][ T6070] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 200.799431][ T6070] EXT4-fs (loop0): 1 truncate cleaned up [ 200.807826][ T6070] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 201.256465][ T5812] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.326934][ T6088] program syz.4.38 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 201.749709][ T6095] process 'syz.2.42' launched '/dev/fd/3' with NULL argv: empty string added [ 201.816591][ T6092] loop3: detected capacity change from 0 to 2048 [ 201.866984][ T6092] EXT4-fs: Ignoring removed mblk_io_submit option [ 202.024234][ T6092] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 202.252484][ T6107] netlink: 'syz.0.45': attribute type 2 has an invalid length. [ 202.557407][ T5817] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 203.517612][ T1549] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 203.725105][ T1549] usb 5-1: Using ep0 maxpacket: 32 [ 203.761482][ T6133] capability: warning: `syz.2.58' uses deprecated v2 capabilities in a way that may be insecure [ 203.809931][ T1549] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 203.821097][ T1549] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 203.833835][ T1549] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 203.844141][ T1549] usb 5-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 203.857476][ T1549] usb 5-1: config 0 interface 0 has no altsetting 0 [ 203.864657][ T1549] usb 5-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 203.874316][ T1549] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.986011][ T1549] usb 5-1: config 0 descriptor?? [ 204.473452][ T1549] hid-thrustmaster 0003:044F:B65D.0001: item fetching failed at offset 3/5 [ 204.498753][ T1549] hid-thrustmaster 0003:044F:B65D.0001: parse failed with error -22 [ 204.513945][ T1549] hid-thrustmaster 0003:044F:B65D.0001: probe with driver hid-thrustmaster failed with error -22 [ 204.710048][ T1549] usb 5-1: USB disconnect, device number 2 [ 205.096123][ T6141] loop0: detected capacity change from 0 to 32768 [ 205.113352][ T6141] bcachefs (/dev/loop0): error validating superblock: Not a bcachefs superblock layout [ 205.129324][ T6141] bcachefs: bch2_fs_get_tree() error: invalid_sb_layout [ 206.277600][ T6158] loop3: detected capacity change from 0 to 8 [ 206.361666][ T6162] loop2: detected capacity change from 0 to 64 [ 206.400730][ T6162] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing [ 206.465434][ T6158] SQUASHFS error: Unable to read directory block [629:46] [ 206.623891][ T5866] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 206.804561][ T5866] usb 2-1: config 220 has an invalid interface number: 76 but max is 2 [ 206.813215][ T5866] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 206.822681][ T5866] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 206.833407][ T5866] usb 2-1: config 220 has no interface number 2 [ 206.840068][ T5866] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 206.854205][ T5866] usb 2-1: config 220 interface 0 has no altsetting 0 [ 206.861180][ T5866] usb 2-1: config 220 interface 76 has no altsetting 0 [ 206.872317][ T5866] usb 2-1: config 220 interface 1 has no altsetting 0 [ 207.086280][ T5866] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 207.096322][ T5866] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 207.105301][ T5866] usb 2-1: Product: syz [ 207.109684][ T5866] usb 2-1: Manufacturer: syz [ 207.114725][ T5866] usb 2-1: SerialNumber: syz [ 207.136372][ T6171] [U] ^E^P [ 207.465754][ T5866] usb 2-1: selecting invalid altsetting 0 [ 207.472250][ T5866] usb 2-1: Found UVC 7.01 device syz (8086:0b07) [ 207.485187][ T5866] usb 2-1: No valid video chain found. [ 207.497074][ T6168] loop2: detected capacity change from 0 to 4096 [ 207.594152][ T5866] usb 2-1: selecting invalid altsetting 0 [ 207.600293][ T5866] usbtest 2-1:220.1: probe with driver usbtest failed with error -22 [ 207.695085][ T5866] usb 2-1: USB disconnect, device number 2 [ 207.816571][ T6168] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 207.885626][ T6168] EXT4-fs (loop2): Online resizing not supported with bigalloc [ 208.354417][ T5821] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.428204][ T6206] loop3: detected capacity change from 0 to 64 [ 210.475187][ T6203] Zero length message leads to an empty skb [ 210.507496][ T6207] loop1: detected capacity change from 0 to 256 [ 210.515543][ T5866] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 210.572758][ T6207] exfat: Deprecated parameter 'utf8' [ 210.700075][ T6207] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x7b823c56, utbl_chksum : 0xe619d30d) [ 210.732212][ T5866] usb 3-1: Using ep0 maxpacket: 8 [ 210.806645][ T5866] usb 3-1: too many endpoints for config 0 interface 0 altsetting 250: 255, using maximum allowed: 30 [ 210.818122][ T5866] usb 3-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 210.832088][ T5866] usb 3-1: config 0 interface 0 has no altsetting 0 [ 210.839089][ T5866] usb 3-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00 [ 210.849579][ T5866] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.037086][ T5866] usb 3-1: config 0 descriptor?? [ 211.565031][ T5866] gt683r_led 0003:1770:FF00.0002: collection stack underflow [ 211.572890][ T5866] gt683r_led 0003:1770:FF00.0002: item 0 4 0 12 parsing failed [ 211.696317][ T5866] gt683r_led 0003:1770:FF00.0002: hid parsing failed [ 211.704439][ T5866] gt683r_led 0003:1770:FF00.0002: probe with driver gt683r_led failed with error -22 [ 211.766881][ T5866] usb 3-1: USB disconnect, device number 2 [ 212.510879][ T6226] loop1: detected capacity change from 0 to 64 [ 213.340485][ T6238] loop0: detected capacity change from 0 to 64 [ 213.350706][ T6234] loop3: detected capacity change from 0 to 2048 [ 213.429966][ T6237] TCP: TCP_TX_DELAY enabled [ 213.450169][ T6240] netlink: 'syz.1.106': attribute type 1 has an invalid length. [ 213.458217][ T6240] netlink: 5624 bytes leftover after parsing attributes in process `syz.1.106'. [ 213.463291][ T6234] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 213.590603][ T30] audit: type=1800 audit(1755792301.726:2): pid=6234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.103" name="file1" dev="loop3" ino=1367 res=0 errno=0 [ 214.070236][ T6244] loop1: detected capacity change from 0 to 64 [ 214.414605][ T6253] loop2: detected capacity change from 0 to 512 [ 214.456905][ T6253] EXT4-fs: Ignoring removed mblk_io_submit option [ 214.586608][ T6253] EXT4-fs (loop2): orphan cleanup on readonly fs [ 214.593856][ T6253] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13 [ 214.639719][ T6253] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.112: attempt to clear invalid blocks 2 len 1 [ 214.697690][ T6253] EXT4-fs (loop2): Remounting filesystem read-only [ 214.808435][ T6253] EXT4-fs (loop2): 1 truncate cleaned up [ 214.816772][ T6253] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 214.962713][ T6260] Bluetooth: MGMT ver 1.23 [ 215.110688][ T6261] loop1: detected capacity change from 0 to 2048 [ 215.230374][ T5821] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.345627][ T6261] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 215.690795][ T6261] ======================================================= [ 215.690795][ T6261] WARNING: The mand mount option has been deprecated and [ 215.690795][ T6261] and is ignored by this kernel. Remove the mand [ 215.690795][ T6261] option from the mount to silence this warning. [ 215.690795][ T6261] ======================================================= [ 215.726668][ C1] vkms_vblank_simulate: vblank timer overrun [ 215.739024][ T6261] EXT4-fs: can't change dax mount option while remounting [ 216.356066][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 216.450542][ T6279] loop2: detected capacity change from 0 to 64 [ 216.549036][ T6279] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing [ 216.800541][ T6282] loop4: detected capacity change from 0 to 256 [ 216.849485][ T6282] exfat: Deprecated parameter 'namecase' [ 216.886987][ T6283] loop1: detected capacity change from 0 to 64 [ 216.927491][ T6282] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 216.973987][ T6283] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. mounting read-only. [ 216.985840][ T6283] hfs: filesystem is marked locked, mounting read-only. [ 217.014749][ T5815] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 217.022095][ T5815] Bluetooth: hci0: command 0x0c1a tx timeout [ 219.100381][ T6303] loop1: detected capacity change from 0 to 32768 [ 219.110715][ T6303] XFS (loop1): sunit and swidth options incompatible with the noalign option [ 219.181807][ T6301] loop2: detected capacity change from 0 to 4096 [ 219.511177][ T6311] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 220.562814][ T6329] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 220.575944][ T6328] IPVS: stopping master sync thread 6329 ... [ 221.864251][ T6348] loop2: detected capacity change from 0 to 256 [ 221.980745][ T30] audit: type=1800 audit(1755792310.116:3): pid=6348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.154" name="file1" dev="loop2" ino=1048606 res=0 errno=0 [ 222.042361][ T6348] FAT-fs (loop2): error, clusters badly computed (0 != 128) [ 222.051161][ T6348] FAT-fs (loop2): Filesystem has been set read-only [ 222.058251][ T6348] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 223.317668][ T6370] netlink: 36 bytes leftover after parsing attributes in process `syz.3.165'. [ 223.401698][ T6373] loop0: detected capacity change from 0 to 512 [ 223.583752][ T6373] EXT4-fs (loop0): 1 orphan inode deleted [ 223.591777][ T6373] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 223.610210][ T203] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 223.621590][ T203] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 1 [ 223.729471][ T6373] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 223.923806][ T6384] netlink: 12 bytes leftover after parsing attributes in process `syz.3.170'. [ 224.196358][ T5812] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.548837][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 224.556156][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 224.634329][ T6394] netlink: 40 bytes leftover after parsing attributes in process `syz.0.173'. [ 224.969877][ T6400] ===================================================== [ 224.977255][ T6400] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xcc/0x120 [ 224.984956][ T6400] _copy_to_user+0xcc/0x120 [ 224.993766][ T6400] do_insnlist_ioctl+0x66e/0x930 [ 224.998896][ T6400] comedi_unlocked_ioctl+0x1e78/0x1f60 [ 225.005937][ T6400] __se_sys_ioctl+0x23c/0x400 [ 225.010800][ T6400] __x64_sys_ioctl+0x97/0xe0 [ 225.015928][ T6400] x64_sys_call+0x1cbc/0x3e20 [ 225.019048][ T6402] netlink: 32 bytes leftover after parsing attributes in process `syz.3.177'. [ 225.020795][ T6400] do_syscall_64+0xd9/0x210 [ 225.036938][ T6400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.043017][ T6400] [ 225.045734][ T6400] Uninit was created at: [ 225.050300][ T6400] __kmalloc_noprof+0x95f/0x1310 [ 225.055818][ T6400] do_insnlist_ioctl+0x1b2/0x930 [ 225.061020][ T6400] comedi_unlocked_ioctl+0x1e78/0x1f60 [ 225.066931][ T6400] __se_sys_ioctl+0x23c/0x400 [ 225.071780][ T6400] __x64_sys_ioctl+0x97/0xe0 [ 225.077059][ T6400] x64_sys_call+0x1cbc/0x3e20 [ 225.082379][ T6400] do_syscall_64+0xd9/0x210 [ 225.087672][ T6400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.098293][ T6400] [ 225.100861][ T6400] Bytes 4-583 of 584 are uninitialized [ 225.108347][ T6400] Memory access of size 584 starts at ffff8880501f3400 [ 225.115943][ T6400] [ 225.118688][ T6400] CPU: 0 UID: 0 PID: 6400 Comm: syz.2.178 Not tainted syzkaller #0 PREEMPT(none) [ 225.128633][ T6400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 225.138997][ T6400] ===================================================== [ 225.146277][ T6400] Disabling lock debugging due to kernel taint [ 225.152544][ T6400] Kernel panic - not syncing: kmsan.panic set ... [ 225.159098][ T6400] CPU: 0 UID: 0 PID: 6400 Comm: syz.2.178 Tainted: G B syzkaller #0 PREEMPT(none) [ 225.170225][ T6400] Tainted: [B]=BAD_PAGE [ 225.174705][ T6400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 225.185169][ T6400] Call Trace: [ 225.188686][ T6400] [ 225.191794][ T6400] __dump_stack+0x26/0x30 [ 225.196561][ T6400] dump_stack_lvl+0x53/0x270 [ 225.201672][ T6400] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 225.208216][ T6400] dump_stack+0x1e/0x25 [ 225.212600][ T6400] vpanic+0x361/0xc50 [ 225.216915][ T6400] panic+0x15d/0x160 [ 225.221327][ T6400] kmsan_report+0x31c/0x320 [ 225.226144][ T6400] ? kmsan_internal_check_memory+0x1e1/0x230 [ 225.232476][ T6400] ? kmsan_copy_to_user+0xf1/0x190 [ 225.237952][ T6400] ? _copy_to_user+0xcc/0x120 [ 225.242898][ T6400] ? do_insnlist_ioctl+0x66e/0x930 [ 225.248274][ T6400] ? comedi_unlocked_ioctl+0x1e78/0x1f60 [ 225.254161][ T6400] ? __se_sys_ioctl+0x23c/0x400 [ 225.259269][ T6400] ? __x64_sys_ioctl+0x97/0xe0 [ 225.264352][ T6400] ? x64_sys_call+0x1cbc/0x3e20 [ 225.269407][ T6400] ? do_syscall_64+0xd9/0x210 [ 225.274359][ T6400] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.280602][ T6400] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 225.287003][ T6400] ? kmsan_get_metadata+0xfb/0x160 [ 225.292654][ T6400] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 225.298692][ T6400] ? kmsan_get_metadata+0xfb/0x160 [ 225.304257][ T6400] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 225.310434][ T6400] ? kmsan_get_metadata+0xfb/0x160 [ 225.315855][ T6400] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 225.321967][ T6400] ? kmsan_get_metadata+0xfb/0x160 [ 225.327269][ T6400] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 225.333382][ T6400] kmsan_internal_check_memory+0x1e1/0x230 [ 225.339490][ T6400] kmsan_copy_to_user+0xf1/0x190 [ 225.344844][ T6400] _copy_to_user+0xcc/0x120 [ 225.349530][ T6400] do_insnlist_ioctl+0x66e/0x930 [ 225.354747][ T6400] comedi_unlocked_ioctl+0x1e78/0x1f60 [ 225.360488][ T6400] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 225.366458][ T6400] __se_sys_ioctl+0x23c/0x400 [ 225.371295][ T6400] __x64_sys_ioctl+0x97/0xe0 [ 225.376121][ T6400] x64_sys_call+0x1cbc/0x3e20 [ 225.380964][ T6400] do_syscall_64+0xd9/0x210 [ 225.385650][ T6400] ? irqentry_exit+0x16/0x60 [ 225.390417][ T6400] ? clear_bhb_loop+0x40/0x90 [ 225.395558][ T6400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.401824][ T6400] RIP: 0033:0x7fd41478ebe9 [ 225.406721][ T6400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.427265][ T6400] RSP: 002b:00007fd4155f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 225.436016][ T6400] RAX: ffffffffffffffda RBX: 00007fd4149b5fa0 RCX: 00007fd41478ebe9 [ 225.444294][ T6400] RDX: 00002000000000c0 RSI: 000000008010640b RDI: 0000000000000003 [ 225.452492][ T6400] RBP: 00007fd414811e19 R08: 0000000000000000 R09: 0000000000000000 [ 225.460607][ T6400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 225.468890][ T6400] R13: 00007fd4149b6038 R14: 00007fd4149b5fa0 R15: 00007fffc57adb98 [ 225.477206][ T6400] [ 225.480752][ T6400] Kernel Offset: disabled [ 225.485414][ T6400] Rebooting in 86400 seconds..