last executing test programs: 22.043987568s ago: executing program 3 (id=82): writev(0xffffffffffffffff, &(0x7f0000000140), 0x0) socket(0xa, 0x3, 0x3) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0) mkdir(0x0, 0x8) r0 = syz_open_dev$video4linux(0x0, 0x71, 0x80) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0585605, &(0x7f00000005c0)={0x0, 0x2, @raw_data=[0x0, 0x0, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffe]}) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x40048820) syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') socket(0x1, 0x803, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x3, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f0000000140)=@IORING_OP_WRITEV={0x2, 0x59, 0x4004, @fd, 0xfffffffffffffffd, 0x0, 0xff59, 0x18, 0x0, {0x3}}) io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0) 21.556971279s ago: executing program 2 (id=84): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_usbip_server_init(0x6) socket$netlink(0x10, 0x3, 0x15) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) socket$inet6_mptcp(0xa, 0x1, 0x106) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xa0090199) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x8ef, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) r5 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4) ioctl$sock_bt_bnep_BNEPCONNADD(r5, 0x400442c8, &(0x7f0000000100)=ANY=[@ANYRES32=r4, @ANYBLOB='\x00\x00\x00']) 20.873393552s ago: executing program 3 (id=86): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f00000002c0)) syz_io_uring_setup(0x83, &(0x7f0000000580)={0x0, 0xe7b7, 0x13500, 0x8, 0x34f}, 0x0, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) socket(0xa, 0x3, 0x3a) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r4 = dup(r3) open(&(0x7f0000000180)='./file0\x00', 0x440, 0xc2) write$FUSE_BMAP(r4, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x3b9}}, 0x18) write$FUSE_DIRENTPLUS(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_GETXATTR(r4, &(0x7f00000000c0)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r4, &(0x7f00000005c0)=ANY=[@ANYBLOB="b900"], 0xb8) mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000080), 0x1010412, &(0x7f0000000780)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB]) r5 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x22) writev(r5, &(0x7f0000000000)=[{&(0x7f00000006c0)='\t', 0x2003f}], 0x1) 20.839297985s ago: executing program 0 (id=87): r0 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) syz_io_uring_setup(0x31aa, 0x0, 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0xc1842, 0x0) syz_usb_disconnect(0xffffffffffffffff) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = open_tree(0xffffffffffffff9c, 0x0, 0x89901) move_mount(r3, 0x0, 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x206) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) signalfd4(r4, &(0x7f00000000c0)={[0x48dc7c62, 0x8]}, 0x8, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) fcntl$dupfd(r0, 0x0, r0) 19.999802755s ago: executing program 2 (id=89): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f00000002c0)) syz_io_uring_setup(0x83, &(0x7f0000000580)={0x0, 0xe7b7, 0x13500, 0x0, 0x352}, 0x0, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) socket(0xa, 0x3, 0x3a) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r4 = dup(r3) open(&(0x7f0000000180)='./file0\x00', 0x440, 0xc2) write$FUSE_BMAP(r4, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x3b9}}, 0x18) write$FUSE_DIRENTPLUS(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_GETXATTR(r4, &(0x7f00000000c0)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r4, &(0x7f00000005c0)=ANY=[@ANYBLOB="b900"], 0xb8) mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000080), 0x1010412, &(0x7f0000000780)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB]) r5 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x22) writev(r5, &(0x7f0000000000)=[{&(0x7f00000006c0)='\t', 0x2003f}], 0x1) 19.903101249s ago: executing program 3 (id=90): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) r2 = inotify_init() ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000100)={0x0, 0x3ffc, 0x0, 0x0, 0x15, "ffff00"}) syz_open_pts(0xffffffffffffffff, 0x0) ioctl$SIOCX25GDTEFACILITIES(0xffffffffffffffff, 0x89ea, &(0x7f0000000140)) io_setup(0x7, &(0x7f0000000000)) getpid() close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) inotify_add_watch(r2, &(0x7f00000000c0)='.\x00', 0x5000009) r3 = open(&(0x7f0000000180)='./bus\x00', 0x189a7c, 0x113) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000200)=@security={'security\x00', 0x44, 0x4, 0x424, 0xffffffff, 0xc8, 0x294, 0xc8, 0xffffffff, 0xffffffff, 0x35c, 0x35c, 0x35c, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@private0, @mcast1, [0x0, 0x0, 0xffffffff], [], 'nr0\x00', 'veth0_vlan\x00'}, 0x203, 0xa4, 0xc8, 0x8502}, @common=@unspec=@CONNSECMARK={0x24, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@uncond, 0x0, 0xa4, 0x1cc}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:modem_device_t:s0\x00'}}}, {{@uncond, 0x0, 0xa4, 0xc8}, @common=@unspec=@AUDIT={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x480) r5 = open(&(0x7f0000000040)='./bus\x00', 0x4e142, 0x0) pwritev2(r5, &(0x7f0000000680)=[{&(0x7f0000000200)="05", 0x6a000}], 0x1, 0x6000000, 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x37fffee, 0x4002011, r3, 0x0) 19.343795004s ago: executing program 1 (id=92): socket$nl_sock_diag(0x10, 0x3, 0x4) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$igmp(0x2, 0x3, 0x2) r0 = socket$inet6(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=r1, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f"], 0x6c}}, 0x840) r2 = socket$kcm(0x10, 0x2, 0x0) socket$rds(0x15, 0x5, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), r0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6}]}) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0) sendmsg$kcm(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0) r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x8, &(0x7f0000001340)=ANY=[@ANYBLOB="beaa000000000000791008000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000bf03000000000000850000000c000000b70000000000000095"], &(0x7f0000000480)='syzkaller\x00'}, 0x94) 19.329126844s ago: executing program 0 (id=93): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0xffffffffffffff08, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="60000000020601046c0001000000000000000000050005000a000000050001000600000005000400000000000900020073797a300000000014000300686173683a69702c706f72742c697000140007800800084000002f5408000640"], 0x60}}, 0xc000) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="3ed2d8caad27e0a3ea46a5515b2af9deeeda0cc0f457feed804a170df98f01cbb7eefcf90cc227e514c2f379f4dc1b0727faa1ebff8856700e6c15c6c5c7ab0e9d1628cbd816ab5369c412263c1a58f331ef577834f90b20ff0b229f30a0b29a9de37acd34a85d1e948f809d88885e2f71d93b222644aa9abe5b0588f3db81a49dab20a96d6332bde24487df46ab2f5a484e2fa8418011d30e754c8db52b0cd40893cf0e74041accf6f72236394d4b0876687be24a37a484813d1a911bf469d0da7ce2fa16a9f5b42f3a7e07f89de1401c58", @ANYRESOCT=r0], &(0x7f0000000000)='GPL\x00', 0xe38, 0xc9, &(0x7f00000005c0)=""/201, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket(0x11, 0x3, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000380)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x5, 0x0, @dev, @multicast1}, {{0x4e22, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x0, 0x0, 0x0, 0x9f1}}}}}}, 0x0) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x3, 0x6, 0x801, 0x0, 0x0, {0x3, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x44084) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x4049000) 19.138281029s ago: executing program 1 (id=94): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x0) listen(r1, 0x1) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100d0000000fbdbdf252100000018000180140002007665746831"], 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x4008800) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0007000000000000b702000040420f00b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x3, 0x3, &(0x7f0000000040)=@framed={{0x45, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x63}}, &(0x7f0000000000)='GPL\x00'}, 0x90) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58) bind$alg(r4, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0) r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="180a0000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000004000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000300)='GPL\x00', 0x4, 0x14, &(0x7f0000001e00)=""/4088}, 0x90) socket$inet_udp(0x2, 0x2, 0x0) r6 = socket$inet_smc(0x2b, 0x1, 0x0) bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) setsockopt$inet_tcp_TCP_QUEUE_SEQ(r6, 0x6, 0x15, &(0x7f0000000040)=0x1f, 0x4) 18.909389523s ago: executing program 2 (id=95): socket$igmp6(0xa, 0x3, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000180)) r4 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) socket$l2tp6(0xa, 0x2, 0x73) ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc}) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b7000000ff020000bfa3000000000000070300c034ffffff620af0fff8ffffff71a4f0ff000000002d040200000000001d400200000000004604000001ed000062030000c0ff00001d440000000000007a0a00fe00ffffffc3030000a1000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0465f2f994114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840b08000000f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e82623951743283070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00a5b4f7e9ad0500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffbf}, 0x48) 18.635976209s ago: executing program 1 (id=96): socket$packet(0x11, 0x3, 0x300) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f0000000340)=0x10001) writev(r3, 0x0, 0x0) writev(r3, &(0x7f0000000300)=[{0x0}], 0x1) openat$audio(0xffffffffffffff9c, 0x0, 0x1, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) 18.411457278s ago: executing program 0 (id=97): setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) socket(0x2, 0x80805, 0x0) socket(0x2, 0x80805, 0x0) r0 = socket$kcm(0xa, 0x922000000003, 0x11) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x54}}, 0x0) setsockopt$sock_attach_bpf(r0, 0x29, 0x24, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd29, 0x25dfdbfb, {{@in=@multicast2, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffd}, {0x0, 0x5, 0x200000000000}, 0x0, 0x0, 0x1, 0x0, 0x2, 0x2}, [@tmpl={0x44, 0x5, [{{@in6=@dev={0xfe, 0x80, '\x00', 0x44}, 0x4d4, 0x2b}, 0xa, @in=@multicast1, 0x0, 0x4, 0x0, 0x0, 0xce}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x24008040}, 0x0) bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10) setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4) connect$inet(r1, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000240)={0xffffffffffffffff, 0x0, &(0x7f0000000600)=""/160}, 0x20) sendmmsg$inet(r1, &(0x7f0000004d00), 0x7fffffffffffd33, 0x20000890) 18.190790732s ago: executing program 3 (id=98): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x1) ioctl$TCSETS(r1, 0x8926, &(0x7f0000000100)={0x4, 0x0, 0x0, 0x7ff, 0xd, "5dee000000594000"}) r2 = socket(0x10, 0x3, 0x0) r3 = userfaultfd(0x1) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)) madvise(&(0x7f00003ca000/0x1000)=nil, 0x1000, 0x66) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_COPY(r3, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r2, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f0000000600)=ANY=[@ANYBLOB="5c0000000208030000000000000000000a000003050003003a00000005000300210000000900010073797a31000000000900010073797a310000000006000240001b0000050003002100000005000300110000000500030001000000c2a4877578c215aa7e79e4ecaec2d353c161dd36f230371ed8860b0c1cb9e572193037aa5869dd621faee887a7"], 0x5c}, 0x1, 0x0, 0x0, 0x24000800}, 0x20000000) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0xa}, {0xffff, 0xffff}, {0xe, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x2, 0x0, 0x7f, 0x8101, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_PBURST={0x8, 0x7, 0x75d}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40004}, 0x0) r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r6, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {&(0x7f00000003c0), r7}}, 0x18) r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="02000000040000000800100001"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x10, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000091007b8af8ff00000000b70800000b0000007b8af0ff00000000bfa100000000000007010000f8ffffffbf9200000000000007040000f0ffffffb70200000800000018230000f87bbd5591d9daf8b951b2ac1ce0d1a86d82375b1696add9f3f39dda3ac241211b7fe12187ec28c0a8b3a29b514b80504bffc3c6b3949e1e60b0630e4b5eef2e2358690dddadec006cff07b0d0a2b230ccf0f1074279546ddf20222a4062aab16a0cd5c09a0e04e537326810642d654a0d98cb50ed44f6b5ca243f487176f51044b033289b47abe1e8f3f4c6959b3c898bb852672c85fc4b3c9b38856a541de8fe240f09fddec65bfaecef9196d37d6862107036b7cf1af509adb04fcff4f1e212e34f43243087b0e8aa88b92ec93be8c711bb52ecf207e9309d0af74d2defb8fa57a5a39a7651921818cd9cab8233342f3f69edb91d69eab83ab8e86e2c91dfccd812468f49adc7ce924476959a247a74cd1236c6be82a61418e15443e57498", @ANYRES32=r8, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000050000000900010073797a300000000030000000030a0103000000000000000005000000ae76321e254cd80d8f06debdf6102d0900010073797a30000000000900030073797a320000000004000c0014000000020a09010000000000000000000007001400000011"], 0x8c}}, 0x0) 18.040837927s ago: executing program 0 (id=99): r0 = socket$can_bcm(0x1d, 0x2, 0x2) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000019840)=@acquire={0x16c, 0x17, 0xe01, 0x0, 0x0, {{@in6=@private1}, @in6=@rand_addr=' \x01\x00', {@in, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, {{@in6=@remote, @in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}}}, [@tmpl={0x44, 0x5, [{{@in6=@private2}, 0x0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0xf10b8ffbb258080e}]}]}, 0x16c}, 0x1, 0x0, 0x0, 0x40810}, 0x0) connect$can_bcm(r0, &(0x7f0000000200), 0x10) r2 = socket$can_raw(0x1d, 0x3, 0x1) getsockopt$sock_buf(r2, 0x1, 0x1c, 0x0, &(0x7f00000000c0)) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@map=0x1, r3, 0x2f, 0x0, 0xffffffffffffffff, @void, @value=0x0}, 0x20) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r4 = openat$ptp1(0xffffff9c, &(0x7f0000000000), 0x80, 0x0) ioctl$PTP_PIN_SETFUNC(r4, 0x40603d07, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@fallback, 0xffffffffffffffff, 0x7}, 0x20) sendmsg$can_bcm(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0) sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="3400000011"], 0x34}, 0x1, 0x0, 0x0, 0x800c000}, 0x0) sendmsg$can_bcm(r0, 0x0, 0x8080) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x4, 0x4, 0x4, 0x8}, 0x48) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) 17.964705349s ago: executing program 3 (id=100): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r0) r1 = add_key(&(0x7f0000000000)='big_key\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff) sendmsg$IEEE802154_LIST_PHY(0xffffffffffffffff, 0x0, 0x20000004) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000340)="8fb30e3024bc8b8a7eeb712c498d9fee2e79677b04ed7588a8b81bdafc92979944d7ed326cafeea6d5a8e0b63fdcce5bdf06557dc3f42bd9cc2cf8b5a777c09ac7d064e26218badf90801241babf5b830c4e24d32b615185fecfaf37c6ac536c9da934ee091a863ea0f9ef100ce4b56fca9331aed4518012", 0x78, r1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8) syz_clone(0x10872000, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt(0xffffffffffffffff, 0x6, 0x7, 0x0, &(0x7f0000000000)) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000d00)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071107300000000001d400500000000004704000001ed00000f030000000000009f440000000000006b0a00fe000000007313000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff31a8fd3c0fd8b7ff831028e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a83469620c6e74e1f46132559c4f8700a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a920099c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3ba18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b4762302a271722fb515f31e0dd115a292f1e68481a62c49d15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc82300000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='.\x00', &(0x7f0000000140)='udf\x00', 0x1000040, 0x0) 17.891709782s ago: executing program 0 (id=101): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000021c0)=@acquire={0x16c, 0x17, 0x90d, 0x0, 0x0, {{@in=@broadcast}, @in=@dev, {@in6=@remote, @in6=@mcast2}, {{@in6=@empty, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0xa}}}, [@tmpl={0x44, 0x10, [{{@in=@multicast2}}]}]}, 0x16c}}, 0x0) r3 = socket$kcm(0x29, 0x5, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000580)={0x1, 0x0, 0x0, 0x1000, &(0x7f0000456000/0x1000)=nil}) ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"]) munmap(&(0x7f0000456000/0x2000)=nil, 0x2000) ioctl$KVM_SET_LAPIC(r6, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"}) ioctl$KVM_RUN(r6, 0xae80, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000480), 0x20) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x5c, 0x2, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0x5}, [@IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x5c}}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 17.685079536s ago: executing program 0 (id=102): cachestat(0xffffffffffffffff, &(0x7f0000000300)={0x1ff, 0x8}, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) dup(0xffffffffffffffff) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x20040040) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r1, 0x40045402, 0x0) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40046f41, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0) r3 = socket(0x10, 0x2, 0x0) write(r3, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) recvmmsg(r3, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) 17.564728281s ago: executing program 1 (id=103): socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) prctl$PR_MCE_KILL(0x23, 0x9, 0x7fffffffeffe) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0}, 0x94) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) r5 = fsopen(&(0x7f0000000300)='tracefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000280)='gid', &(0x7f0000000580)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xeaEb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) 17.54048892s ago: executing program 2 (id=104): openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x121040, 0x0) openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f00000002c0)) syz_io_uring_setup(0x83, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[], 0x15) r4 = dup(r3) open(&(0x7f0000000180)='./file0\x00', 0x440, 0xc2) write$FUSE_BMAP(r4, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x3b9}}, 0x18) write$FUSE_DIRENTPLUS(r4, 0x0, 0xb0) write$FUSE_GETXATTR(r4, &(0x7f00000000c0)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r4, &(0x7f00000005c0)=ANY=[@ANYBLOB="b900"], 0xb8) mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000080), 0x1010412, &(0x7f0000000780)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) 15.219043548s ago: executing program 1 (id=105): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$KDFONTOP_SET(r2, 0x4b72, &(0x7f0000000080)={0x300, 0x3000040, 0x8, 0x1b, 0xfe, 0x0}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_usbip_server_init(0x1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000680)={0x94, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME={0x72, 0x33, @beacon={{{}, {0xdde}, @broadcast, @device_a, @initial, {0x0, 0x8}}, 0x101, @default, 0x4502, @val, @val, @val={0x3, 0x1, 0xe}, @val={0x4, 0x6, {0xa, 0x97, 0x0, 0xffff}}, @val={0x6, 0x2, 0x1}, @val={0x5, 0x3, {0x5, 0x99}}, @void, @void, @val={0x3c, 0x4, {0x1, 0x80, 0x2c, 0x1c}}, @val={0x2d, 0x1a, {0x2, 0x0, 0x3, 0x0, {0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x3}, 0x7, 0x3, 0x4}}, @val={0x72, 0x6}, @void, @val={0x76, 0x6, {0x5, 0x5, 0x21, 0xb}}}}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x94}, 0x1, 0x0, 0x0, 0x880}, 0x0) 15.055780706s ago: executing program 3 (id=106): sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000004340)=""/102376, 0x18fe8) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, 0x0) r2 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) gettid() r3 = semget(0x1, 0x1, 0x132) semctl$SETALL(r3, 0x0, 0x11, 0x0) timer_create(0x0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x54, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x54}}, 0x0) close(r2) open(&(0x7f0000000100)='./file0\x00', 0x0, 0x1a9) r5 = memfd_create(0x0, 0x0) execveat(r5, 0x0, 0x0, 0x0, 0x1000) 14.620545926s ago: executing program 2 (id=107): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000040), 0x0, 0x0) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r2, 0x4008af60, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000002000000000000f9f0b81c4bed451c00"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = syz_open_procfs(0x0, &(0x7f0000000340)='fdinfo/3\x00') read$FUSE(r3, &(0x7f0000001640)={0x2020}, 0x2020) r4 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r4, 0x28, 0x2, &(0x7f0000000000)=0x3, 0x8) r5 = socket(0x1e, 0x4, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x3c}}, 0x4000) socket$xdp(0x2c, 0x3, 0x0) connect$tipc(r5, &(0x7f0000000040)=@id={0x1e, 0x3, 0x2, {0x4e20}}, 0x10) sendmmsg$unix(r5, &(0x7f0000004400), 0x400000000000203, 0x0) 13.543416628s ago: executing program 1 (id=108): setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$rxrpc(0x21, 0x2, 0xa) syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$int_in(r3, 0x5452, &(0x7f0000000040)=0x1ff) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r4, 0xffffffffffffffff, 0x0) 13.493322924s ago: executing program 2 (id=109): syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) syz_open_dev$char_usb(0xc, 0xb4, 0x0) socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket$packet(0x11, 0x3, 0x300) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) exit(0x8) bind$can_j1939(r3, &(0x7f0000000100)={0x1d, r4, 0x0, {0x1}, 0xfd}, 0x18) connect$can_j1939(r3, &(0x7f0000000080)={0x1d, r4, 0x0, {0x0, 0xf0, 0x2}, 0xfe}, 0x18) 2.495484837s ago: executing program 32 (id=102): cachestat(0xffffffffffffffff, &(0x7f0000000300)={0x1ff, 0x8}, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) dup(0xffffffffffffffff) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x20040040) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r1, 0x40045402, 0x0) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40046f41, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0) r3 = socket(0x10, 0x2, 0x0) write(r3, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) recvmmsg(r3, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) 0s ago: executing program 33 (id=106): sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000004340)=""/102376, 0x18fe8) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, 0x0) r2 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) gettid() r3 = semget(0x1, 0x1, 0x132) semctl$SETALL(r3, 0x0, 0x11, 0x0) timer_create(0x0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x54, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x54}}, 0x0) close(r2) open(&(0x7f0000000100)='./file0\x00', 0x0, 0x1a9) r5 = memfd_create(0x0, 0x0) execveat(r5, 0x0, 0x0, 0x0, 0x1000) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:34111' (ED25519) to the list of known hosts. [ 41.118822][ T5891] cgroup: Unknown subsys name 'net' [ 41.281702][ T5891] cgroup: Unknown subsys name 'cpuset' [ 41.286579][ T5891] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 42.173711][ T5891] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 45.614577][ T5983] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 45.617255][ T5992] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 45.617568][ T5991] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 45.617840][ T5983] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 45.618411][ T5983] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 45.618733][ T5983] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 45.619116][ T5983] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 45.619408][ T5983] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 45.620595][ T5992] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 45.623862][ T5983] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 45.625328][ T5992] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 45.626987][ T5991] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 45.629129][ T5992] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 45.631632][ T5991] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 45.633653][ T5992] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 45.635596][ T5991] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 45.636757][ T5994] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 45.638648][ T5992] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 45.655961][ T5992] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 45.659980][ T5992] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 45.889377][ T5976] chnl_net:caif_netlink_parms(): no params data found [ 45.963797][ T5986] chnl_net:caif_netlink_parms(): no params data found [ 45.973948][ T5979] chnl_net:caif_netlink_parms(): no params data found [ 46.074855][ T5975] chnl_net:caif_netlink_parms(): no params data found [ 46.099921][ T5976] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.102334][ T5976] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.104978][ T5976] bridge_slave_0: entered allmulticast mode [ 46.108557][ T5976] bridge_slave_0: entered promiscuous mode [ 46.151576][ T5976] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.153887][ T5976] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.156250][ T5976] bridge_slave_1: entered allmulticast mode [ 46.159225][ T5976] bridge_slave_1: entered promiscuous mode [ 46.207775][ T5986] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.210129][ T5986] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.212470][ T5986] bridge_slave_0: entered allmulticast mode [ 46.215141][ T5986] bridge_slave_0: entered promiscuous mode [ 46.247788][ T5979] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.250140][ T5979] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.252445][ T5979] bridge_slave_0: entered allmulticast mode [ 46.255648][ T5979] bridge_slave_0: entered promiscuous mode [ 46.258652][ T5986] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.261269][ T5986] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.263543][ T5986] bridge_slave_1: entered allmulticast mode [ 46.266442][ T5986] bridge_slave_1: entered promiscuous mode [ 46.278526][ T5976] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.281636][ T5979] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.283974][ T5979] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.286261][ T5979] bridge_slave_1: entered allmulticast mode [ 46.288970][ T5979] bridge_slave_1: entered promiscuous mode [ 46.311429][ T5976] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.346759][ T5986] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.422131][ T5979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.426160][ T5986] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.442758][ T5975] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.445018][ T5975] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.447258][ T5975] bridge_slave_0: entered allmulticast mode [ 46.450221][ T5975] bridge_slave_0: entered promiscuous mode [ 46.453939][ T5975] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.456168][ T5975] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.458498][ T5975] bridge_slave_1: entered allmulticast mode [ 46.461063][ T5975] bridge_slave_1: entered promiscuous mode [ 46.464319][ T5976] team0: Port device team_slave_0 added [ 46.467941][ T5979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.513611][ T5976] team0: Port device team_slave_1 added [ 46.535333][ T5986] team0: Port device team_slave_0 added [ 46.539507][ T5975] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.572116][ T5986] team0: Port device team_slave_1 added [ 46.575656][ T5975] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.598249][ T5979] team0: Port device team_slave_0 added [ 46.601686][ T5979] team0: Port device team_slave_1 added [ 46.642037][ T5976] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.644350][ T5976] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.652799][ T5976] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.690690][ T5986] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.692896][ T5986] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.700946][ T5986] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.717132][ T5976] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.719580][ T5976] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.727866][ T5976] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.744107][ T5986] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.746292][ T5986] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.755341][ T5986] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.760626][ T5975] team0: Port device team_slave_0 added [ 46.767260][ T5975] team0: Port device team_slave_1 added [ 46.770487][ T5979] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.772706][ T5979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.781654][ T5979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.789013][ T5979] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.791202][ T5979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.799196][ T5979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.834588][ T5975] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.836829][ T5975] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.844930][ T5975] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.849189][ T5975] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.851388][ T5975] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.859448][ T5975] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.945042][ T5986] hsr_slave_0: entered promiscuous mode [ 46.947390][ T5986] hsr_slave_1: entered promiscuous mode [ 46.979717][ T5979] hsr_slave_0: entered promiscuous mode [ 46.981903][ T5979] hsr_slave_1: entered promiscuous mode [ 46.983964][ T5979] debugfs: 'hsr0' already exists in 'hsr' [ 46.985766][ T5979] Cannot create hsr debugfs directory [ 47.019351][ T5976] hsr_slave_0: entered promiscuous mode [ 47.021639][ T5976] hsr_slave_1: entered promiscuous mode [ 47.023797][ T5976] debugfs: 'hsr0' already exists in 'hsr' [ 47.025583][ T5976] Cannot create hsr debugfs directory [ 47.042816][ T5975] hsr_slave_0: entered promiscuous mode [ 47.045222][ T5975] hsr_slave_1: entered promiscuous mode [ 47.047239][ T5975] debugfs: 'hsr0' already exists in 'hsr' [ 47.049088][ T5975] Cannot create hsr debugfs directory [ 47.376980][ T5979] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 47.382434][ T5979] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 47.390473][ T5979] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 47.397320][ T5979] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 47.417323][ T5986] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 47.421935][ T5986] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 47.433391][ T5986] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 47.437609][ T5986] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 47.466773][ T5976] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 47.474815][ T5976] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 47.488561][ T5976] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 47.492546][ T5976] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 47.520207][ T5975] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 47.526408][ T5975] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 47.533574][ T5975] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 47.543425][ T5975] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 47.572926][ T5979] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.593814][ T5986] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.616352][ T5979] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.630293][ T5986] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.634293][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.636612][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.641025][ T1148] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.643407][ T1148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.653822][ T1183] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.656087][ T1183] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.668867][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.671125][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.678893][ T5992] Bluetooth: hci2: command tx timeout [ 47.679080][ T5990] Bluetooth: hci0: command tx timeout [ 47.679105][ T5994] Bluetooth: hci1: command tx timeout [ 47.684616][ T5980] Bluetooth: hci3: command tx timeout [ 47.703091][ T5976] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.714626][ T5975] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.730519][ T5976] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.738719][ T5975] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.743518][ T1183] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.745835][ T1183] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.753752][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.756025][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.759677][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.761949][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.771467][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.773703][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.811941][ T5976] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 47.827912][ T5979] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.833220][ T5986] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.875687][ T5979] veth0_vlan: entered promiscuous mode [ 47.882229][ T5986] veth0_vlan: entered promiscuous mode [ 47.887283][ T5979] veth1_vlan: entered promiscuous mode [ 47.894716][ T5986] veth1_vlan: entered promiscuous mode [ 47.913051][ T5975] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.925643][ T5979] veth0_macvtap: entered promiscuous mode [ 47.930238][ T5986] veth0_macvtap: entered promiscuous mode [ 47.935322][ T5979] veth1_macvtap: entered promiscuous mode [ 47.940586][ T5986] veth1_macvtap: entered promiscuous mode [ 47.958844][ T5976] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.962069][ T5979] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.967234][ T5986] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.976343][ T5979] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.980418][ T5986] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.988814][ T5975] veth0_vlan: entered promiscuous mode [ 47.996085][ T46] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.999472][ T46] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.008194][ T46] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.010942][ T46] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.016632][ T5975] veth1_vlan: entered promiscuous mode [ 48.020070][ T46] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.022849][ T46] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.032690][ T46] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.035421][ T46] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.054274][ T5976] veth0_vlan: entered promiscuous mode [ 48.088413][ T5975] veth0_macvtap: entered promiscuous mode [ 48.092192][ T5976] veth1_vlan: entered promiscuous mode [ 48.100280][ T88] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.102743][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.102793][ T5975] veth1_macvtap: entered promiscuous mode [ 48.103213][ T88] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.105305][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.126724][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.129665][ T5975] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.130173][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.143489][ T5975] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.162283][ T46] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.162300][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.162312][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.173921][ T46] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.177237][ T46] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.189433][ T5986] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 48.196141][ T46] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.200816][ T5976] veth0_macvtap: entered promiscuous mode [ 48.207955][ T5976] veth1_macvtap: entered promiscuous mode [ 48.231584][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.234042][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.236279][ T5976] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.243926][ T5976] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.254423][ T1183] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.258845][ T1183] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.272192][ T1183] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.275871][ T1183] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.288527][ T1183] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.291827][ T1183] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.334968][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.337530][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.363885][ T40] audit: type=1326 audit(1756713085.349:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.1.5" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 48.365469][ T6074] loop6: detected capacity change from 0 to 63 [ 48.374390][ T40] audit: type=1326 audit(1756713085.349:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.1.5" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 48.376108][ T6074] Buffer I/O error on dev loop6, logical block 0, async page read [ 48.385153][ T40] audit: type=1326 audit(1756713085.349:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.1.5" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 48.385860][ T6074] Buffer I/O error on dev loop6, logical block 0, async page read [ 48.398086][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.402544][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.404251][ T88] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.408200][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.411699][ T88] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.415401][ T40] audit: type=1326 audit(1756713085.349:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.1.5" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 48.416984][ T6074] Buffer I/O error on dev loop6, logical block 0, async page read [ 48.423811][ T40] audit: type=1326 audit(1756713085.349:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.1.5" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 48.423848][ T40] audit: type=1326 audit(1756713085.349:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.1.5" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 48.427294][ T6074] Buffer I/O error on dev loop6, logical block 0, async page read [ 48.443297][ T40] audit: type=1326 audit(1756713085.349:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.1.5" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 48.450883][ T6075] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5'. [ 48.454933][ T40] audit: type=1326 audit(1756713085.349:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.1.5" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 48.486088][ T40] audit: type=1326 audit(1756713085.349:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.1.5" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 48.486143][ T6074] Buffer I/O error on dev loop6, logical block 0, async page read [ 48.493802][ T40] audit: type=1326 audit(1756713085.349:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.1.5" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 48.506637][ T6074] Buffer I/O error on dev loop6, logical block 0, async page read [ 48.510052][ T6074] Buffer I/O error on dev loop6, logical block 0, async page read [ 48.513251][ T6074] Buffer I/O error on dev loop6, logical block 0, async page read [ 48.550894][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 48.587849][ T6074] ldm_validate_partition_table(): Disk read failed. [ 48.592261][ T6074] Buffer I/O error on dev loop6, logical block 0, async page read [ 48.595376][ T6074] Buffer I/O error on dev loop6, logical block 0, async page read [ 48.599095][ T6074] Dev loop6: unable to read RDB block 0 [ 48.601868][ T6074] loop6: unable to read partition table [ 48.618510][ T6074] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾‚³˜) failed (rc=-5) [ 48.920162][ T5389] ldm_validate_partition_table(): Disk read failed. [ 48.923660][ T5389] Dev loop6: unable to read RDB block 0 [ 48.925792][ T5389] loop6: unable to read partition table [ 49.123181][ T6087] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 49.260536][ T0] NOHZ tick-stop error: local softirq work is pending, handler #4a!!! [ 49.763691][ T5980] Bluetooth: hci3: command tx timeout [ 49.765518][ T5980] Bluetooth: hci0: command tx timeout [ 49.769176][ T5990] Bluetooth: hci2: command tx timeout [ 49.827902][ T6101] tipc: Started in network mode [ 49.829664][ T6101] tipc: Node identity ac1414aa, cluster identity 4711 [ 49.832333][ T6101] tipc: Enabled bearer , priority 10 [ 49.836885][ T6101] tipc: Enabled bearer , priority 0 [ 49.853426][ T6096] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 49.856076][ T6096] UDF-fs: Scanning with blocksize 2048 failed [ 49.859284][ T6096] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 49.861922][ T6096] UDF-fs: Scanning with blocksize 4096 failed [ 50.311521][ T53] cfg80211: failed to load regulatory.db [ 50.459505][ T6112] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 50.719696][ T6119] netlink: 'syz.2.13': attribute type 1 has an invalid length. [ 50.722198][ T6119] netlink: 224 bytes leftover after parsing attributes in process `syz.2.13'. [ 50.747996][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.751744][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.780440][ T6121] syz.1.15 (6121): drop_caches: 0 [ 50.818354][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 50.821154][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.969647][ T24] tipc: Node number set to 2886997162 [ 51.083193][ T6125] kernel profiling enabled (shift: 17) [ 51.169960][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.312318][ T6135] ªªªªª»: renamed from hsr0 (while UP) [ 51.613231][ T5990] Bluetooth: hci1: command tx timeout [ 51.838539][ T5990] Bluetooth: hci2: command tx timeout [ 51.840769][ T5980] Bluetooth: hci0: command tx timeout [ 51.843507][ T5990] Bluetooth: hci3: command tx timeout [ 52.282831][ T6144] overlay: Bad value for 'workdir' [ 52.590628][ T6151] syzkaller1: entered promiscuous mode [ 52.592455][ T6151] syzkaller1: entered allmulticast mode [ 52.599147][ T6151] warning: `syz.1.25' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 52.821307][ T6152] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode [ 53.678022][ T5990] Bluetooth: hci1: command tx timeout [ 53.918223][ T5990] Bluetooth: hci3: command tx timeout [ 53.918802][ T5992] Bluetooth: hci2: command tx timeout [ 53.922722][ T5980] Bluetooth: hci0: command tx timeout [ 54.778605][ T6179] IPVS: set_ctl: invalid protocol: 50 255.255.255.255:20002 [ 55.207267][ T6188] tipc: Started in network mode [ 55.210461][ T6188] tipc: Node identity 9ab80ddebc04, cluster identity 4711 [ 55.212694][ T6188] tipc: Enabled bearer , priority 0 [ 55.220834][ T6188] syzkaller0: entered promiscuous mode [ 55.225022][ T6188] syzkaller0: entered allmulticast mode [ 55.249235][ T6188] tipc: Resetting bearer [ 55.259862][ T6187] tipc: Resetting bearer [ 55.288166][ T6187] tipc: Disabling bearer [ 55.421751][ T6190] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 55.558070][ T6190] netlink: 4 bytes leftover after parsing attributes in process `syz.0.36'. [ 55.562841][ T6190] netlink: 4 bytes leftover after parsing attributes in process `syz.0.36'. [ 55.695063][ T6197] overlayfs: missing 'lowerdir' [ 55.740729][ T6197] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.743488][ T6197] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.788975][ T6197] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 55.794680][ T6197] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 55.821304][ T6195] Zero length message leads to an empty skb [ 55.869272][ T90] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.872537][ T90] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.877247][ T90] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.880707][ T90] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.983275][ T6203] IPVS: Error connecting to the multicast addr [ 55.985977][ T40] kauditd_printk_skb: 855 callbacks suppressed [ 55.985987][ T40] audit: type=1326 audit(1756713092.969:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6202 comm="syz.2.40" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f61579 code=0x0 [ 56.413167][ T6209] netlink: 20 bytes leftover after parsing attributes in process `syz.3.41'. [ 57.358774][ T6232] ======================================================= [ 57.358774][ T6232] WARNING: The mand mount option has been deprecated and [ 57.358774][ T6232] and is ignored by this kernel. Remove the mand [ 57.358774][ T6232] option from the mount to silence this warning. [ 57.358774][ T6232] ======================================================= [ 57.371467][ T6232] overlay: Unknown parameter '/' [ 59.509522][ T6261] Process accounting resumed [ 60.521045][ T6271] kexec: Could not allocate control_code_buffer [ 61.455972][ T6309] netlink: 'syz.3.61': attribute type 4 has an invalid length. [ 61.470354][ T6309] netlink: 'syz.3.61': attribute type 4 has an invalid length. [ 61.610035][ T40] audit: type=1326 audit(1756713098.589:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.2.64" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 61.618852][ T40] audit: type=1326 audit(1756713098.589:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.2.64" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 61.626712][ T40] audit: type=1326 audit(1756713098.589:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.2.64" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 61.633357][ T40] audit: type=1326 audit(1756713098.589:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.2.64" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 61.641331][ T40] audit: type=1326 audit(1756713098.589:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.2.64" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 61.648184][ T40] audit: type=1326 audit(1756713098.589:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.2.64" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f615a7 code=0x7ffc0000 [ 61.654698][ T40] audit: type=1326 audit(1756713098.589:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.2.64" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 61.661370][ T40] audit: type=1326 audit(1756713098.589:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.2.64" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 61.668012][ T40] audit: type=1326 audit(1756713098.589:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.2.64" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 61.675535][ T40] audit: type=1326 audit(1756713098.589:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.2.64" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f615a7 code=0x7ffc0000 [ 61.698023][ T6316] A link change request failed with some changes committed already. Interface xfrm0 may have been left with an inconsistent configuration, please check. [ 61.777930][ T72] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 61.949951][ T72] usb 8-1: config index 0 descriptor too short (expected 45, got 36) [ 61.952506][ T72] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 61.956010][ T72] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 61.961604][ T72] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 61.965171][ T72] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 61.969245][ T72] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 61.972039][ T72] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.979660][ T72] usb 8-1: config 0 descriptor?? [ 61.987685][ T6313] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 62.258255][ T6332] netlink: 8 bytes leftover after parsing attributes in process `syz.1.66'. [ 62.403001][ T72] plantronics 0003:047F:FFFF.0002: reserved main item tag 0xd [ 62.411851][ T72] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 62.769916][ T6335] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 62.777049][ T6335] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 62.788169][ T6335] bond0 (unregistering): Released all slaves [ 62.930068][ T6343] syz.2.68 (6343): /proc/6341/oom_adj is deprecated, please use /proc/6341/oom_score_adj instead. [ 63.296875][ T6353] tipc: Started in network mode [ 63.303446][ T6353] tipc: Node identity f6243d1c616b, cluster identity 4711 [ 63.305808][ T6353] tipc: Enabled bearer , priority 0 [ 63.309033][ T6353] syzkaller0: entered promiscuous mode [ 63.310753][ T6353] syzkaller0: entered allmulticast mode [ 63.323413][ T6353] tipc: Resetting bearer [ 63.328733][ T6352] tipc: Resetting bearer [ 63.359396][ T6352] tipc: Disabling bearer [ 63.469445][ T6359] sctp: [Deprecated]: syz.2.71 (pid 6359) Use of struct sctp_assoc_value in delayed_ack socket option. [ 63.469445][ T6359] Use struct sctp_sack_info instead [ 63.828198][ T6356] process 'syz.1.70' launched '/dev/fd/6' with NULL argv: empty string added [ 63.967878][ T6044] usb 8-1: reset high-speed USB device number 2 using dummy_hcd [ 65.049687][ T6375] syz.3.75 uses obsolete (PF_INET,SOCK_PACKET) [ 65.052558][ T6375] netlink: 4 bytes leftover after parsing attributes in process `syz.3.75'. [ 65.490582][ T1336] usb 8-1: USB disconnect, device number 2 [ 65.584373][ T6387] capability: warning: `syz.1.80' uses 32-bit capabilities (legacy support in use) [ 65.700966][ T6389] bridge0: port 3(syz_tun) entered blocking state [ 65.706476][ T6389] bridge0: port 3(syz_tun) entered disabled state [ 65.781724][ T6389] syz_tun: entered allmulticast mode [ 65.858913][ T6390] netlink: 'syz.1.81': attribute type 10 has an invalid length. [ 65.865386][ T6389] syz_tun: entered promiscuous mode [ 65.872721][ T6389] bridge0: port 3(syz_tun) entered blocking state [ 65.875434][ T6389] bridge0: port 3(syz_tun) entered forwarding state [ 65.939726][ T6390] bridge0: port 3(syz_tun) entered disabled state [ 65.941813][ T6390] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.944187][ T6390] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.002959][ T6390] bridge0: port 3(syz_tun) entered blocking state [ 66.005057][ T6390] bridge0: port 3(syz_tun) entered forwarding state [ 66.007815][ T6390] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.010075][ T6390] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.012363][ T6390] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.014567][ T6390] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.257618][ T6390] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 66.526179][ T6389] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:a8aa:aaff:feaa:aa17 error=-28 [ 66.601279][ T6389] infiniband syz1: set active [ 66.603632][ T6389] infiniband syz1: added syz_tun [ 66.761491][ T6389] RDS/IB: syz1: added [ 66.763415][ T6389] smc: adding ib device syz1 with port count 1 [ 66.765746][ T6389] smc: ib device syz1 port 1 has pnetid [ 66.949455][ T6401] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 66.951682][ T6401] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 66.955159][ T6401] vhci_hcd vhci_hcd.0: Device attached [ 66.962612][ T6401] futex_wake_op: syz.2.84 tries to shift op by 144; fix this program [ 66.992615][ T6409] vhci_hcd: connection closed [ 66.998001][ T46] vhci_hcd: stop threads [ 67.001060][ T46] vhci_hcd: release socket [ 67.002523][ T46] vhci_hcd: disconnect device [ 67.654924][ T40] kauditd_printk_skb: 168 callbacks suppressed [ 67.654935][ T40] audit: type=1804 audit(1756713104.629:1046): pid=6430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.88" name="/newroot/24/bus/bus" dev="overlay" ino=154 res=1 errno=0 [ 67.680761][ T40] audit: type=1804 audit(1756713104.659:1047): pid=6430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.88" name="/newroot/24/bus/bus" dev="overlay" ino=154 res=1 errno=0 [ 68.135127][ T40] audit: type=1804 audit(1756713105.109:1048): pid=6447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.90" name="/newroot/22/bus" dev="tmpfs" ino=133 res=1 errno=0 [ 68.292931][ T6449] tipc: Started in network mode [ 68.294460][ T6449] tipc: Node identity 1e2ca94c0d4e, cluster identity 4711 [ 68.296897][ T6449] tipc: Enabled bearer , priority 0 [ 68.301315][ T6449] syzkaller0: entered promiscuous mode [ 68.303544][ T6449] syzkaller0: entered allmulticast mode [ 68.330794][ T6449] tipc: Resetting bearer [ 68.333433][ T6449] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 68.344728][ T6448] tipc: Resetting bearer [ 68.358090][ T6448] tipc: Disabling bearer [ 68.587732][ T6455] netlink: 28 bytes leftover after parsing attributes in process `syz.1.92'. [ 68.590636][ T6455] netlink: 8 bytes leftover after parsing attributes in process `syz.1.92'. [ 68.596742][ T40] audit: type=1326 audit(1756713105.569:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6450 comm="syz.1.92" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x0 [ 68.605846][ T6451] netlink: 'syz.1.92': attribute type 10 has an invalid length. [ 68.608498][ T6451] bridge0: port 4(team0) entered blocking state [ 68.611528][ T6451] bridge0: port 4(team0) entered disabled state [ 68.615936][ T6451] team0: entered allmulticast mode [ 68.617895][ T6451] team_slave_0: entered allmulticast mode [ 68.622319][ T6451] team_slave_1: entered allmulticast mode [ 68.627779][ T6451] team0: entered promiscuous mode [ 68.629416][ T6451] team_slave_0: entered promiscuous mode [ 68.631298][ T6451] team_slave_1: entered promiscuous mode [ 68.633667][ T6451] bridge0: port 4(team0) entered blocking state [ 68.635766][ T6451] bridge0: port 4(team0) entered forwarding state [ 69.438923][ T6483] netlink: 4 bytes leftover after parsing attributes in process `syz.0.97'. [ 69.674255][ T6486] sch_tbf: burst 0 is lower than device lo mtu (11337746) ! [ 69.692343][ T6486] netlink: 28 bytes leftover after parsing attributes in process `syz.3.98'. [ 69.830257][ T6494] netlink: 4 bytes leftover after parsing attributes in process `syz.0.99'. [ 69.978955][ T6504] netlink: 4 bytes leftover after parsing attributes in process `syz.0.101'. [ 70.149400][ T6506] I/O error, dev loop3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 70.153142][ T6506] I/O error, dev loop3, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 70.156637][ T6506] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 70.166179][ T6506] I/O error, dev loop3, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 70.169780][ T6506] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 70.172766][ T6506] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 70.175180][ T6506] UDF-fs: Scanning with blocksize 512 failed [ 70.182803][ T6506] I/O error, dev loop3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 70.191099][ T6506] I/O error, dev loop3, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 70.199081][ T6506] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 70.203024][ T6506] I/O error, dev loop3, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 70.206369][ T6506] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 70.212901][ T6506] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 70.215330][ T6506] UDF-fs: Scanning with blocksize 1024 failed [ 70.220426][ T6506] I/O error, dev loop3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 70.224161][ T6506] I/O error, dev loop3, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 70.227871][ T6506] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 70.230803][ T6506] I/O error, dev loop3, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 70.234131][ T6506] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 70.239934][ T6506] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 70.242359][ T6506] UDF-fs: Scanning with blocksize 2048 failed [ 70.247528][ T6506] I/O error, dev loop3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 70.287146][ T6506] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 70.297536][ T6506] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 70.300904][ T6506] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 70.315240][ T6506] UDF-fs: Scanning with blocksize 4096 failed [ 70.317451][ T6506] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1) [ 70.891456][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.928059][ T6525] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7) [ 72.930308][ T6525] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 72.934543][ T6525] vhci_hcd vhci_hcd.0: Device attached [ 73.167081][ T72] usb 39-1: new low-speed USB device number 2 using vhci_hcd [ 73.638990][ T6526] vhci_hcd: connection reset by peer [ 73.641532][ T90] vhci_hcd: stop threads [ 73.642946][ T90] vhci_hcd: release socket [ 73.645086][ T90] vhci_hcd: disconnect device [ 74.596805][ T53] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 74.746795][ T53] usb 7-1: Using ep0 maxpacket: 8 [ 74.751535][ T53] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 74.755227][ T53] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 74.760588][ T53] usb 7-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 74.770812][ T53] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 74.774278][ T53] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 74.778445][ T53] usb 7-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 74.783895][ T53] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 74.790085][ T53] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 74.794666][ T53] usb 7-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 74.803069][ T53] usb 7-1: string descriptor 0 read error: -22 [ 74.805745][ T53] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 74.812683][ T53] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 74.824493][ T53] adutux 7-1:168.0: interrupt endpoints not found [ 78.307446][ T72] vhci_hcd: vhci_device speed not set [ 85.429572][ T5992] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 85.432639][ T5992] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 85.435338][ T5992] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 85.439174][ T5992] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 85.441679][ T5992] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 85.615382][ T6559] chnl_net:caif_netlink_parms(): no params data found [ 87.516036][ T5992] Bluetooth: hci4: command tx timeout [ 87.834479][ T1422] ================================================================== [ 87.837049][ T1422] BUG: KASAN: slab-use-after-free in handle_tx+0x5dc/0x630 [ 87.839324][ T1422] Read of size 1 at addr ffff888060847490 by task aoe_tx0/1422 [ 87.843485][ T1422] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 87.844265][ T1422] CPU: 0 UID: 0 PID: 1422 Comm: aoe_tx0 Not tainted syzkaller #0 PREEMPT(full) [ 87.844278][ T1422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.844284][ T1422] Call Trace: [ 87.844288][ T1422] [ 87.844292][ T1422] dump_stack_lvl+0x116/0x1f0 [ 87.844309][ T1422] print_report+0xcd/0x630 [ 87.844322][ T1422] ? __virt_addr_valid+0x81/0x610 [ 87.844335][ T1422] ? __phys_addr+0xe8/0x180 [ 87.844347][ T1422] ? handle_tx+0x5dc/0x630 [ 87.844356][ T1422] kasan_report+0xe0/0x110 [ 87.844369][ T1422] ? handle_tx+0x5dc/0x630 [ 87.844380][ T1422] handle_tx+0x5dc/0x630 [ 87.844391][ T1422] dev_hard_start_xmit+0x94/0x740 [ 87.844405][ T1422] __dev_queue_xmit+0xa46/0x4490 [ 87.844416][ T1422] ? lockdep_hardirqs_on+0x7c/0x110 [ 87.844429][ T1422] ? finish_task_switch.isra.0+0x221/0xc10 [ 87.844440][ T1422] ? rcu_is_watching+0x12/0xc0 [ 87.844451][ T1422] ? __pfx___dev_queue_xmit+0x10/0x10 [ 87.844462][ T1422] ? __schedule+0x11a3/0x5de0 [ 87.844474][ T1422] ? __lock_acquire+0xb97/0x1ce0 [ 87.844490][ T1422] ? do_raw_spin_lock+0x12c/0x2b0 [ 87.844505][ T1422] ? find_held_lock+0x2b/0x80 [ 87.844514][ T1422] ? skb_dequeue+0x126/0x180 [ 87.844524][ T1422] ? find_held_lock+0x2b/0x80 [ 87.844533][ T1422] ? rcu_is_watching+0x12/0xc0 [ 87.844544][ T1422] tx+0xcc/0x190 [ 87.844558][ T1422] ? __pfx_tx+0x10/0x10 [ 87.844569][ T1422] kthread+0x1e1/0x3e0 [ 87.844580][ T1422] ? find_held_lock+0x2b/0x80 [ 87.844589][ T1422] ? __pfx_kthread+0x10/0x10 [ 87.844600][ T1422] ? __pfx_default_wake_function+0x10/0x10 [ 87.844611][ T1422] ? lockdep_hardirqs_on+0x7c/0x110 [ 87.844623][ T1422] ? __kthread_parkme+0x19e/0x250 [ 87.844635][ T1422] ? __pfx_kthread+0x10/0x10 [ 87.844646][ T1422] kthread+0x3c5/0x780 [ 87.844659][ T1422] ? __pfx_kthread+0x10/0x10 [ 87.844673][ T1422] ? rcu_is_watching+0x12/0xc0 [ 87.844683][ T1422] ? __pfx_kthread+0x10/0x10 [ 87.844696][ T1422] ret_from_fork+0x5d7/0x6f0 [ 87.844711][ T1422] ? __pfx_kthread+0x10/0x10 [ 87.844725][ T1422] ret_from_fork_asm+0x1a/0x30 [ 87.844740][ T1422] [ 87.844744][ T1422] [ 87.909969][ T1422] Allocated by task 6127: [ 87.911348][ T1422] kasan_save_stack+0x33/0x60 [ 87.912841][ T1422] kasan_save_track+0x14/0x30 [ 87.914348][ T1422] __kasan_kmalloc+0xaa/0xb0 [ 87.915818][ T1422] alloc_tty_struct+0x96/0x8c0 [ 87.917333][ T1422] tty_init_dev.part.0+0x1e/0x500 [ 87.918933][ T1422] tty_open+0xa50/0xf90 [ 87.920265][ T1422] chrdev_open+0x231/0x6a0 [ 87.921660][ T1422] do_dentry_open+0x97f/0x1530 [ 87.923144][ T1422] vfs_open+0x82/0x3f0 [ 87.924465][ T1422] path_openat+0x1de4/0x2cb0 [ 87.925929][ T1422] do_filp_open+0x20b/0x470 [ 87.927392][ T1422] do_sys_openat2+0x11b/0x1d0 [ 87.928895][ T1422] __ia32_compat_sys_openat+0x16d/0x210 [ 87.930631][ T1422] __do_fast_syscall_32+0x7c/0x3a0 [ 87.932259][ T1422] do_fast_syscall_32+0x32/0x80 [ 87.933803][ T1422] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 87.935811][ T1422] [ 87.936585][ T1422] Freed by task 72: [ 87.937795][ T1422] kasan_save_stack+0x33/0x60 [ 87.939301][ T1422] kasan_save_track+0x14/0x30 [ 87.940788][ T1422] kasan_save_free_info+0x3b/0x60 [ 87.942273][ T1422] __kasan_slab_free+0x60/0x70 [ 87.943810][ T1422] kfree+0x2b4/0x4d0 [ 87.945067][ T1422] process_one_work+0x9cf/0x1b70 [ 87.946641][ T1422] worker_thread+0x6c8/0xf10 [ 87.948064][ T1422] kthread+0x3c5/0x780 [ 87.949313][ T1422] ret_from_fork+0x5d7/0x6f0 [ 87.950716][ T1422] ret_from_fork_asm+0x1a/0x30 [ 87.952219][ T1422] [ 87.952999][ T1422] Last potentially related work creation: [ 87.954792][ T1422] kasan_save_stack+0x33/0x60 [ 87.956262][ T1422] kasan_record_aux_stack+0xa7/0xc0 [ 87.957843][ T1422] insert_work+0x36/0x230 [ 87.959230][ T1422] __queue_work+0x97e/0x1160 [ 87.960699][ T1422] queue_work_on+0x1a4/0x1f0 [ 87.962163][ T1422] release_tty+0x4de/0x5d0 [ 87.963597][ T1422] tty_release_struct+0xb7/0xe0 [ 87.965165][ T1422] tty_release+0xe2d/0x1430 [ 87.966609][ T1422] __fput+0x3ff/0xb70 [ 87.967892][ T1422] task_work_run+0x14d/0x240 [ 87.969365][ T1422] do_exit+0x86f/0x2bf0 [ 87.970683][ T1422] do_group_exit+0xd3/0x2a0 [ 87.972131][ T1422] get_signal+0x2673/0x26d0 [ 87.973562][ T1422] arch_do_signal_or_restart+0x8f/0x790 [ 87.975226][ T1422] exit_to_user_mode_loop+0x84/0x110 [ 87.976852][ T1422] __do_fast_syscall_32+0x2ac/0x3a0 [ 87.978480][ T1422] do_fast_syscall_32+0x32/0x80 [ 87.980029][ T1422] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 87.982016][ T1422] [ 87.982790][ T1422] The buggy address belongs to the object at ffff888060847000 [ 87.982790][ T1422] which belongs to the cache kmalloc-cg-2k of size 2048 [ 87.987250][ T1422] The buggy address is located 1168 bytes inside of [ 87.987250][ T1422] freed 2048-byte region [ffff888060847000, ffff888060847800) [ 87.991514][ T1422] [ 87.992286][ T1422] The buggy address belongs to the physical page: [ 87.994288][ T1422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x60840 [ 87.997006][ T1422] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 87.999635][ T1422] memcg:ffff88806ae47d01 [ 88.000972][ T1422] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) [ 88.003355][ T1422] page_type: f5(slab) [ 88.004581][ T1422] raw: 04fff00000000040 ffff88801b84c140 ffffea0001b6b000 dead000000000002 [ 88.007149][ T1422] raw: 0000000000000000 0000000000080008 00000000f5000000 ffff88806ae47d01 [ 88.009750][ T1422] head: 04fff00000000040 ffff88801b84c140 ffffea0001b6b000 dead000000000002 [ 88.012455][ T1422] head: 0000000000000000 0000000000080008 00000000f5000000 ffff88806ae47d01 [ 88.015176][ T1422] head: 04fff00000000003 ffffea0001821001 00000000ffffffff 00000000ffffffff [ 88.017869][ T1422] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 88.020568][ T1422] page dumped because: kasan: bad access detected [ 88.022575][ T1422] page_owner tracks the page as allocated [ 88.024375][ T1422] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5986, tgid 5986 (syz-executor), ts 47436007622, free_ts 47345478011 [ 88.030874][ T1422] post_alloc_hook+0x1c0/0x230 [ 88.032391][ T1422] get_page_from_freelist+0x132b/0x38e0 [ 88.034150][ T1422] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 88.036019][ T1422] alloc_pages_mpol+0x1fb/0x550 [ 88.037562][ T1422] new_slab+0x247/0x330 [ 88.038900][ T1422] ___slab_alloc+0xcf2/0x1740 [ 88.040387][ T1422] __slab_alloc.constprop.0+0x56/0xb0 [ 88.042070][ T1422] __kmalloc_node_track_caller_noprof+0x2ee/0x510 [ 88.044109][ T1422] kmemdup_noprof+0x29/0x60 [ 88.045555][ T1422] __devinet_sysctl_register+0xbc/0x360 [ 88.047314][ T1422] devinet_sysctl_register+0x17b/0x200 [ 88.049023][ T1422] inetdev_event+0x1638/0x18a0 [ 88.050537][ T1422] notifier_call_chain+0xbc/0x410 [ 88.052134][ T1422] call_netdevice_notifiers_info+0xbe/0x140 [ 88.054027][ T1422] netif_change_name+0x557/0x920 [ 88.055604][ T1422] do_setlink.constprop.0+0x3362/0x4380 [ 88.057348][ T1422] page last free pid 5975 tgid 5975 stack trace: [ 88.059342][ T1422] __free_frozen_pages+0x7d5/0x10f0 [ 88.060977][ T1422] __put_partials+0x165/0x1c0 [ 88.062466][ T1422] qlist_free_all+0x4d/0x120 [ 88.064007][ T1422] kasan_quarantine_reduce+0x195/0x1e0 [ 88.065728][ T1422] __kasan_slab_alloc+0x69/0x90 [ 88.067263][ T1422] __kmalloc_cache_noprof+0x1f1/0x3e0 [ 88.068955][ T1422] ref_tracker_alloc+0x18e/0x5b0 [ 88.070526][ T1422] register_netdevice+0x1689/0x2270 [ 88.072177][ T1422] macsec_newlink+0x512/0x1d70 [ 88.073693][ T1422] rtnl_newlink+0xc45/0x2000 [ 88.075171][ T1422] rtnetlink_rcv_msg+0x95e/0xe90 [ 88.076740][ T1422] netlink_rcv_skb+0x158/0x420 [ 88.078268][ T1422] netlink_unicast+0x5a7/0x870 [ 88.079794][ T1422] netlink_sendmsg+0x8d1/0xdd0 [ 88.081316][ T1422] __sys_sendto+0x4a0/0x520 [ 88.082748][ T1422] __ia32_compat_sys_socketcall+0x625/0x770 [ 88.084617][ T1422] [ 88.085391][ T1422] Memory state around the buggy address: [ 88.087146][ T1422] ffff888060847380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 88.089629][ T1422] ffff888060847400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 88.092119][ T1422] >ffff888060847480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 88.094382][ T1422] ^ [ 88.095849][ T1422] ffff888060847500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 88.098338][ T1422] ffff888060847580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 88.100831][ T1422] ================================================================== [ 88.103419][ T1422] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 88.105692][ T1422] CPU: 0 UID: 0 PID: 1422 Comm: aoe_tx0 Not tainted syzkaller #0 PREEMPT(full) [ 88.108494][ T1422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.111825][ T1422] Call Trace: [ 88.112896][ T1422] [ 88.113845][ T1422] dump_stack_lvl+0x3d/0x1f0 [ 88.115342][ T1422] vpanic+0x6e8/0x7a0 [ 88.116606][ T1422] ? __pfx_vpanic+0x10/0x10 [ 88.118045][ T1422] ? handle_tx+0x5dc/0x630 [ 88.119482][ T1422] panic+0xca/0xd0 [ 88.120684][ T1422] ? __pfx_panic+0x10/0x10 [ 88.122107][ T1422] ? check_panic_on_warn+0x1f/0xb0 [ 88.123738][ T1422] check_panic_on_warn+0xab/0xb0 [ 88.125330][ T1422] end_report+0x107/0x170 [ 88.126707][ T1422] kasan_report+0xee/0x110 [ 88.128165][ T1422] ? handle_tx+0x5dc/0x630 [ 88.129591][ T1422] handle_tx+0x5dc/0x630 [ 88.130950][ T1422] dev_hard_start_xmit+0x94/0x740 [ 88.132548][ T1422] __dev_queue_xmit+0xa46/0x4490 [ 88.134114][ T1422] ? lockdep_hardirqs_on+0x7c/0x110 [ 88.135948][ T1422] ? finish_task_switch.isra.0+0x221/0xc10 [ 88.137789][ T1422] ? rcu_is_watching+0x12/0xc0 [ 88.139321][ T1422] ? __pfx___dev_queue_xmit+0x10/0x10 [ 88.141001][ T1422] ? __schedule+0x11a3/0x5de0 [ 88.142492][ T1422] ? __lock_acquire+0xb97/0x1ce0 [ 88.144061][ T1422] ? do_raw_spin_lock+0x12c/0x2b0 [ 88.145647][ T1422] ? find_held_lock+0x2b/0x80 [ 88.147162][ T1422] ? skb_dequeue+0x126/0x180 [ 88.148627][ T1422] ? find_held_lock+0x2b/0x80 [ 88.150108][ T1422] ? rcu_is_watching+0x12/0xc0 [ 88.151624][ T1422] tx+0xcc/0x190 [ 88.152883][ T1422] ? __pfx_tx+0x10/0x10 [ 88.154225][ T1422] kthread+0x1e1/0x3e0 [ 88.155534][ T1422] ? find_held_lock+0x2b/0x80 [ 88.157015][ T1422] ? __pfx_kthread+0x10/0x10 [ 88.158481][ T1422] ? __pfx_default_wake_function+0x10/0x10 [ 88.160313][ T1422] ? lockdep_hardirqs_on+0x7c/0x110 [ 88.161938][ T1422] ? __kthread_parkme+0x19e/0x250 [ 88.163535][ T1422] ? __pfx_kthread+0x10/0x10 [ 88.165019][ T1422] kthread+0x3c5/0x780 [ 88.166316][ T1422] ? __pfx_kthread+0x10/0x10 [ 88.167784][ T1422] ? rcu_is_watching+0x12/0xc0 [ 88.169289][ T1422] ? __pfx_kthread+0x10/0x10 [ 88.170775][ T1422] ret_from_fork+0x5d7/0x6f0 [ 88.172253][ T1422] ? __pfx_kthread+0x10/0x10 [ 88.173719][ T1422] ret_from_fork_asm+0x1a/0x30 [ 88.175307][ T1422] [ 88.176935][ T1422] Kernel Offset: disabled [ 88.178407][ T1422] Rebooting in 86400 seconds.. VM DIAGNOSIS: 07:52:04 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff856170b5 RDI=ffffffff9b0fc700 RBP=ffffffff9b0fc6c0 RSP=ffffc9000770f458 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552 R12=0000000000000000 R13=0000000000000020 R14=ffffffff9b0fc6c0 R15=ffffffff85617050 RIP=ffffffff856170df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880974c0000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080140018 CR3=000000006b8cf000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000015df8d RBX=0000000000000001 RCX=ffffffff8b90dbf9 RDX=0000000000000000 RSI=ffffffff8de4d2e1 RDI=ffffffff8c162e00 RBP=ffffed1003bdb488 RSP=ffffc9000046fdf8 R8 =0000000000000001 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000000 R12=0000000000000001 R13=ffff88801deda440 R14=ffffffff90ab8890 R15=0000000000000000 RIP=ffffffff8b90c75f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880975c0000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080027000 CR3=00000000703ef000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000000 RBX=1ffff92000557eec RCX=ffffffff81f5df72 RDX=1ffffd40002e7110 RSI=0000000000000008 RDI=ffffea0001738880 RBP=ffffea0001738880 RSP=ffffc90002abf758 R8 =0000000000000000 R9 =fffff940002e7110 R10=ffffea0001738887 R11=0000000000000000 R12=ffffea0001738880 R13=dffffc0000000000 R14=dffffc0000000000 R15=0000000000000000 RIP=ffffffff81f5df8d RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880976c0000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7f76e40 CR3=0000000049bb8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7414ff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=ffffed1009e51507 RBX=ffffed1009e51508 RCX=ffffffff822a9398 RDX=0000000000000001 RSI=0000000000000004 RDI=ffff88804f28a83c RBP=ffffed1009e51507 RSP=ffffc9000662f790 R8 =0000000000000001 R9 =ffffed1009e51507 R10=ffff88804f28a83f R11=0000000000000000 R12=1ffff92000cc5efc R13=ffff88804f28a83c R14=0000000000000001 R15=0000000000000000 RIP=ffffffff822065ff RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880977c0000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f74b5000 CR3=0000000075a7e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000020210058 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000