last executing test programs: 3.026819452s ago: executing program 1 (id=272): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) close(0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x9, 0x4, &(0x7f0000000440)=ANY=[@ANYRESOCT, @ANYRESOCT, @ANYRESOCT], &(0x7f00000000c0)='GPL\x00', 0xfffffffb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r1}, 0x10) syz_open_dev$tty1(0xc, 0x4, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) writev(0xffffffffffffffff, &(0x7f0000000000), 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xab}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) r5 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$restrict_keyring(0xa, r5, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000080)='i\xac;\xd1\xeb\xf5,Ei\x00\x00\xea\xff\x00\x00\x00w\xfd\x00'/29) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') r6 = creat(&(0x7f00000002c0)='./bus\x00', 0x1) write$cgroup_int(r6, &(0x7f00000003c0)=0xd9d, 0x12) 2.500497759s ago: executing program 0 (id=273): r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x3, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0) syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0xce5d, 0x80, 0x0, 0x89}, &(0x7f0000000240)=0x0, &(0x7f0000000280)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) read$msr(0xffffffffffffffff, &(0x7f0000000040)=""/59, 0xffb5) r5 = socket$netlink(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="7c57dbda64d3afcf5efe000900"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYBLOB="00000000000000001c0012800b00010062726964676500000c0002800800090000000000", @ANYRES32=r5, @ANYRES16=r0], 0x3c}}, 0x0) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new user:syz 000000000000000020'], 0x2a, 0xfffffffffffffffc) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upcate default trusted:'], 0x1c, 0x0) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) mkdir(&(0x7f0000001c00)='./file0\x00', 0x0) mount$tmpfs(0xf6, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x800400, &(0x7f0000000540)=ANY=[@ANYBLOB='usrquota,usrquota_block_hardlimit=8']) chown(&(0x7f0000000240)='./file0\x00', 0x0, 0xee01) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r6 = memfd_create(&(0x7f0000000200)='./binderfs/binder1\x00', 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r6) 2.310434572s ago: executing program 3 (id=276): r0 = socket$inet6(0xa, 0x2, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000100)=0xffff, 0x4) r1 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @mcast1, 0x3c}, 0x1c) socket$kcm(0x21, 0x2, 0xa) socket$inet6(0xa, 0x2, 0x0) socket$packet(0x11, 0x2, 0x300) r2 = inotify_init1(0x0) inotify_rm_watch(r2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000140)={0x0, 0x1, 0x0, "ee471a55b5e2c266422ef07bbfd7a61e37466e060403bbd8115bd48970e86a02"}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000000c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7279, 0x0, 0x4, 0x316}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0xa7) 2.016686305s ago: executing program 1 (id=279): mkdir(&(0x7f0000000040)='./file0\x00', 0x1e0) timer_create(0x0, &(0x7f0000000240)={0x0, 0x21}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 3) 1.850581898s ago: executing program 1 (id=280): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_type(0xffffffffffffffff, &(0x7f00000000c0), 0x2, 0x0) write$cgroup_type(r0, &(0x7f0000000100), 0xfdef) r1 = dup2(r0, r0) ioctl$KVM_CAP_DISABLE_QUIRKS(r1, 0x4068aea3, &(0x7f0000000040)={0x74, 0x0, 0x4}) 1.85016667s ago: executing program 1 (id=281): r0 = socket$kcm(0x10, 0x2, 0x4) close(r0) socket$kcm(0x10, 0x2, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f0000000280)) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000880)={"e8565e6fd9c77478f7b32bafa196ea1fb6e5fd627d4cbf0b72f836c759f6233b9e6608be31182de1b8990731f65f0ee8370495155bed037e6cf4b2f38fa45e52c005e6735c1510e381f30c935deb90a2f2f19067ea1bb8040ba17d708ec8d9b3bc8f52ed867ef1850ebff82eed3a8d99422cbb610a0ffcf5d696bacc8781b07abf155c10b7658351b916cc2d0127fdcd1d327f83def1847a9c81d89e486e564846a247fd0ddfcd5e05e7371958ff292cc1945b5c54a4ab28fba147641336c14b1ab87112dcac1df7596b86438d931c28ac2e63e0bfb0fa97233a9d895850d1fd1b758f03486f6043389fcea371e6869cc39a1963454f986419e7faf6495d101e5b71930aa0b4d98fcd1e67f69d200494d52c9a6c232ad6d8bb13024a17856e5c3546f8b4dfa25642cb0fb537e84723968201ce814b7087527d4d0c84d2a6ecebf33623574fbf5a404091c94878d09f00e7ef54b0d3e3bac5502c8e3aa4b426618629eb9cb7b466007e2cebf11af9bdb01569ba622a6a89d41206d865ab1913fa09b6d7069426b84ce07879df5ee2ced61c694fb9d47879cbe261e0d1c5d19089b35608638505920cd45ab3364c1562ab3135039d89a35100171a96729bb148de7e3cd0c160d140cfb0daa31afa57ad1c002fd8e34ca65a8ce90e765be7bcbe9b4d8da22bd04012d37c3c6d54031142bd8f036627761eb9aac2b927bdb94ff2beb0657ee8624f2037d12348bbc2e059cefe5718c9ce43ab9b3e8f1c6d65c9cc73f686a3a962cf81dcf866f9cacf2e965ab86be1cee87a0491e38921e284c5fa3d9f6879fea7754dd1bca380adcaea07ab3ac7b3bcf7b8f65f56c91b244bdb6df000ce2424c3750b5fe9a7385bc2445f374685e214569723b8d49ad2900c2323db44fd3774af064aff9ecb332e98a4245a936c0983bc358edb03dcabcee55bfbbfeef43dbd5673827a44bdf37e3e099ead52ca42fe26c81f3a84228a1b7b295fc0104884ad284b8b0b3a9ddbd05cc617656ba62b9babd16c325d3f8f48cff713a2b53b7883e589dbcdcd10811c54bbaf5454dab5c25a5a8860d6017307437dbf92f9d380bde37bb3530bc1d28d0e781cd919885bf1832c74876f69f476eb3a0506c5d2a90081f278a25966635a5d66a51695ef89f006b3a6164c32a5692a136736285cdc0854853d9eab46ce717be8dee23795b2d70fc6d1bf65c644358659b726123064d3c18b8d23f9c3ed46fb249780f34be5aa931faa51579e87dab205106fec7d6e2a37ed1a2587555443185fa071e8c8d0de619af58022f61bf288d8e5b524dbe4d923e01c7e30b3b08e89aaac274d2898f1e3b8faac66e174c5e53f88ca9943e53bbcd6dd88f5e74df4a54f3c669875f39dc0235442e340320188c3a68fde4a040e6a81eed581161408c2b7d97582860149136e00"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) setsockopt$sock_timeval(r4, 0x1, 0x15, &(0x7f0000000140)={0x0, 0x7530}, 0x10) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) r6 = dup(r5) sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x54, 0x2, 0x6, 0x3, 0x0, 0xf0ffff, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8}]}]}, 0x54}}, 0x0) connect$llc(r4, &(0x7f0000000000)={0x1a, 0x1, 0x1, 0x1, 0x3f, 0x0, @remote}, 0x10) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000010006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36504001ac00800400004000500020000000064bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000003b810000850000007d000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000100)='sys_exit\x00', r9}, 0x10) sendmmsg$unix(r8, &(0x7f00000bd000), 0x0, 0x4001) r10 = syz_genetlink_get_family_id$gtp(&(0x7f0000000240), r6) sendmsg$GTP_CMD_DELPDP(r6, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x38, r10, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@GTPA_TID={0xc}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_NET_NS_FD={0x8, 0x7, r6}]}, 0x38}, 0x1, 0x0, 0x0, 0x48000}, 0x20000008) openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0) syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0) write$sysctl(r7, &(0x7f0000000000)='2\x00', 0x2) r11 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSARP(r11, 0x8955, &(0x7f0000000040)={{0x2, 0x0, @multicast2}, {}, 0x4, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'ip6gre0\x00'}) 1.670476246s ago: executing program 3 (id=282): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x9, 0x4, &(0x7f0000000440)=ANY=[@ANYRESOCT, @ANYRESOCT, @ANYRESOCT], &(0x7f00000000c0)='GPL\x00', 0xfffffffb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r2}, 0x10) syz_open_dev$tty1(0xc, 0x4, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) writev(0xffffffffffffffff, &(0x7f0000000000), 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xab}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) r6 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$restrict_keyring(0xa, r6, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000080)='i\xac;\xd1\xeb\xf5,Ei\x00\x00\xea\xff\x00\x00\x00w\xfd\x00'/29) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 1.607921453s ago: executing program 1 (id=283): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000640), 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e05411, &(0x7f00000003c0)=""/186) connect$can_bcm(r1, &(0x7f0000000040), 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000000)={0xffffffffffffffff}, 0x2, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f00000004c0)={0x15, 0x110, 0xfa00, {r3, 0x4, 0x0, 0x0, 0x0, @ib={0x1b, 0x9, 0xb, {"5800c8a7982e59bc3825363330a81a7c"}, 0x8, 0x6, 0xdbc}, @ib={0x1b, 0x78, 0xfffffff8, {"f7b4ce390cb6d1e6abd8b637f03e7970"}, 0xb, 0x1, 0x98}}}, 0x118) sendmsg$can_bcm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x5, 0x410, 0x0, {}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "f87455da7fce92f7"}}, 0x48}, 0x300, 0x0, 0x0, 0x20000000}, 0x4000005) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x20) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0) getrandom(&(0x7f0000000340)=""/4080, 0xfffffef0, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000001340)={0x0, @in={{0x2, 0x4, @local}}, [0x9, 0xfff, 0x40, 0x0, 0x3, 0xc, 0x8, 0xfffffffffffffffe, 0x0, 0x2, 0x9, 0x5, 0x41, 0x6c4, 0x9]}, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) socket(0x10, 0x803, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r4, 0x0, 0x0, 0x30, 0x0, @in={0x1b, 0xfffc, @local}, @ib={0x1b, 0x0, 0x0, {}, 0x0, 0x0, 0x4}}}, 0x118) 1.488623062s ago: executing program 0 (id=284): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x18, &(0x7f0000000080)=0x80000049, 0x4) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @sack_perm, @window={0x3, 0x74a}, @timestamp, @mss, @timestamp, @sack_perm], 0x7) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) 1.488136495s ago: executing program 0 (id=285): r0 = socket$nl_route(0x10, 0x3, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000100)) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000040)={@remote, 0x80, r1}) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x40d, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, 0x10, 0x40000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_DEFAULT_PVID={0x6, 0x27, 0x5}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0) 1.320396086s ago: executing program 0 (id=286): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0f8565c, &(0x7f0000000040)={0x0, 0x0, 0x2, {0x6, @sdr}}) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1900000004000000040000000500000000000000", @ANYRES32, @ANYBLOB="04cb824ea48cef85310000000000008fbea97ffe8de15600"/36, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ec6, @void, @value}, 0x94) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f00000002c0), 0x2e0007, &(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00']) chdir(&(0x7f00000000c0)='./file0\x00') r2 = open(&(0x7f0000000000)='./file1\x00', 0x0, 0x85) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000400)={r1, 0x0, 0x30, 0x0, @val=@netkit={@void, @value=r1}}, 0x1c) timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) pipe2$9p(&(0x7f0000000240), 0x0) r3 = socket(0x1d, 0x2, 0x6) r4 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) fchdir(r5) setreuid(0xee01, 0xee01) syslog(0x9, 0x0, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r3, &(0x7f0000000040)={0x1d, r7, 0x8000000000000003}, 0x18) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r8 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r9 = dup(r8) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000000)=ANY=[]) write$6lowpan_enable(r9, &(0x7f0000000000)='0', 0xfffffd2c) 1.240535096s ago: executing program 0 (id=287): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x9, 0x4, &(0x7f0000000440)=ANY=[@ANYRESOCT, @ANYRESOCT, @ANYRESOCT], &(0x7f00000000c0)='GPL\x00', 0xfffffffb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r2}, 0x10) syz_open_dev$tty1(0xc, 0x4, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) writev(0xffffffffffffffff, &(0x7f0000000000), 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xab}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) r6 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$restrict_keyring(0xa, r6, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000080)='i\xac;\xd1\xeb\xf5,Ei\x00\x00\xea\xff\x00\x00\x00w\xfd\x00'/29) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 629.747935ms ago: executing program 3 (id=289): ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000040)=0x7b7f) connect$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e23, @local}, 0x10) 550.503171ms ago: executing program 3 (id=290): r0 = syz_open_dev$sndmidi(&(0x7f0000000480), 0x1, 0x80940) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000440)='0', 0x1) read$FUSE(r1, &(0x7f0000001240)={0x2020}, 0x2020) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=@gettaction={0x160, 0x32, 0x100, 0x70bd25, 0x25dfdbff, {}, [@action_gd=@TCA_ACT_TAB={0x4}, @action_gd=@TCA_ACT_TAB={0x2c, 0x1, [{0x10, 0x6, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}]}, @action_gd=@TCA_ACT_TAB={0x84, 0x1, [{0x14, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0x10, 0x3, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0x10, 0x12, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}]}, @action_gd=@TCA_ACT_TAB={0x3c, 0x1, [{0xc, 0xe, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffffc}}, {0x14, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}]}, @action_gd=@TCA_ACT_TAB={0x5c, 0x1, [{0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x10001}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0x10, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x800}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x101}}]}]}, 0x160}, 0x1, 0x0, 0x0, 0x20890}, 0x0) r3 = syz_io_uring_setup(0x2ba3, &(0x7f0000000340)={0x0, 0x20, 0x10100, 0x4, 0x330, 0x0, r1}, &(0x7f0000000100)=0x0, &(0x7f0000000240)=0x0) ioctl$F2FS_IOC_GET_PIN_FILE(r0, 0x8004f50e, &(0x7f00000002c0)) ioctl$PTP_PEROUT_REQUEST(r1, 0x40383d03, &(0x7f0000000280)={{0x0, 0x80000001}, {0x80, 0x6}, 0x401, 0x4}) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuset.effective_mems\x00', 0x275a, 0x0) write$UHID_CREATE2(r6, &(0x7f00000001c0)=ANY=[@ANYBLOB='%'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}}) getsockopt$X25_QBITINCL(r6, 0x106, 0x1, &(0x7f00000000c0), &(0x7f0000000140)=0x4) io_uring_enter(r3, 0x6089, 0x4e72, 0x0, 0x0, 0x0) sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r2, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000400)={0x14, 0x0, 0x808, 0x70bd25, 0x25dfdbfb, {}, ["", "", "", "", "", "", ""]}, 0xfffffffffffffff5}, 0x1, 0x0, 0x0, 0x1}, 0x40090) syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2) socket$igmp(0x2, 0x3, 0x2) r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = dup(r7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r8, 0x0) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) ioperm(0xfffffffd, 0x7, 0x2) ioctl$FIDEDUPERANGE(r9, 0xc0189436, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)) ioctl$vim2m_VIDIOC_ENUM_FMT(r8, 0xc0405602, &(0x7f0000000140)={0x0, 0x1, 0x0, "ee471a55b5e2c266422ef07bbfd7a61e37466e060403bbd8115bd48970e86a02", 0x4c314356}) prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x8, 0x8b}, 0x0) r10 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r10, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)="d8000000180081064e81f782db44b904021d005c06007c09e8fe55a10a0015400100142603600e120800060000000401a800080008000a4003001100036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) 500.453948ms ago: executing program 3 (id=291): timer_create(0x0, &(0x7f0000000000)={0x0, 0x21}, &(0x7f0000000040)=0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r1 = socket(0x40000000015, 0x5, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) timer_create(0x4, 0x0, 0x0) timer_gettime(0x0, 0x0) setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4) setsockopt$sock_int(r1, 0x1, 0xc, &(0x7f00000003c0)=0x6c, 0x4) bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000200)="67d8902400aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c14498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df895d9907e4afb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b907e0974f1073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf4dee8512f3bac440f5d5e4bed6b897608b01eae26a54433e5f5c74a2ee3c2fc50067be05a677ff52a7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fedb679328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e27252804059094a318c4cdeeddd5793a427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a958df39f9c5a8c8e876a52816446d0106f4a81dba144c80fda0b401f0774edbf73b3de44d7ca5c28b0830910f3b02be5e8", 0x427}], 0x2}, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) timer_settime(r0, 0x0, &(0x7f00000001c0)={{0x77359400}, {0x77359400}}, &(0x7f00000002c0)) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000100)={@in={{0x2, 0x0, @multicast1}}, 0x0, 0x0, 0x6, 0x0, "954f3b91f54aa78eb1ffb374125cd8327f0e152670040f301c1428c4a8511a8be8955942b32b934c23581ae7ac9b12d3215964a4d640754c467c41f36b02a24b627d26ed282dbd5b496e33585ea60e5e"}, 0xd8) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x4c}}, 0x2) sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x54, 0x9, 0x6, 0x801, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010100}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80) ioctl$KDGKBDIACR(r2, 0x4b4a, &(0x7f0000000300)=""/178) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0) recvmmsg$unix(r1, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40, 0x0) syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x3, 0x4}, {0x80, 0x4}}}}, 0x11) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000400)={0x1, 0x9, 0x2, 0x4000}) sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[], 0x138}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000340)='mm_khugepaged_scan_pmd\x00', r5, 0x0, 0x6}, 0x18) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) 440.416746ms ago: executing program 3 (id=292): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x49, 0x0}]}) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r3, &(0x7f0000000100)="ffc918", 0x3) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r5 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_RECVNXTINFO(r5, 0x84, 0x21, 0x0, &(0x7f0000000140)) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000000000049"]) socket$netlink(0x10, 0x3, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x3, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_GETINFO(r8, 0xffffffff80000501, 0x0, 0x0) ioctl$KDSKBLED(r8, 0x4b65, 0x5b98) ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60) ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x200) memfd_create(&(0x7f0000000240)='cramfs\x00', 0x2) ioctl$KVM_SET_IRQCHIP(r7, 0x8208ae63, &(0x7f0000000780)={0x2, 0x0, @ioapic={0x8080000, 0x0, 0x0, 0xeffffdff, 0x0, [{0x2, 0x0, 0x1, '\x00', 0xff}, {0xf2, 0xa, 0x0, '\x00', 0x7d}, {0xfc, 0x12, 0x4}, {0x11, 0x6}, {0x0, 0x88}, {0x0, 0x0, 0x4, '\x00', 0x8}, {0xfd, 0x0, 0x6}, {}, {0x0, 0x1, 0xf7, '\x00', 0xfc}, {0x1, 0x6, 0x6, '\x00', 0x1}, {0x0, 0x0, 0x0, '\x00', 0x2}, {0x5, 0x9, 0x2, '\x00', 0xff}, {0x3, 0x0, 0x2}, {0x3b, 0x0, 0x6, '\x00', 0xfc}, {0xc3, 0x0, 0x0, '\x00', 0x49}, {0x80, 0x0, 0x5, '\x00', 0x5}, {0x3, 0x0, 0x4}, {0x0, 0x0, 0x1, '\x00', 0x10}, {0x4, 0x0, 0x9}, {0x0, 0x5}, {0x0, 0x5, 0x0, '\x00', 0x37}, {0xfd, 0x9, 0x0, '\x00', 0x10}, {0x0, 0x2, 0x9}, {0x80, 0xff, 0x3}]}}) socket$netlink(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r9 = getpid() sched_setscheduler(r9, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r0, &(0x7f00000090c0)=[{{&(0x7f0000000180)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @initdev}}}, 0x80, &(0x7f0000000b40)=[{&(0x7f00000003c0)=""/148, 0x94}, {&(0x7f0000000280)=""/118, 0x76}, {&(0x7f00000004c0)=""/191, 0xbf}, {&(0x7f0000000580)=""/157, 0x9d}, {&(0x7f0000000640)=""/142, 0x8e}, {&(0x7f0000000700)=""/102, 0x66}, {&(0x7f0000000080)}, {&(0x7f00000009c0)=""/183, 0xb7}, {&(0x7f0000000a80)=""/134, 0x86}], 0x9, &(0x7f0000000bc0)=""/182, 0xb6}, 0x2}, {{&(0x7f0000000c80)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @dev}}, 0x80, &(0x7f0000002ec0)=[{&(0x7f00000091c0)=""/4108, 0x100c}, {&(0x7f0000001d00)=""/63, 0x3f}, {&(0x7f0000001d40)=""/213, 0xd5}, {&(0x7f0000001e40)=""/44, 0x2c}, {&(0x7f0000001e80)=""/48, 0x30}, {&(0x7f0000001ec0)=""/4096, 0x1000}], 0x6, &(0x7f0000002f00)}, 0x7}, {{&(0x7f0000002f40)=@x25, 0x80, &(0x7f0000003280)=[{&(0x7f0000002fc0)=""/64, 0x40}, {&(0x7f0000003000)=""/155, 0x9b}, {&(0x7f00000030c0)=""/1, 0x1}, {&(0x7f0000003100)=""/113, 0x71}, {&(0x7f0000003180)=""/204, 0xcc}], 0x5, &(0x7f00000032c0)=""/37, 0x25}, 0x6}, {{&(0x7f0000003300)=@qipcrtr, 0x80, &(0x7f0000005700)=[{&(0x7f000000a200)=""/4096, 0x1000}, {&(0x7f0000004380)=""/169, 0xa9}, {&(0x7f0000004440)=""/4096, 0x1000}, {&(0x7f0000005440)=""/66, 0x42}, {&(0x7f00000054c0)=""/137, 0x89}, {&(0x7f0000000d00)=""/159, 0x9f}, {&(0x7f0000005640)=""/137, 0x89}], 0x7, &(0x7f0000000080)=""/61, 0x3d}, 0x1}, {{&(0x7f0000005780)=@l2={0x1f, 0x0, @fixed}, 0x80, &(0x7f0000006b80)=[{&(0x7f0000005800)=""/81, 0x51}, {&(0x7f0000005880)=""/106, 0x6a}, {&(0x7f0000005900)=""/207, 0xcf}, {&(0x7f0000005a00)=""/187, 0xbb}, {&(0x7f0000005ac0)=""/188, 0xbc}, {&(0x7f0000005b80)=""/4096, 0x1000}], 0x6}, 0x9}, {{&(0x7f0000006c80)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x80, &(0x7f0000008e00)=[{&(0x7f0000006d00)=""/4096, 0x1000}, {&(0x7f0000007d00)=""/4096, 0x1000}, {&(0x7f0000002f00)=""/8, 0x8}, {&(0x7f0000008d00)=""/203, 0xcb}, {&(0x7f0000005740)=""/32, 0x20}], 0x5, &(0x7f0000008e40)=""/104, 0xfffffffffffffc44}, 0x5}, {{&(0x7f0000008ec0)=@nfc, 0x80, &(0x7f0000009040)=[{&(0x7f0000008f40)=""/184, 0xb8}, {&(0x7f0000009000)=""/59, 0x3b}], 0x2, &(0x7f0000009080)=""/16, 0x10}, 0x2}], 0x7, 0x10000, 0x0) io_uring_setup(0x9, &(0x7f0000000340)={0x0, 0x40001aa4, 0x2000}) socket$inet6(0xa, 0x40000080806, 0x0) 349.804836ms ago: executing program 1 (id=293): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x9, &(0x7f00000003c0)="e0f0e71e8ca28286d8ff9156349667371c8b124805a3a95e3f521a2e5257975c146063e126ecf2d86aa3d933cfb4693a08555ee25d69843c182f82e95717545e5c824978b33887cf3592f7796894afa0ea194349283f167769b5c39b037c77cd024ebb26e617ecdcca4867f895637434c7a30504c7ce4873c1c7166276e2bcaf69c13c3b7bff03999351f76043077ed0642e61663d74f50890bf210e5773c6ec4df677f8a1f79124374dff7c60929ce12ad3e28a7ba11a656c3f65b6d9820da09bc94507d7466ecf67a4dfc78b8ccfec5c98083d31abee8cb92e6c1f7072ade1cc57cef89048e349e7610f0dafc1", 0xee) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = openat$tun(0xffffff9c, &(0x7f0000000840), 0x40800, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000880)={'pim6reg0\x00', 0x20}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000180)={0x0, @rand_addr, @dev}, &(0x7f00000001c0)=0xc) openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b7020000910c0000bfa30000000000000703000000feffff7a0af0ff0d00000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000009000000b7030000010000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa00000000690e000000000000008b798b4f7458d1863cc67c4c6a06fa28e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1c6edc7a65d073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e122665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f838f7eb12f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b32176066599783568628f0309c3a01716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d247714358d8b170c3b5cad11f72cd9d88e56b95fe9f3de5cfcfa5c1da8ba181580d9db035efe38834de171b64f4b4c1b242786dcc5679e3d0613cdf05b02d7ad4f3b8af27a696e9b8809c2d68fddfcbd451e81d37c11f95094b91fff61ab9e69780b133d1dbca5a78695131c34c855dd793f90ca3973a4bd5606151b3600373d2bbfb7b3638e713e7275af06107949ff5dffe24d3c448ae6e4646b346fe0a21eef1e55d0659eac930d00000000000ff52b98317c45417b900a47c1ae1103c09fc173c1cf28bf7ef7a61523c6b2dbb35f5ae29877bb8e1b3e257056c0d205d391ed7b2089a72a93885b9fc8430ff"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x14) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x1f2f, 0xf, 0x3253, &(0x7f00000007c0)="9f44948721919580684010a486dd", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23) 238.066903ms ago: executing program 2 (id=295): syz_emit_ethernet(0x76, &(0x7f00000010c0)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0xe}}, @redirect={0x3, 0x0, 0x0, @broadcast=0x1000000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x84, 0x0, @private=0xfffffffe, @rand_addr=0x64010102, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@remote, 0x4e210000}]}, @timestamp_addr={0x44, 0x2c, 0x0, 0x1, 0x0, [{@broadcast}, {}, {@dev}, {@empty}, {@private=0xa010102}]}]}}}}}}}, 0x0) 230.572293ms ago: executing program 0 (id=296): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sync_file_range(0xffffffffffffffff, 0x9, 0x7ff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000000200)={0x0, 0xf00, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000006600000008000300", @ANYRES32=r3, @ANYBLOB="080026008f0900000800b7"], 0x2c}}, 0x0) 145.123822ms ago: executing program 2 (id=297): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x401, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x2093, 0x2000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x1ff}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x20000000) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000001140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58) (async, rerun: 64) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0) (async, rerun: 64) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="afe61b8a9d9da6", 0x7) (async) r2 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0) openat$cgroup_subtree(r2, &(0x7f0000000080), 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$sock_int(r3, 0x1, 0x3d, &(0x7f0000002500)=0x96c, 0x4) (async, rerun: 32) ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f0000000100)=@add_del={0x2, &(0x7f00000000c0)='team0\x00'}) (rerun: 32) 50.614178ms ago: executing program 2 (id=298): ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000040)=0x7b7f) connect$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e23, @local}, 0x10) 50.108142ms ago: executing program 2 (id=299): r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000040), 0x82240, 0x0) write$UHID_INPUT(r0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_MAC_ACL(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x1c, r2, 0x1, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4043}, 0x4040) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000070000000090a010400000000000000000700000008000a40000000000906020073797a30000000000900010073797a3000000000080005400000000d2c001280280001800b0001006f626a72656600001800028008000340000000110900040073797a32000000000800034000000110140000001000010000000000000000000084000a"], 0xb8}}, 0x20050800) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@remote, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@local}}, &(0x7f0000000000)=0xe4) quotactl_fd$Q_SETINFO(r0, 0x0, r5, &(0x7f0000000180)={0x8000000000000001, 0x302, 0x0, 0x5}) 625.434µs ago: executing program 2 (id=300): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x18, &(0x7f0000000080)=0x80000049, 0x4) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@mss, @sack_perm, @window={0x3, 0x74a}, @timestamp, @mss, @timestamp, @sack_perm], 0x7) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) 0s ago: executing program 2 (id=301): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000440)=0x2) clock_nanosleep(0x8, 0x0, &(0x7f0000000280), 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffd51, &(0x7f0000000000)='cgroup\x00'}, 0x30) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9}) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="184c09061092c096854e92dcc38c0000007800010600000000000000000700000007000000"], 0x18}], 0x1}, 0x0) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r4, 0x100000) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a64000000060a0b040000000000000000020000003800048034000180090001007866726d0000000024000280080001400000000d0500030000000000080004400000008b08000240000000040900010073797a300000000009"], 0x8c}, 0x1, 0x0, 0x0, 0xc0000}, 0x0) bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000001580)={&(0x7f0000000480)=ANY=[@ANYBLOB="5c000062000000000000000000000000080000000900020073797a320000000005000100070000dd14000300686173683a69702c706f03e22c72742c6e657400000000050005000a0000080c00d4e108000640000000000500040000000000"], 0x5c}}, 0x0) 0s ago: executing program 0 (id=302): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0) r1 = inotify_init1(0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000040)={0x8}) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000000)={@mcast1, 0x8001, 0x1, 0x2, 0xc, 0x6b, 0x8}, 0x20) r3 = dup(r1) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x81, 0x8, 0x5) r4 = openat$sysctl(0xffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_syncookies\x00', 0x1, 0x0) ioctl$BTRFS_IOC_LOGICAL_INO(r4, 0xc0389424, &(0x7f0000000140)={0x0, 0x40, '\x00', 0x1, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mremap(&(0x7f00009d1000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f00002a0000/0x4000)=nil) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = socket(0x2b, 0x80801, 0x1) getsockopt$IP_VS_SO_GET_TIMEOUT(r6, 0x0, 0x486, &(0x7f0000000040), &(0x7f0000000080)=0xc) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000000)={'gre0\x00', &(0x7f0000000100)={'tunl0\x00', 0x0, 0x7800, 0x7, 0x29, 0x0, {{0x35, 0x4, 0x3, 0x5, 0xd4, 0x67, 0x0, 0x2, 0x4, 0x0, @broadcast, @empty, {[@ra={0x94, 0x4}, @rr={0x7, 0x1f, 0xad, [@multicast1, @multicast2, @empty, @loopback, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x2f}, @broadcast]}, @timestamp_addr={0x44, 0x14, 0x19, 0x1, 0x1, [{@broadcast, 0xffffffff}, {@broadcast, 0x400}]}, @timestamp_prespec={0x44, 0x44, 0x94, 0x3, 0x3, [{@multicast1, 0x9}, {@broadcast, 0x7}, {@rand_addr=0x64010101, 0x7c}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x8}, {@private=0xa010102, 0x4}, {@private=0xa010101, 0xa}, {@rand_addr=0x64010100, 0x3}, {@loopback, 0xfffffffc}]}, @end, @rr={0x7, 0x27, 0x7d, [@initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @multicast2, @dev={0xac, 0x14, 0x14, 0x34}, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @loopback, @loopback, @remote]}, @timestamp_prespec={0x44, 0x1c, 0xe4, 0x3, 0x6, [{@dev={0xac, 0x14, 0x14, 0x1a}, 0x1}, {@empty, 0x2}, {@rand_addr=0x64010102, 0x9}]}]}}}}}) setsockopt$inet6_mreq(r6, 0x29, 0x15, &(0x7f0000000040)={@private0={0xfc, 0x0, '\x00', 0x1}, r7}, 0x14) syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff) socketpair$unix(0x1, 0x2, 0x0, 0x0) setresuid(0x0, 0xee01, 0xee00) sendmsg$NBD_CMD_CONNECT(r5, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) syz_emit_ethernet(0x3e, &(0x7f00000006c0)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x4, 0x0, 0x0, @broadcast=0x1000000, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @empty}}}}}}, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x13, &(0x7f00000009c0)=@framed={{}, [@printk={@p={0x18, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x0, 0xfe00}, {0x5, 0x1, 0xb, 0x1, 0xa, 0x6}, {0x6, 0x0, 0x2}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, @printk={@p, {0x3, 0x0, 0x6, 0xa, 0x1, 0xfff8, 0xa1}, {}, {0x7, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffe00}, {}, {}, {0x85, 0x0, 0x0, 0xca}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r8 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r10 = epoll_create(0x8) epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r9, &(0x7f0000000000)={0x2}) bind$bt_hci(r9, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r9, &(0x7f0000000040)="07000000010001", 0x7) ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f00000003c0)={0x0, {}, 0x0, {}, 0x9, 0x0, 0x1d, 0x0, "e3a5affcbd68e5f2615a5553d5dc5cf9d9ba2c8202720d24d5ed177374a22777010b91c7a87416f6e04a4a6fe9d30facaea06f3aaacc9699b02a9e7ba339fe6b", "3a808404f76ddb97776c8770831cbaff406a634a25a93cbbb0c271e0b929fce4", [0xa81e, 0x1ff]}) mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r8, @ANYBLOB="0200"]) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:42931' (ED25519) to the list of known hosts. [ 41.998300][ T5934] cgroup: Unknown subsys name 'net' [ 42.168236][ T5934] cgroup: Unknown subsys name 'cpuset' [ 42.171702][ T5934] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 42.990066][ T5934] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 46.003748][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 46.015346][ T5959] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 46.015854][ T5951] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 46.018854][ T5959] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 46.021116][ T5951] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 46.022366][ T5959] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 46.024612][ T5951] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 46.027263][ T5959] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 46.029985][ T5951] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 46.032231][ T5959] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 46.034025][ T5960] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 46.034144][ T5951] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 46.034553][ T5951] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 46.034679][ T5951] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 46.036368][ T5959] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 46.038253][ T5960] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 46.039233][ T5959] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 46.041512][ T5960] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 46.044636][ T5962] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 46.048145][ T5962] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 46.049003][ T5960] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 46.050987][ T5962] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 46.054689][ T5960] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 46.056361][ T5962] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 46.219018][ T5954] chnl_net:caif_netlink_parms(): no params data found [ 46.298254][ T5947] chnl_net:caif_netlink_parms(): no params data found [ 46.330268][ T5955] chnl_net:caif_netlink_parms(): no params data found [ 46.345217][ T5954] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.347998][ T5954] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.350101][ T5954] bridge_slave_0: entered allmulticast mode [ 46.352369][ T5954] bridge_slave_0: entered promiscuous mode [ 46.378043][ T5945] chnl_net:caif_netlink_parms(): no params data found [ 46.394513][ T5954] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.396673][ T5954] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.398702][ T5954] bridge_slave_1: entered allmulticast mode [ 46.401010][ T5954] bridge_slave_1: entered promiscuous mode [ 46.469041][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.471884][ T5947] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.474712][ T5947] bridge_slave_0: entered allmulticast mode [ 46.476801][ T5947] bridge_slave_0: entered promiscuous mode [ 46.482848][ T5947] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.485685][ T5947] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.488524][ T5947] bridge_slave_1: entered allmulticast mode [ 46.491148][ T5947] bridge_slave_1: entered promiscuous mode [ 46.510923][ T5954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.556174][ T5954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.559870][ T5955] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.561843][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.564038][ T5955] bridge_slave_0: entered allmulticast mode [ 46.566310][ T5955] bridge_slave_0: entered promiscuous mode [ 46.630839][ T5955] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.632856][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.635874][ T5955] bridge_slave_1: entered allmulticast mode [ 46.638819][ T5955] bridge_slave_1: entered promiscuous mode [ 46.665909][ T5947] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.670780][ T5954] team0: Port device team_slave_0 added [ 46.674935][ T5954] team0: Port device team_slave_1 added [ 46.694735][ T5955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.698324][ T5947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.723400][ T5955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.765684][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.767616][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.774301][ T5954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.778763][ T5945] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.780754][ T5945] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.782679][ T5945] bridge_slave_0: entered allmulticast mode [ 46.785901][ T5945] bridge_slave_0: entered promiscuous mode [ 46.807037][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.808989][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.816800][ T5954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.820026][ T5945] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.821969][ T5945] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.823927][ T5945] bridge_slave_1: entered allmulticast mode [ 46.826482][ T5945] bridge_slave_1: entered promiscuous mode [ 46.831142][ T5955] team0: Port device team_slave_0 added [ 46.836114][ T5947] team0: Port device team_slave_0 added [ 46.854523][ T5955] team0: Port device team_slave_1 added [ 46.856922][ T5947] team0: Port device team_slave_1 added [ 46.897629][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.899515][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.906445][ T5947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.910494][ T5945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.934552][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.936605][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.943692][ T5947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.949455][ T5945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.952384][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.954337][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.961970][ T5955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.978018][ T5954] hsr_slave_0: entered promiscuous mode [ 46.980087][ T5954] hsr_slave_1: entered promiscuous mode [ 47.014009][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.016732][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.025916][ T5955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.044606][ T5945] team0: Port device team_slave_0 added [ 47.049075][ T5945] team0: Port device team_slave_1 added [ 47.127546][ T5947] hsr_slave_0: entered promiscuous mode [ 47.129654][ T5947] hsr_slave_1: entered promiscuous mode [ 47.131557][ T5947] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.133863][ T5947] Cannot create hsr debugfs directory [ 47.150725][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.152836][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.161841][ T5945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.170038][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.172670][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.180891][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.188608][ T5955] hsr_slave_0: entered promiscuous mode [ 47.190481][ T5955] hsr_slave_1: entered promiscuous mode [ 47.192252][ T5955] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.195553][ T5955] Cannot create hsr debugfs directory [ 47.287353][ T5945] hsr_slave_0: entered promiscuous mode [ 47.290042][ T5945] hsr_slave_1: entered promiscuous mode [ 47.292246][ T5945] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.294288][ T5945] Cannot create hsr debugfs directory [ 47.446064][ T5954] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 47.450658][ T5954] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 47.454207][ T5954] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 47.460974][ T5954] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 47.476724][ T5947] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 47.482400][ T5947] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 47.488068][ T5947] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 47.491414][ T5947] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 47.518033][ T5955] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 47.521985][ T5955] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 47.526391][ T5955] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 47.529820][ T5955] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 47.562482][ T5945] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 47.566768][ T5945] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 47.570606][ T5945] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 47.575371][ T5945] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 47.613452][ T5954] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.636727][ T5954] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.642834][ T5947] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.652501][ T1191] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.654561][ T1191] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.663318][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.665299][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.674630][ T5947] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.683722][ T1191] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.685714][ T1191] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.698546][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.700513][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.710371][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.733272][ T5945] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.739873][ T5955] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.745075][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.747020][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.759351][ T1134] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.761371][ T1134] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.766201][ T5955] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.773110][ T1191] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.775122][ T1191] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.787356][ T1134] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.789336][ T1134] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.858108][ T5954] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.872275][ T5954] veth0_vlan: entered promiscuous mode [ 47.880413][ T5954] veth1_vlan: entered promiscuous mode [ 47.888664][ T5947] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.910650][ T5955] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.913804][ T5954] veth0_macvtap: entered promiscuous mode [ 47.919627][ T5954] veth1_macvtap: entered promiscuous mode [ 47.940094][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.948665][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.953604][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.959406][ T5947] veth0_vlan: entered promiscuous mode [ 47.967582][ T5954] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.970186][ T5954] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.973116][ T5954] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.976141][ T5954] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.994000][ T5945] veth0_vlan: entered promiscuous mode [ 48.002085][ T5947] veth1_vlan: entered promiscuous mode [ 48.007898][ T5955] veth0_vlan: entered promiscuous mode [ 48.012915][ T5955] veth1_vlan: entered promiscuous mode [ 48.020239][ T5945] veth1_vlan: entered promiscuous mode [ 48.048726][ T5945] veth0_macvtap: entered promiscuous mode [ 48.052899][ T5945] veth1_macvtap: entered promiscuous mode [ 48.056722][ T5947] veth0_macvtap: entered promiscuous mode [ 48.059002][ T5955] veth0_macvtap: entered promiscuous mode [ 48.065095][ T65] Bluetooth: hci2: command tx timeout [ 48.070130][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.070769][ T5947] veth1_macvtap: entered promiscuous mode [ 48.072406][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.075895][ T65] Bluetooth: hci1: command tx timeout [ 48.076196][ T5962] Bluetooth: hci0: command tx timeout [ 48.079085][ T5955] veth1_macvtap: entered promiscuous mode [ 48.092258][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.095952][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.100178][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.110583][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.114003][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.118223][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.122458][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.125702][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.128497][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.131449][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.135363][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.138880][ T1191] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.140058][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.141014][ T1191] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.143904][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.146050][ T65] Bluetooth: hci3: command tx timeout [ 48.151255][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.154329][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.158389][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.160834][ T5945] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.163353][ T5945] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.166786][ T5945] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.170070][ T5945] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.175829][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.179955][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.184823][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.188430][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.191188][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.195252][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.199143][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.206846][ T5947] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.209667][ T5947] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.212918][ T5947] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.215634][ T5947] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.238065][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.240878][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.243935][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.246909][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.249454][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.252292][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.257798][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.263065][ T5955] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.265583][ T5955] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.267991][ T5955] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.270341][ T5955] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.286096][ T5954] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 48.289516][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.292453][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.328028][ T104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.330211][ T104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.336967][ T1191] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.339092][ T1191] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.347085][ T104] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.349303][ T104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.358792][ T1191] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.361027][ T1191] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.369448][ T1191] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.372344][ T1191] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.464721][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.579276][ T6028] netlink: 'syz.1.6': attribute type 1 has an invalid length. [ 48.582449][ T6028] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6'. [ 48.585485][ T6028] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6'. [ 48.596164][ T6028] ip6erspan0: entered promiscuous mode [ 48.754659][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 48.754882][ T6032] vivid-000: ================= START STATUS ================= [ 48.759405][ T6032] vivid-000: Test Pattern: 75% Colorbar [ 48.761791][ T6032] vivid-000: Fill Percentage of Frame: 100 [ 48.763661][ T6032] vivid-000: Horizontal Movement: No Movement [ 48.765763][ T6032] vivid-000: Vertical Movement: No Movement [ 48.767624][ T6032] vivid-000: OSD Text Mode: All [ 48.769251][ T6032] vivid-000: Show Border: false [ 48.770737][ T6032] vivid-000: Show Square: false [ 48.772287][ T6032] vivid-000: Sensor Flipped Horizontally: false [ 48.774463][ T6032] vivid-000: Sensor Flipped Vertically: false [ 48.776444][ T6032] vivid-000: Insert SAV Code in Image: false [ 48.778217][ T6032] vivid-000: Insert EAV Code in Image: false [ 48.780161][ T6032] vivid-000: Insert Video Guard Band: false [ 48.781932][ T6032] vivid-000: Reduced Framerate: false [ 48.783537][ T6032] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator [ 48.786049][ T6032] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator [ 48.788583][ T6032] vivid-000: Enable Capture Cropping: true [ 48.790452][ T6032] vivid-000: Enable Capture Composing: true [ 48.792215][ T6032] vivid-000: Enable Capture Scaler: true [ 48.793814][ T6032] vivid-000: Timestamp Source: End of Frame [ 48.796098][ T6032] vivid-000: Colorspace: sRGB [ 48.797488][ T6032] vivid-000: Transfer Function: Default [ 48.799233][ T6032] vivid-000: Y'CbCr Encoding: Default [ 48.800766][ T6032] vivid-000: HSV Encoding: Hue 0-179 [ 48.802362][ T6032] vivid-000: Quantization: Default [ 48.803938][ T6032] vivid-000: Apply Alpha To Red Only: false [ 48.806323][ T6032] vivid-000: Standard Aspect Ratio: 4x3 [ 48.808044][ T6032] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 48.810468][ T6032] vivid-000: DV Timings: 640x480p59 inactive [ 48.813386][ T6032] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 48.815787][ T6032] vivid-000: Maximum EDID Blocks: 2 [ 48.817474][ T6032] vivid-000: Limited RGB Range (16-235): false [ 48.819335][ T6032] vivid-000: Rx RGB Quantization Range: Automatic [ 48.821554][ T6032] vivid-000: Power Present: 0x00000001 [ 48.823428][ T6032] tpg source WxH: 640x360 (Y'CbCr) [ 48.825016][ T6032] tpg field: 1 [ 48.825989][ T6032] tpg crop: 640x360@0x0 [ 48.828001][ T6032] tpg compose: 640x360@0x0 [ 48.829318][ T6032] tpg colorspace: 8 [ 48.830416][ T6032] tpg transfer function: 0/0 [ 48.831924][ T6032] tpg Y'CbCr encoding: 0/0 [ 48.833352][ T6032] tpg quantization: 0/0 [ 48.834594][ T6032] tpg RGB range: 0/2 [ 48.835891][ T6032] vivid-000: ================== END STATUS ================== [ 48.855990][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 48.858326][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 48.861211][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 48.863809][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 49.914545][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 49.917133][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 49.954801][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 49.982706][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 50.145334][ T65] Bluetooth: hci0: command tx timeout [ 50.145365][ T5962] Bluetooth: hci1: command tx timeout [ 50.154733][ T65] Bluetooth: hci2: command tx timeout [ 50.224696][ T65] Bluetooth: hci3: command tx timeout [ 50.753996][ T6055] netlink: 44 bytes leftover after parsing attributes in process `syz.0.14'. [ 51.245498][ T6070] Zero length message leads to an empty skb [ 52.012316][ T6085] FAULT_INJECTION: forcing a failure. [ 52.012316][ T6085] name failslab, interval 1, probability 0, space 0, times 1 [ 52.017691][ T6085] CPU: 2 UID: 0 PID: 6085 Comm: syz.3.24 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0 [ 52.017713][ T6085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 52.017723][ T6085] Call Trace: [ 52.017728][ T6085] [ 52.017735][ T6085] dump_stack_lvl+0x16c/0x1f0 [ 52.017761][ T6085] should_fail_ex+0x50a/0x650 [ 52.017794][ T6085] ? fs_reclaim_acquire+0xae/0x150 [ 52.017818][ T6085] ? __svc_create+0x5c/0x9f0 [ 52.017842][ T6085] should_failslab+0xc2/0x120 [ 52.017870][ T6085] __kmalloc_cache_noprof+0x68/0x410 [ 52.017894][ T6085] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 52.017917][ T6085] ? __pfx_nfsd+0x10/0x10 [ 52.017934][ T6085] ? __pfx_nfsd+0x10/0x10 [ 52.017952][ T6085] __svc_create+0x5c/0x9f0 [ 52.017982][ T6085] ? __pfx_nfsd+0x10/0x10 [ 52.017999][ T6085] svc_create_pooled+0x50e/0x880 [ 52.018025][ T6085] ? nfsd_reset_versions+0x86/0x2d0 [ 52.018044][ T6085] ? __init_swait_queue_head+0xca/0x150 [ 52.018066][ T6085] nfsd_create_serv+0x2b3/0x480 [ 52.018087][ T6085] ? __pfx_nfsd_create_serv+0x10/0x10 [ 52.018106][ T6085] ? __asan_memset+0x23/0x50 [ 52.018134][ T6085] nfsd_nl_listener_set_doit+0xeb/0x1b40 [ 52.018160][ T6085] ? __pfx___nla_validate_parse+0x10/0x10 [ 52.018186][ T6085] ? rcu_is_watching+0x12/0xc0 [ 52.018206][ T6085] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 52.018232][ T6085] ? __nla_parse+0x40/0x60 [ 52.018253][ T6085] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 52.018279][ T6085] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 52.018309][ T6085] genl_family_rcv_msg_doit+0x202/0x2f0 [ 52.018334][ T6085] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 52.018358][ T6085] ? trace_cap_capable+0x1a2/0x210 [ 52.018383][ T6085] ? bpf_lsm_capable+0x9/0x10 [ 52.018401][ T6085] ? security_capable+0x7e/0x260 [ 52.018432][ T6085] genl_rcv_msg+0x565/0x800 [ 52.018459][ T6085] ? __pfx_genl_rcv_msg+0x10/0x10 [ 52.018483][ T6085] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 52.018510][ T6085] ? __pfx___lock_acquire+0x10/0x10 [ 52.018538][ T6085] netlink_rcv_skb+0x16b/0x440 [ 52.018559][ T6085] ? __pfx_genl_rcv_msg+0x10/0x10 [ 52.018584][ T6085] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 52.018616][ T6085] ? down_read+0xc9/0x330 [ 52.018636][ T6085] ? __pfx_down_read+0x10/0x10 [ 52.018658][ T6085] ? netlink_deliver_tap+0x1ae/0xd30 [ 52.018682][ T6085] genl_rcv+0x28/0x40 [ 52.018702][ T6085] netlink_unicast+0x53c/0x7f0 [ 52.018727][ T6085] ? __pfx_netlink_unicast+0x10/0x10 [ 52.018748][ T6085] ? __phys_addr_symbol+0x30/0x80 [ 52.018765][ T6085] ? __check_object_size+0x488/0x710 [ 52.018789][ T6085] netlink_sendmsg+0x8b8/0xd70 [ 52.018812][ T6085] ? __pfx_netlink_sendmsg+0x10/0x10 [ 52.018856][ T6085] ____sys_sendmsg+0xaaf/0xc90 [ 52.018878][ T6085] ? __pfx_____sys_sendmsg+0x10/0x10 [ 52.018894][ T6085] ? get_compat_msghdr+0x11b/0x170 [ 52.018919][ T6085] ? get_pid_task+0xfc/0x250 [ 52.018942][ T6085] ___sys_sendmsg+0x135/0x1e0 [ 52.018967][ T6085] ? __pfx____sys_sendmsg+0x10/0x10 [ 52.019013][ T6085] ? __pfx_vfs_write+0x10/0x10 [ 52.019037][ T6085] ? do_sys_openat2+0xb1/0x1e0 [ 52.019057][ T6085] __sys_sendmsg+0x16e/0x220 [ 52.019080][ T6085] ? __pfx___sys_sendmsg+0x10/0x10 [ 52.019120][ T6085] __do_fast_syscall_32+0x73/0x120 [ 52.019143][ T6085] do_fast_syscall_32+0x32/0x80 [ 52.019163][ T6085] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 52.019191][ T6085] RIP: 0023:0xf7fd0579 [ 52.019206][ T6085] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 52.019222][ T6085] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 52.019239][ T6085] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040 [ 52.019250][ T6085] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 52.019259][ T6085] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 52.019268][ T6085] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 52.019278][ T6085] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 52.019301][ T6085] [ 52.225531][ T65] Bluetooth: hci2: command tx timeout [ 52.225908][ T5962] Bluetooth: hci0: command tx timeout [ 52.228903][ T5950] Bluetooth: hci1: command tx timeout [ 52.273477][ T6089] xt_TPROXY: Can be used only with -p tcp or -p udp [ 52.304501][ T5950] Bluetooth: hci3: command tx timeout [ 53.249498][ T6104] overlayfs: overlapping lowerdir path [ 53.388573][ T6107] netlink: 9 bytes leftover after parsing attributes in process `syz.3.31'. [ 53.391473][ T6107] 0·: renamed from hsr0 (while UP) [ 53.405322][ T6107] 0·: entered allmulticast mode [ 53.407052][ T6107] hsr_slave_0: entered allmulticast mode [ 53.408963][ T6107] hsr_slave_1: entered allmulticast mode [ 53.412212][ T6107] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 53.638797][ T6107] netlink: 12 bytes leftover after parsing attributes in process `syz.3.31'. [ 54.304756][ T5962] Bluetooth: hci2: command tx timeout [ 54.314462][ T5950] Bluetooth: hci0: command tx timeout [ 54.324495][ T5962] Bluetooth: hci1: command tx timeout [ 54.384516][ T5950] Bluetooth: hci3: command tx timeout [ 55.521288][ T39] audit: type=1326 audit(1739607828.579:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6147 comm="syz.2.42" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x0 [ 56.153386][ T6160] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 56.210874][ T6159] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 56.266070][ T6159] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 56.389467][ T5962] Bluetooth: hci0: command tx timeout [ 56.465098][ T5962] Bluetooth: hci3: command tx timeout [ 57.264545][ T5962] Bluetooth: hci2: command 0x0405 tx timeout [ 57.478212][ T6179] trusted_key: encrypted_key: insufficient parameters specified [ 58.157664][ T6195] ALSA: mixer_oss: invalid OSS volume 'SPEA' [ 58.465521][ T5950] Bluetooth: hci0: command tx timeout [ 58.544667][ T5950] Bluetooth: hci3: command tx timeout [ 58.876599][ T6212] Can't find a SQUASHFS superblock on nullb0 [ 59.069836][ T6231] veth1_macvtap: left promiscuous mode [ 59.071725][ T6231] macsec0: entered promiscuous mode [ 59.198241][ T6244] overlayfs: overlapping lowerdir path [ 59.643273][ T6251] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 59.904547][ T5950] Bluetooth: hci1: command tx timeout [ 60.178213][ T6259] netlink: 'syz.3.75': attribute type 1 has an invalid length. [ 60.589263][ T39] audit: type=1326 audit(1739607833.649:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6270 comm="syz.1.78" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x7ffc0000 [ 60.595172][ T39] audit: type=1326 audit(1739607833.649:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6270 comm="syz.1.78" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x7ffc0000 [ 60.747231][ T6278] netlink: 9 bytes leftover after parsing attributes in process `syz.1.79'. [ 60.749932][ T6278] 0·: renamed from hsr0 (while UP) [ 60.796214][ T6278] 0·: entered allmulticast mode [ 60.797706][ T6278] hsr_slave_0: entered allmulticast mode [ 60.799278][ T6278] hsr_slave_1: entered allmulticast mode [ 60.801194][ T6278] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 60.806180][ T6279] netlink: 12 bytes leftover after parsing attributes in process `syz.1.79'. [ 61.032459][ T6287] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 61.037836][ T6287] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 63.914524][ T25] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 63.914549][ T1337] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 64.064526][ T25] usb 7-1: Using ep0 maxpacket: 8 [ 64.064593][ T1337] usb 8-1: Using ep0 maxpacket: 16 [ 64.071578][ T1337] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87 [ 64.074263][ T25] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 64.076171][ T1337] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 64.081041][ T25] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 64.085574][ T1337] usb 8-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 64.089830][ T1337] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 64.090455][ T25] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 64.092381][ T1337] usb 8-1: Product: syz [ 64.095838][ T25] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 64.095878][ T25] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 64.097710][ T1337] usb 8-1: Manufacturer: syz [ 64.102196][ T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.104826][ T1337] usb 8-1: SerialNumber: syz [ 64.107626][ T1337] usb 8-1: config 0 descriptor?? [ 64.321299][ T25] usb 7-1: usb_control_msg returned -32 [ 64.323634][ T25] usbtmc 7-1:16.0: can't read capabilities [ 64.349571][ T1337] appledisplay 8-1:0.0: Error while getting initial brightness: -71 [ 64.358928][ T1337] appledisplay 8-1:0.0: probe with driver appledisplay failed with error -71 [ 64.365279][ T1337] usb 8-1: USB disconnect, device number 2 [ 64.689697][ T1337] usb 7-1: USB disconnect, device number 2 [ 64.907217][ T6362] netlink: 8 bytes leftover after parsing attributes in process `syz.0.96'. [ 65.008207][ T6362] wireguard0: entered promiscuous mode [ 65.146830][ T6377] FAULT_INJECTION: forcing a failure. [ 65.146830][ T6377] name failslab, interval 1, probability 0, space 0, times 0 [ 65.146863][ T6377] CPU: 3 UID: 0 PID: 6377 Comm: syz.3.106 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0 [ 65.146881][ T6377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 65.146892][ T6377] Call Trace: [ 65.146897][ T6377] [ 65.146904][ T6377] dump_stack_lvl+0x16c/0x1f0 [ 65.146929][ T6377] should_fail_ex+0x50a/0x650 [ 65.146955][ T6377] ? fs_reclaim_acquire+0xae/0x150 [ 65.146978][ T6377] should_failslab+0xc2/0x120 [ 65.147005][ T6377] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 65.147031][ T6377] ? __alloc_skb+0x2b1/0x380 [ 65.147055][ T6377] __alloc_skb+0x2b1/0x380 [ 65.147076][ T6377] ? __pfx___alloc_skb+0x10/0x10 [ 65.147098][ T6377] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 65.147124][ T6377] netlink_alloc_large_skb+0x69/0x130 [ 65.147145][ T6377] netlink_sendmsg+0x689/0xd70 [ 65.147170][ T6377] ? __pfx_netlink_sendmsg+0x10/0x10 [ 65.147199][ T6377] ____sys_sendmsg+0xaaf/0xc90 [ 65.147218][ T6377] ? __pfx_____sys_sendmsg+0x10/0x10 [ 65.147234][ T6377] ? get_compat_msghdr+0x11b/0x170 [ 65.147262][ T6377] ___sys_sendmsg+0x135/0x1e0 [ 65.147287][ T6377] ? __pfx____sys_sendmsg+0x10/0x10 [ 65.147318][ T6377] ? __pfx_lock_release+0x10/0x10 [ 65.147340][ T6377] ? trace_lock_acquire+0x14e/0x1f0 [ 65.147368][ T6377] ? __fget_files+0x206/0x3a0 [ 65.147398][ T6377] __sys_sendmsg+0x16e/0x220 [ 65.147421][ T6377] ? __pfx___sys_sendmsg+0x10/0x10 [ 65.147458][ T6377] __do_fast_syscall_32+0x73/0x120 [ 65.147480][ T6377] do_fast_syscall_32+0x32/0x80 [ 65.147500][ T6377] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 65.147527][ T6377] RIP: 0023:0xf7fd0579 [ 65.147540][ T6377] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 65.147555][ T6377] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 65.147572][ T6377] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 65.147608][ T6377] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 65.147622][ T6377] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 65.147632][ T6377] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 65.147642][ T6377] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 65.147664][ T6377] [ 65.946439][ T6380] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 66.002316][ T6380] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 66.244340][ T6401] capability: warning: `syz.0.115' uses 32-bit capabilities (legacy support in use) [ 66.275165][ T6403] netlink: 104 bytes leftover after parsing attributes in process `syz.3.113'. [ 66.695011][ T6408] netlink: 8 bytes leftover after parsing attributes in process `syz.0.116'. [ 66.699602][ T6408] netlink: 8 bytes leftover after parsing attributes in process `syz.0.116'. [ 66.702814][ T6408] netlink: 8 bytes leftover after parsing attributes in process `syz.0.116'. [ 66.705762][ T6408] netlink: 8 bytes leftover after parsing attributes in process `syz.0.116'. [ 66.708667][ T6408] netlink: 8 bytes leftover after parsing attributes in process `syz.0.116'. [ 66.711451][ T6408] netlink: 8 bytes leftover after parsing attributes in process `syz.0.116'. [ 66.714817][ T6408] netlink: 8 bytes leftover after parsing attributes in process `syz.0.116'. [ 66.717786][ T6408] netlink: 8 bytes leftover after parsing attributes in process `syz.0.116'. [ 66.721014][ T6408] netlink: 8 bytes leftover after parsing attributes in process `syz.0.116'. [ 67.557678][ T6433] ======================================================= [ 67.557678][ T6433] WARNING: The mand mount option has been deprecated and [ 67.557678][ T6433] and is ignored by this kernel. Remove the mand [ 67.557678][ T6433] option from the mount to silence this warning. [ 67.557678][ T6433] ======================================================= [ 67.984482][ T5950] Bluetooth: hci1: command tx timeout [ 68.166245][ T6449] xt_TPROXY: Can be used only with -p tcp or -p udp [ 68.574749][ T6471] FAULT_INJECTION: forcing a failure. [ 68.574749][ T6471] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 68.579391][ T6471] CPU: 0 UID: 0 PID: 6471 Comm: syz.0.137 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0 [ 68.579406][ T6471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.579413][ T6471] Call Trace: [ 68.579417][ T6471] [ 68.579421][ T6471] dump_stack_lvl+0x16c/0x1f0 [ 68.579439][ T6471] should_fail_ex+0x50a/0x650 [ 68.579458][ T6471] _copy_from_iter+0x2a1/0x1560 [ 68.579470][ T6471] ? trace_lock_acquire+0x14e/0x1f0 [ 68.579484][ T6471] ? __alloc_skb+0x1fe/0x380 [ 68.579500][ T6471] ? __pfx__copy_from_iter+0x10/0x10 [ 68.579510][ T6471] ? __virt_addr_valid+0x1a4/0x590 [ 68.579526][ T6471] ? __virt_addr_valid+0x5e/0x590 [ 68.579540][ T6471] ? __phys_addr_symbol+0x30/0x80 [ 68.579577][ T6471] ? __check_object_size+0x488/0x710 [ 68.579594][ T6471] netlink_sendmsg+0x813/0xd70 [ 68.579616][ T6471] ? __pfx_netlink_sendmsg+0x10/0x10 [ 68.579638][ T6471] ____sys_sendmsg+0xaaf/0xc90 [ 68.579650][ T6471] ? __pfx_____sys_sendmsg+0x10/0x10 [ 68.579659][ T6471] ? get_compat_msghdr+0x11b/0x170 [ 68.579677][ T6471] ___sys_sendmsg+0x135/0x1e0 [ 68.579692][ T6471] ? __pfx____sys_sendmsg+0x10/0x10 [ 68.579712][ T6471] ? __pfx_lock_release+0x10/0x10 [ 68.579726][ T6471] ? trace_lock_acquire+0x14e/0x1f0 [ 68.579742][ T6471] ? __fget_files+0x206/0x3a0 [ 68.579761][ T6471] __sys_sendmsg+0x16e/0x220 [ 68.579781][ T6471] ? __pfx___sys_sendmsg+0x10/0x10 [ 68.579803][ T6471] __do_fast_syscall_32+0x73/0x120 [ 68.579818][ T6471] do_fast_syscall_32+0x32/0x80 [ 68.579831][ T6471] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 68.579849][ T6471] RIP: 0023:0xf7f86579 [ 68.579858][ T6471] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 68.579868][ T6471] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 68.579889][ T6471] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0 [ 68.579896][ T6471] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 68.579902][ T6471] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 68.579908][ T6471] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 68.579913][ T6471] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 68.579926][ T6471] [ 68.670846][ T6475] mmap: syz.1.138 (6475) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 69.576042][ T6517] ipvlan2: entered promiscuous mode [ 69.720096][ T6528] syz.1.148 uses obsolete (PF_INET,SOCK_PACKET) [ 70.027203][ T6532] syz.3.149: attempt to access beyond end of device [ 70.027203][ T6532] nbd3: rw=0, sector=2, nr_sectors = 1 limit=0 [ 70.041563][ T6009] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 70.239345][ T6009] usb 6-1: config index 0 descriptor too short (expected 45, got 36) [ 70.251873][ T6009] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 70.255298][ T6009] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 70.264868][ T5988] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 70.283655][ T6009] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 70.287061][ T6009] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 70.290867][ T6009] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 70.294771][ T6009] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.301821][ T6009] usb 6-1: config 0 descriptor?? [ 70.305261][ T6528] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 70.395371][ T5988] usb 7-1: device descriptor read/64, error -71 [ 70.637548][ T5988] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 70.764537][ T5988] usb 7-1: device descriptor read/64, error -71 [ 70.787079][ T6009] plantronics 0003:047F:FFFF.0002: unknown main item tag 0xd [ 70.790780][ T6009] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 70.799065][ T6009] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 70.884671][ T5988] usb usb7-port1: attempt power cycle [ 70.949276][ T1414] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.952381][ T1414] ieee802154 phy1 wpan1: encryption failed: -22 [ 70.953815][ T6545] syz.3.153: attempt to access beyond end of device [ 70.953815][ T6545] nbd3: rw=0, sector=1, nr_sectors = 1 limit=0 [ 70.958990][ T6545] qnx4: unable to read the superblock [ 70.999435][ T1337] usb 6-1: USB disconnect, device number 2 [ 71.096946][ T6547] random: crng reseeded on system resumption [ 71.234547][ T5988] usb 7-1: new full-speed USB device number 5 using dummy_hcd [ 71.255301][ T5988] usb 7-1: device descriptor read/8, error -71 [ 71.494715][ T5988] usb 7-1: new full-speed USB device number 6 using dummy_hcd [ 71.519614][ T5988] usb 7-1: device descriptor read/8, error -71 [ 71.625005][ T5988] usb usb7-port1: unable to enumerate USB device [ 71.667617][ T6553] netlink: 'syz.0.155': attribute type 9 has an invalid length. [ 71.669888][ T6553] __nla_validate_parse: 64 callbacks suppressed [ 71.669897][ T6553] netlink: 8 bytes leftover after parsing attributes in process `syz.0.155'. [ 71.796239][ T6564] IPVS: sync thread started: state = MASTER, mcast_ifn = wg1, syncid = 262145, id = 0 [ 71.799004][ T6562] IPVS: stopping master sync thread 6564 ... [ 72.544526][ T5950] Bluetooth: hci2: command 0x0405 tx timeout [ 72.601329][ T6580] FAULT_INJECTION: forcing a failure. [ 72.601329][ T6580] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 72.605185][ T6580] CPU: 2 UID: 0 PID: 6580 Comm: syz.0.161 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0 [ 72.605199][ T6580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.605207][ T6580] Call Trace: [ 72.605211][ T6580] [ 72.605216][ T6580] dump_stack_lvl+0x16c/0x1f0 [ 72.605329][ T6580] should_fail_ex+0x50a/0x650 [ 72.605396][ T6580] _copy_from_iter+0x2a1/0x1560 [ 72.605407][ T6580] ? trace_lock_acquire+0x14e/0x1f0 [ 72.605440][ T6580] ? __alloc_skb+0x1fe/0x380 [ 72.605487][ T6580] ? __pfx__copy_from_iter+0x10/0x10 [ 72.605496][ T6580] ? __virt_addr_valid+0x1a4/0x590 [ 72.605545][ T6580] ? __virt_addr_valid+0x5e/0x590 [ 72.605555][ T6580] ? __phys_addr_symbol+0x30/0x80 [ 72.605565][ T6580] ? __check_object_size+0x488/0x710 [ 72.605597][ T6580] netlink_sendmsg+0x813/0xd70 [ 72.605639][ T6580] ? __pfx_netlink_sendmsg+0x10/0x10 [ 72.605666][ T6580] ____sys_sendmsg+0xaaf/0xc90 [ 72.605684][ T6580] ? __pfx_____sys_sendmsg+0x10/0x10 [ 72.605699][ T6580] ? get_compat_msghdr+0x11b/0x170 [ 72.605743][ T6580] ___sys_sendmsg+0x135/0x1e0 [ 72.605759][ T6580] ? __pfx____sys_sendmsg+0x10/0x10 [ 72.605781][ T6580] ? __pfx_lock_release+0x10/0x10 [ 72.605795][ T6580] ? trace_lock_acquire+0x14e/0x1f0 [ 72.605811][ T6580] ? __fget_files+0x206/0x3a0 [ 72.605848][ T6580] __sys_sendmsg+0x16e/0x220 [ 72.605863][ T6580] ? __pfx___sys_sendmsg+0x10/0x10 [ 72.605886][ T6580] __do_fast_syscall_32+0x73/0x120 [ 72.605922][ T6580] do_fast_syscall_32+0x32/0x80 [ 72.605935][ T6580] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 72.605954][ T6580] RIP: 0023:0xf7f86579 [ 72.605962][ T6580] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 72.605972][ T6580] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 72.605983][ T6580] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000300 [ 72.605990][ T6580] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 72.605995][ T6580] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 72.606001][ T6580] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 72.606007][ T6580] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 72.606018][ T6580] [ 72.974505][ T6587] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 73.080824][ T6594] FAULT_INJECTION: forcing a failure. [ 73.080824][ T6594] name failslab, interval 1, probability 0, space 0, times 0 [ 73.084699][ T6594] CPU: 1 UID: 0 PID: 6594 Comm: syz.2.164 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0 [ 73.084714][ T6594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 73.084721][ T6594] Call Trace: [ 73.084725][ T6594] [ 73.084730][ T6594] dump_stack_lvl+0x16c/0x1f0 [ 73.084748][ T6594] should_fail_ex+0x50a/0x650 [ 73.084770][ T6594] ? fs_reclaim_acquire+0xae/0x150 [ 73.084806][ T6594] should_failslab+0xc2/0x120 [ 73.084836][ T6594] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 73.084853][ T6594] ? rtnl_prop_list_size+0x116/0x2d0 [ 73.084867][ T6594] ? __alloc_skb+0x2b1/0x380 [ 73.084883][ T6594] __alloc_skb+0x2b1/0x380 [ 73.084896][ T6594] ? __pfx___alloc_skb+0x10/0x10 [ 73.084912][ T6594] ? if_nlmsg_size+0x45d/0xa80 [ 73.084927][ T6594] rtmsg_ifinfo_build_skb+0x81/0x280 [ 73.084969][ T6594] rtnetlink_event+0xf3/0x1f0 [ 73.084986][ T6594] notifier_call_chain+0xb7/0x410 [ 73.085011][ T6594] ? __pfx_rtnetlink_event+0x10/0x10 [ 73.085029][ T6594] call_netdevice_notifiers_info+0xbe/0x140 [ 73.085048][ T6594] call_netdevice_notifiers+0x7d/0xb0 [ 73.085065][ T6594] ? __pfx_call_netdevice_notifiers+0x10/0x10 [ 73.085086][ T6594] ipvlan_device_event+0x7b0/0xb80 [ 73.085102][ T6594] ? __pfx_ipvlan_device_event+0x10/0x10 [ 73.085117][ T6594] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 73.085163][ T6594] ? xsk_notifier+0x58/0x3d0 [ 73.085192][ T6594] ? bond_netdev_event+0xe7/0xd30 [ 73.085210][ T6594] notifier_call_chain+0xb7/0x410 [ 73.085221][ T6594] ? __pfx_ipvlan_device_event+0x10/0x10 [ 73.085237][ T6594] call_netdevice_notifiers_info+0xbe/0x140 [ 73.085255][ T6594] dev_set_mac_address+0x370/0x4a0 [ 73.085267][ T6594] ? __pfx_dev_set_mac_address+0x10/0x10 [ 73.085281][ T6594] ? __pfx_down_write+0x10/0x10 [ 73.085295][ T6594] ? full_name_hash+0xbc/0x110 [ 73.085309][ T6594] dev_set_mac_address_user+0x30/0x50 [ 73.085320][ T6594] dev_ifsioc+0xb8d/0x10d0 [ 73.085333][ T6594] ? __pfx_dev_ifsioc+0x10/0x10 [ 73.085344][ T6594] ? dev_ioctl+0x213/0x10c0 [ 73.085356][ T6594] ? __pfx___mutex_lock+0x10/0x10 [ 73.085369][ T6594] ? __pfx_lock_release+0x10/0x10 [ 73.085387][ T6594] ? full_name_hash+0xbc/0x110 [ 73.085401][ T6594] dev_ioctl+0x224/0x10c0 [ 73.085413][ T6594] sock_do_ioctl+0x19e/0x280 [ 73.085425][ T6594] ? __pfx_sock_do_ioctl+0x10/0x10 [ 73.085434][ T6594] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 73.085451][ T6594] ? unix_ioctl+0x2c6/0x5c0 [ 73.085486][ T6594] ? __pfx_unix_ioctl+0x10/0x10 [ 73.085502][ T6594] compat_sock_ioctl+0x318/0x7e0 [ 73.085516][ T6594] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 73.085531][ T6594] ? __fget_files+0x206/0x3a0 [ 73.085548][ T6594] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 73.085560][ T6594] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 73.085575][ T6594] __do_fast_syscall_32+0x73/0x120 [ 73.085590][ T6594] do_fast_syscall_32+0x32/0x80 [ 73.085602][ T6594] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 73.085621][ T6594] RIP: 0023:0xf73fe579 [ 73.085630][ T6594] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 73.085640][ T6594] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 73.085650][ T6594] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000008924 [ 73.085657][ T6594] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 73.085662][ T6594] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 73.085668][ T6594] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 73.085674][ T6594] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 73.085686][ T6594] [ 73.738761][ T6609] team0: No ports can be present during mode change [ 73.831621][ T6613] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 73.858052][ T6617] capability: warning: `syz.3.172' uses deprecated v2 capabilities in a way that may be insecure [ 74.686342][ T6640] netlink: 8 bytes leftover after parsing attributes in process `syz.2.176'. [ 74.714513][ T5950] Bluetooth: hci2: command 0x0405 tx timeout [ 74.895476][ T6640] wireguard0: entered promiscuous mode [ 74.936469][ T6639] FAULT_INJECTION: forcing a failure. [ 74.936469][ T6639] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 74.940164][ T6639] CPU: 2 UID: 0 PID: 6639 Comm: syz.1.178 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0 [ 74.940178][ T6639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 74.940185][ T6639] Call Trace: [ 74.940189][ T6639] [ 74.940193][ T6639] dump_stack_lvl+0x16c/0x1f0 [ 74.940211][ T6639] should_fail_ex+0x50a/0x650 [ 74.940229][ T6639] _copy_from_user+0x2e/0xd0 [ 74.940241][ T6639] copy_from_buffer+0x85/0xb0 [ 74.940285][ T6639] copy_uabi_to_xstate+0x26e/0x670 [ 74.940301][ T6639] ? __pfx_copy_uabi_to_xstate+0x10/0x10 [ 74.940315][ T6639] ? __pfx_lock_release+0x10/0x10 [ 74.940330][ T6639] ? trace_lock_acquire+0x14e/0x1f0 [ 74.940356][ T6639] ? __local_bh_enable_ip+0xa4/0x120 [ 74.940376][ T6639] __fpu_restore_sig+0x1062/0x1430 [ 74.940391][ T6639] ? __pfx___fpu_restore_sig+0x10/0x10 [ 74.940411][ T6639] ? lock_acquire+0x2f/0xb0 [ 74.940424][ T6639] ? __might_fault+0xe3/0x190 [ 74.940438][ T6639] fpu__restore_sig+0x113/0x190 [ 74.940453][ T6639] ia32_restore_sigcontext+0x40f/0x5d0 [ 74.940495][ T6639] ? __pfx_ia32_restore_sigcontext+0x10/0x10 [ 74.940510][ T6639] ? __pfx_lock_release+0x10/0x10 [ 74.940528][ T6639] ? _raw_spin_unlock_irq+0x23/0x50 [ 74.940539][ T6639] ? lockdep_hardirqs_on+0x7c/0x110 [ 74.940553][ T6639] __do_compat_sys_rt_sigreturn+0x121/0x1f0 [ 74.940570][ T6639] ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10 [ 74.940590][ T6639] do_int80_emulation+0x104/0x200 [ 74.940604][ T6639] asm_int80_emulation+0x1a/0x20 [ 74.940620][ T6639] RIP: 0023:0xf7f06577 [ 74.940628][ T6639] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 [ 74.940638][ T6639] RSP: 002b:00000000f502655c EFLAGS: 00000296 [ 74.940647][ T6639] RAX: 0000000000000091 RBX: 0000000000000008 RCX: 0000000080000c40 [ 74.940653][ T6639] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 74.940658][ T6639] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 74.940664][ T6639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 74.940670][ T6639] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 74.940681][ T6639] [ 75.050558][ T6645] batadv1: entered promiscuous mode [ 75.052196][ T6645] batadv1: entered allmulticast mode [ 75.090508][ T6647] netlink: 152 bytes leftover after parsing attributes in process `syz.1.180'. [ 75.128440][ T6649] Invalid ELF header type: 3 != 1 [ 75.137872][ T6651] FAULT_INJECTION: forcing a failure. [ 75.137872][ T6651] name failslab, interval 1, probability 0, space 0, times 0 [ 75.141654][ T6651] CPU: 0 UID: 0 PID: 6651 Comm: syz.3.182 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0 [ 75.141675][ T6651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.141685][ T6651] Call Trace: [ 75.141691][ T6651] [ 75.141698][ T6651] dump_stack_lvl+0x16c/0x1f0 [ 75.141722][ T6651] should_fail_ex+0x50a/0x650 [ 75.141751][ T6651] should_failslab+0xc2/0x120 [ 75.141778][ T6651] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 75.141804][ T6651] ? skb_clone+0x190/0x3f0 [ 75.141832][ T6651] skb_clone+0x190/0x3f0 [ 75.141855][ T6651] netlink_deliver_tap+0xabd/0xd30 [ 75.141883][ T6651] netlink_unicast+0x5e1/0x7f0 [ 75.141907][ T6651] ? __pfx_netlink_unicast+0x10/0x10 [ 75.141926][ T6651] ? __phys_addr_symbol+0x30/0x80 [ 75.141944][ T6651] ? __check_object_size+0x488/0x710 [ 75.141964][ T6651] netlink_sendmsg+0x8b8/0xd70 [ 75.141988][ T6651] ? __pfx_netlink_sendmsg+0x10/0x10 [ 75.142020][ T6651] ____sys_sendmsg+0xaaf/0xc90 [ 75.142040][ T6651] ? __pfx_____sys_sendmsg+0x10/0x10 [ 75.142055][ T6651] ? get_compat_msghdr+0x11b/0x170 [ 75.142085][ T6651] ___sys_sendmsg+0x135/0x1e0 [ 75.142109][ T6651] ? __pfx____sys_sendmsg+0x10/0x10 [ 75.142143][ T6651] ? __pfx_lock_release+0x10/0x10 [ 75.142165][ T6651] ? trace_lock_acquire+0x14e/0x1f0 [ 75.142193][ T6651] ? __fget_files+0x206/0x3a0 [ 75.142225][ T6651] __sys_sendmsg+0x16e/0x220 [ 75.142248][ T6651] ? __pfx___sys_sendmsg+0x10/0x10 [ 75.142302][ T6651] __do_fast_syscall_32+0x73/0x120 [ 75.142326][ T6651] do_fast_syscall_32+0x32/0x80 [ 75.142346][ T6651] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 75.142374][ T6651] RIP: 0023:0xf7fd0579 [ 75.142387][ T6651] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 75.142402][ T6651] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 75.142418][ T6651] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800012c0 [ 75.142429][ T6651] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 75.142438][ T6651] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 75.142447][ T6651] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 75.142457][ T6651] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 75.142485][ T6651] [ 76.128812][ T6674] netlink: 4 bytes leftover after parsing attributes in process `syz.1.188'. [ 76.132044][ C3] vcan0: j1939_session_tx_dat: 0xffff88802a00b000: queue data error: -100 [ 76.134739][ C3] vcan0: j1939_xtp_rx_dpo: no connection found [ 76.136829][ C3] vcan0 (unregistering): j1939_xtp_rx_dpo: no connection found [ 76.138956][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.141121][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.143393][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.146056][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.148342][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.150538][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.152779][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.155184][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.157498][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.159698][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.161933][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.164158][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.166439][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.169075][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.171880][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.174773][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.177432][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.180184][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.182380][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.184958][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.187206][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.189406][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.191742][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.193974][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.196303][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.198482][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.200695][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.202895][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.205139][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.207313][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.209485][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.211628][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.214174][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.216878][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.219714][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.222616][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.225537][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.227903][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.230069][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.232219][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.234346][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.236605][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.238771][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.240920][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.243083][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.245298][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.247536][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.249683][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.251815][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.254038][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.256307][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.258710][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.261570][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.264462][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.267222][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.270009][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.272412][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.275176][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.278057][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.280850][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.283697][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.285902][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.288118][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.290273][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.292457][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.294975][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.297493][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.299631][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.301792][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.303951][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.306284][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.308444][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.310604][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.312752][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.314956][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.317304][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.319375][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.321545][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.323700][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.325882][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.328130][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.330355][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.332566][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.334795][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.337032][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.339154][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.341335][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.343540][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.345768][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.347981][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.350160][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.352342][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.354723][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.357343][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.360009][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.362839][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.365413][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.367626][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.369792][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.371867][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.373033][ T6678] netlink: 'syz.2.189': attribute type 9 has an invalid length. [ 76.374186][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.379980][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.382576][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.384843][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.387443][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.389603][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.391776][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.394061][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.396338][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.398497][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.400948][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.403510][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.406054][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.408761][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.410932][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.413106][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.415299][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.417482][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.419647][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.421761][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.423997][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.426167][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.428330][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.430476][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.432611][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 76.434798][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 76.437721][ T5950] Bluetooth: hci3: command tx timeout [ 76.464650][ T6679] netlink: 124 bytes leftover after parsing attributes in process `syz.2.189'. [ 76.965823][ T6694] netlink: 4 bytes leftover after parsing attributes in process `syz.3.193'. [ 77.763936][ T6710] netlink: 1284 bytes leftover after parsing attributes in process `syz.1.199'. [ 77.765639][ T6712] netlink: 8 bytes leftover after parsing attributes in process `syz.3.198'. [ 77.767837][ T6710] openvswitch: netlink: Missing key (keys=40, expected=80) [ 78.016876][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802ac94c00: rx timeout, send abort [ 78.134472][ T1337] usb 8-1: new low-speed USB device number 3 using dummy_hcd [ 78.284580][ T1337] usb 8-1: Invalid ep0 maxpacket: 16 [ 78.346805][ T6728] trusted_key: encrypted_key: insufficient parameters specified [ 78.414586][ T1337] usb 8-1: new low-speed USB device number 4 using dummy_hcd [ 78.520409][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802ac94c00: abort rx timeout. Force session deactivation [ 78.564644][ T1337] usb 8-1: Invalid ep0 maxpacket: 16 [ 78.566754][ T1337] usb usb8-port1: attempt power cycle [ 78.625819][ T5950] Bluetooth: hci2: command 0x0405 tx timeout [ 78.900952][ T6732] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 78.902906][ T6732] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 78.907296][ T6732] vhci_hcd vhci_hcd.0: Device attached [ 78.914583][ T1337] usb 8-1: new low-speed USB device number 5 using dummy_hcd [ 78.935234][ T1337] usb 8-1: Invalid ep0 maxpacket: 16 [ 79.036930][ T6733] vhci_hcd: connection closed [ 79.038734][ T12] vhci_hcd: stop threads [ 79.043210][ T12] vhci_hcd: release socket [ 79.046312][ T12] vhci_hcd: disconnect device [ 79.064494][ T1337] usb 8-1: new low-speed USB device number 6 using dummy_hcd [ 79.085217][ T1337] usb 8-1: Invalid ep0 maxpacket: 16 [ 79.085325][ T1488] vhci_hcd: vhci_device speed not set [ 79.087710][ T1337] usb usb8-port1: unable to enumerate USB device [ 79.605553][ T6744] netlink: 104 bytes leftover after parsing attributes in process `syz.1.210'. [ 79.609225][ T6744] overlayfs: missing 'lowerdir' [ 79.994585][ T5950] Bluetooth: hci1: command tx timeout [ 80.806839][ T6759] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 81.108974][ T6769] delete_channel: no stack [ 81.194289][ T56] cfg80211: failed to load regulatory.db [ 81.522101][ T6774] sctp: [Deprecated]: syz.3.215 (pid 6774) Use of int in maxseg socket option. [ 81.522101][ T6774] Use struct sctp_assoc_value instead [ 81.857640][ T6774] netlink: 12 bytes leftover after parsing attributes in process `syz.3.215'. [ 82.745481][ T6806] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 82.747615][ T6806] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 82.756444][ T6806] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 82.761888][ T6806] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 82.764567][ T6806] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 82.769977][ T6806] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 82.772487][ T6806] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 82.774598][ T6806] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 82.777193][ T6806] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 82.781978][ T6806] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 82.784262][ T6806] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 82.789072][ T6806] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 82.936965][ T6816] netlink: 9 bytes leftover after parsing attributes in process `syz.0.229'. [ 82.941777][ T6816] 0·: renamed from hsr0 (while UP) [ 82.958558][ T6816] 0·: entered allmulticast mode [ 82.960679][ T6816] hsr_slave_0: entered allmulticast mode [ 82.963301][ T6816] hsr_slave_1: entered allmulticast mode [ 82.967350][ T6816] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 83.582795][ T6842] batadv_slave_1: entered promiscuous mode [ 83.621661][ T6844] netlink: 24 bytes leftover after parsing attributes in process `syz.0.235'. [ 83.628470][ T6844] netlink: 8 bytes leftover after parsing attributes in process `syz.0.235'. [ 84.210317][ T6830] batadv_slave_1: left promiscuous mode [ 84.714569][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout [ 84.784768][ T5962] Bluetooth: hci2: command 0x0405 tx timeout [ 84.784771][ T5950] Bluetooth: hci1: command 0x0c1a tx timeout [ 84.786563][ T5962] Bluetooth: hci3: command 0x0c1a tx timeout [ 85.435443][ T6880] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 85.437375][ T6880] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 85.450262][ T6880] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 85.451993][ T6880] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 85.466848][ T6888] warning: `syz.3.244' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 85.472980][ T6880] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 85.477344][ T6880] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 85.501590][ T6880] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 85.512205][ T6880] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 85.962527][ T6909] Bluetooth: MGMT ver 1.23 [ 89.096330][ T6984] Illegal XDP return value 4294967294 on prog (id 30) dev N/A, expect packet loss! [ 89.832860][ T39] audit: type=1326 audit(1739607862.889:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6976 comm="syz.0.267" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86579 code=0x7fc00000 [ 90.133254][ T7010] FAULT_INJECTION: forcing a failure. [ 90.133254][ T7010] name failslab, interval 1, probability 0, space 0, times 0 [ 90.137117][ T7010] CPU: 1 UID: 0 PID: 7010 Comm: syz.2.277 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0 [ 90.137131][ T7010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.137138][ T7010] Call Trace: [ 90.137141][ T7010] [ 90.137146][ T7010] dump_stack_lvl+0x16c/0x1f0 [ 90.137174][ T7010] should_fail_ex+0x50a/0x650 [ 90.137193][ T7010] ? __hw_addr_add_ex+0x3c8/0x7c0 [ 90.137210][ T7010] should_failslab+0xc2/0x120 [ 90.137228][ T7010] __kmalloc_cache_noprof+0x68/0x410 [ 90.137245][ T7010] ? lock_acquire.part.0+0x155/0x380 [ 90.137264][ T7010] __hw_addr_add_ex+0x3c8/0x7c0 [ 90.137282][ T7010] ? __pfx___hw_addr_add_ex+0x10/0x10 [ 90.137298][ T7010] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 90.137316][ T7010] ? dev_mc_add+0x6f/0x110 [ 90.137335][ T7010] dev_mc_add+0xb6/0x110 [ 90.137353][ T7010] garp_init_applicant+0xd8/0x500 [ 90.137371][ T7010] register_vlan_dev+0x197/0x940 [ 90.137417][ T7010] ? vlan_changelink+0x2c3/0x5e0 [ 90.137436][ T7010] vlan_newlink+0x40e/0x6a0 [ 90.137453][ T7010] ? __pfx_vlan_newlink+0x10/0x10 [ 90.137472][ T7010] rtnl_newlink+0xb95/0x1d60 [ 90.137489][ T7010] ? __pfx_rtnl_newlink+0x10/0x10 [ 90.137507][ T7010] ? __pfx___lock_acquire+0x10/0x10 [ 90.137521][ T7010] ? kfree_skbmem+0x1a4/0x1f0 [ 90.137533][ T7010] ? aa_get_newest_label+0x376/0x680 [ 90.137555][ T7010] ? find_held_lock+0x2d/0x110 [ 90.137568][ T7010] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 90.137582][ T7010] ? __pfx_lock_release+0x10/0x10 [ 90.137596][ T7010] ? trace_lock_acquire+0x14e/0x1f0 [ 90.137612][ T7010] ? __pfx_rtnl_newlink+0x10/0x10 [ 90.137626][ T7010] rtnetlink_rcv_msg+0x95b/0xea0 [ 90.137642][ T7010] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 90.137663][ T7010] netlink_rcv_skb+0x16b/0x440 [ 90.137681][ T7010] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 90.137697][ T7010] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 90.137718][ T7010] ? netlink_deliver_tap+0x1ae/0xd30 [ 90.137733][ T7010] netlink_unicast+0x53c/0x7f0 [ 90.137749][ T7010] ? __pfx_netlink_unicast+0x10/0x10 [ 90.137763][ T7010] ? __phys_addr_symbol+0x30/0x80 [ 90.137774][ T7010] ? __check_object_size+0x488/0x710 [ 90.137787][ T7010] netlink_sendmsg+0x8b8/0xd70 [ 90.137803][ T7010] ? __pfx_netlink_sendmsg+0x10/0x10 [ 90.137822][ T7010] ____sys_sendmsg+0xaaf/0xc90 [ 90.137834][ T7010] ? __pfx_____sys_sendmsg+0x10/0x10 [ 90.137844][ T7010] ? get_compat_msghdr+0x11b/0x170 [ 90.137862][ T7010] ___sys_sendmsg+0x135/0x1e0 [ 90.137878][ T7010] ? __pfx____sys_sendmsg+0x10/0x10 [ 90.137898][ T7010] ? __pfx_lock_release+0x10/0x10 [ 90.137912][ T7010] ? trace_lock_acquire+0x14e/0x1f0 [ 90.137929][ T7010] ? __fget_files+0x206/0x3a0 [ 90.137949][ T7010] __sys_sendmsg+0x16e/0x220 [ 90.137964][ T7010] ? __pfx___sys_sendmsg+0x10/0x10 [ 90.137988][ T7010] __do_fast_syscall_32+0x73/0x120 [ 90.138003][ T7010] do_fast_syscall_32+0x32/0x80 [ 90.138016][ T7010] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 90.138034][ T7010] RIP: 0023:0xf73fe579 [ 90.138043][ T7010] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 90.138053][ T7010] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 90.138064][ T7010] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280 [ 90.138071][ T7010] RDX: 0000000000008000 RSI: 0000000000000000 RDI: 0000000000000000 [ 90.138077][ T7010] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 90.138082][ T7010] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 90.138088][ T7010] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 90.138101][ T7010] [ 90.271630][ T7011] trusted_key: encrypted_key: keyword 'upcate' not recognized [ 90.416999][ T7016] FAULT_INJECTION: forcing a failure. [ 90.416999][ T7016] name failslab, interval 1, probability 0, space 0, times 0 [ 90.420678][ T7016] CPU: 2 UID: 0 PID: 7016 Comm: syz.1.279 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0 [ 90.420702][ T7016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.420709][ T7016] Call Trace: [ 90.420713][ T7016] [ 90.420718][ T7016] dump_stack_lvl+0x16c/0x1f0 [ 90.420735][ T7016] should_fail_ex+0x50a/0x650 [ 90.420752][ T7016] ? fs_reclaim_acquire+0xae/0x150 [ 90.420767][ T7016] ? copy_mount_options+0x55/0x190 [ 90.420778][ T7016] should_failslab+0xc2/0x120 [ 90.420795][ T7016] __kmalloc_cache_noprof+0x68/0x410 [ 90.420812][ T7016] ? _copy_from_user+0x59/0xd0 [ 90.420824][ T7016] copy_mount_options+0x55/0x190 [ 90.420836][ T7016] __ia32_sys_mount+0x1ad/0x310 [ 90.420854][ T7016] ? __pfx___ia32_sys_mount+0x10/0x10 [ 90.420875][ T7016] __do_fast_syscall_32+0x73/0x120 [ 90.420891][ T7016] do_fast_syscall_32+0x32/0x80 [ 90.420908][ T7016] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 90.420932][ T7016] RIP: 0023:0xf7f06579 [ 90.420943][ T7016] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 90.420955][ T7016] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 90.420969][ T7016] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000040 [ 90.420978][ T7016] RDX: 0000000080000400 RSI: 0000000000000000 RDI: 0000000080000640 [ 90.420987][ T7016] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 90.420995][ T7016] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 90.421003][ T7016] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 90.421021][ T7016] [ 90.551540][ T7022] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3738224872 (478492783616 ns) > initial count (91121186304 ns). Using initial count to start timer. [ 90.617629][ T7022] netlink: 48 bytes leftover after parsing attributes in process `syz.1.281'. [ 92.264704][ T1488] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 92.325867][ T7077] netlink: 84 bytes leftover after parsing attributes in process `syz.2.299'. [ 92.494459][ T1488] usb 8-1: Using ep0 maxpacket: 8 [ 92.497243][ T1488] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 92.499430][ T1488] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 92.502551][ T1488] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 92.505885][ T1488] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 92.507045][ T7084] [ 92.509005][ T1488] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 92.509690][ T7084] ====================================================== [ 92.513559][ T1488] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 92.514790][ T7084] WARNING: possible circular locking dependency detected [ 92.514798][ T7084] 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0 Not tainted [ 92.514806][ T7084] ------------------------------------------------------ [ 92.514809][ T7084] syz.0.302/7084 is trying to acquire lock: [ 92.514815][ T7084] ffffffff8fef7d68 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x2158/0x4520 [ 92.514861][ T7084] [ 92.514861][ T7084] but task is already holding lock: [ 92.514864][ T7084] ffff88806d360aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x101/0xa00 [ 92.514925][ T7084] [ 92.514925][ T7084] which lock already depends on the new lock. [ 92.514925][ T7084] [ 92.514928][ T7084] [ 92.514928][ T7084] the existing dependency chain (in reverse order) is: [ 92.514932][ T7084] [ 92.514932][ T7084] -> #3 [ 92.517248][ T1488] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 92.518963][ T7084] (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 92.518985][ T7084] __mutex_lock+0x19b/0xb10 [ 92.522343][ T1488] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 92.524780][ T7084] smc_switch_to_fallback+0x2d/0xa00 [ 92.524804][ T7084] smc_sendmsg+0x13d/0x520 [ 92.524817][ T7084] __sys_sendto+0x488/0x4f0 [ 92.524830][ T7084] __ia32_sys_sendto+0xdd/0x1b0 [ 92.524842][ T7084] __do_fast_syscall_32+0x73/0x120 [ 92.526516][ T1488] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 92.529000][ T7084] do_fast_syscall_32+0x32/0x80 [ 92.529016][ T7084] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 92.531131][ T1488] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 92.534127][ T7084] [ 92.534127][ T7084] -> #2 (sk_lock-AF_INET){+.+.}-{0:0}: [ 92.534162][ T7084] lock_sock_nested+0x3a/0xf0 [ 92.545542][ T1488] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 92.546160][ T7084] sock_set_reuseaddr+0x17/0x60 [ 92.546180][ T7084] siw_create_listen+0xa07/0x1370 [ 92.547734][ T1488] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 92.550809][ T7084] iw_cm_listen+0x16a/0x1f0 [ 92.552605][ T1488] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 92.553916][ T7084] rdma_listen+0x7ef/0xe30 [ 92.553933][ T7084] cma_listen_on_dev+0x4dc/0x810 [ 92.553944][ T7084] cma_add_one+0x78b/0xdd0 [ 92.555528][ T1488] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 92.556940][ T7084] add_client_context+0x3dd/0x590 [ 92.558572][ T1488] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 92.561278][ T7084] enable_device_and_get+0x1d5/0x3f0 [ 92.561304][ T7084] ib_register_device+0x880/0xdf0 [ 92.561318][ T7084] siw_newlink+0xb60/0xd70 [ 92.600142][ T7084] nldev_newlink+0x38e/0x660 [ 92.601529][ T7084] rdma_nl_rcv_msg+0x388/0x6e0 [ 92.602980][ T7084] rdma_nl_rcv_skb.constprop.0.isra.0+0x2e6/0x450 [ 92.604853][ T7084] netlink_unicast+0x53c/0x7f0 [ 92.606298][ T7084] netlink_sendmsg+0x8b8/0xd70 [ 92.607734][ T7084] ____sys_sendmsg+0xaaf/0xc90 [ 92.609150][ T7084] ___sys_sendmsg+0x135/0x1e0 [ 92.610561][ T7084] __sys_sendmsg+0x16e/0x220 [ 92.611956][ T7084] __do_fast_syscall_32+0x73/0x120 [ 92.613506][ T7084] do_fast_syscall_32+0x32/0x80 [ 92.614944][ T7084] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 92.616830][ T7084] [ 92.616830][ T7084] -> #1 (lock#8){+.+.}-{4:4}: [ 92.618659][ T7084] __mutex_lock+0x19b/0xb10 [ 92.620039][ T7084] cma_init+0x1d/0x150 [ 92.621383][ T7084] do_one_initcall+0x128/0x700 [ 92.622832][ T7084] kernel_init_freeable+0x5c7/0x900 [ 92.624440][ T7084] kernel_init+0x1c/0x2b0 [ 92.625783][ T7084] ret_from_fork+0x45/0x80 [ 92.627130][ T7084] ret_from_fork_asm+0x1a/0x30 [ 92.628573][ T7084] [ 92.628573][ T7084] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 92.630502][ T7084] __lock_acquire+0x249e/0x3c40 [ 92.631942][ T7084] lock_acquire.part.0+0x11b/0x380 [ 92.633485][ T7084] __mutex_lock+0x19b/0xb10 [ 92.634873][ T7084] do_ipv6_setsockopt+0x2158/0x4520 [ 92.636427][ T7084] ipv6_setsockopt+0xcb/0x170 [ 92.637852][ T7084] tcp_setsockopt+0xa4/0x100 [ 92.639282][ T7084] smc_setsockopt+0x1b4/0xa00 [ 92.640714][ T7084] do_sock_setsockopt+0x222/0x480 [ 92.642234][ T7084] __sys_setsockopt+0x1a0/0x230 [ 92.643735][ T7084] __ia32_sys_setsockopt+0xbc/0x160 [ 92.645268][ T7084] __do_fast_syscall_32+0x73/0x120 [ 92.646795][ T7084] do_fast_syscall_32+0x32/0x80 [ 92.648254][ T7084] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 92.650150][ T7084] [ 92.650150][ T7084] other info that might help us debug this: [ 92.650150][ T7084] [ 92.652951][ T7084] Chain exists of: [ 92.652951][ T7084] rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock [ 92.652951][ T7084] [ 92.656640][ T7084] Possible unsafe locking scenario: [ 92.656640][ T7084] [ 92.658678][ T7084] CPU0 CPU1 [ 92.660169][ T7084] ---- ---- [ 92.661651][ T7084] lock(&smc->clcsock_release_lock); [ 92.663141][ T7084] lock(sk_lock-AF_INET); [ 92.665085][ T7084] lock(&smc->clcsock_release_lock); [ 92.667256][ T7084] lock(rtnl_mutex); [ 92.668394][ T7084] [ 92.668394][ T7084] *** DEADLOCK *** [ 92.668394][ T7084] [ 92.670629][ T7084] 1 lock held by syz.0.302/7084: [ 92.672021][ T7084] #0: ffff88806d360aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x101/0xa00 [ 92.674946][ T7084] [ 92.674946][ T7084] stack backtrace: [ 92.676604][ T7084] CPU: 0 UID: 0 PID: 7084 Comm: syz.0.302 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0 [ 92.676617][ T7084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.676623][ T7084] Call Trace: [ 92.676628][ T7084] [ 92.676634][ T7084] dump_stack_lvl+0x116/0x1f0 [ 92.676648][ T7084] print_circular_bug+0x490/0x760 [ 92.676664][ T7084] check_noncircular+0x31a/0x400 [ 92.676678][ T7084] ? __pfx_check_noncircular+0x10/0x10 [ 92.676691][ T7084] ? mark_lock+0xb5/0xc60 [ 92.676704][ T7084] ? __lock_acquire+0xcc5/0x3c40 [ 92.676719][ T7084] ? lockdep_lock+0xc6/0x200 [ 92.676730][ T7084] ? __pfx_lockdep_lock+0x10/0x10 [ 92.676742][ T7084] __lock_acquire+0x249e/0x3c40 [ 92.676758][ T7084] ? __pfx___lock_acquire+0x10/0x10 [ 92.676772][ T7084] ? hlock_class+0x4e/0x130 [ 92.676784][ T7084] lock_acquire.part.0+0x11b/0x380 [ 92.676798][ T7084] ? do_ipv6_setsockopt+0x2158/0x4520 [ 92.676811][ T7084] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 92.676826][ T7084] ? rcu_is_watching+0x12/0xc0 [ 92.676838][ T7084] ? trace_lock_acquire+0x14e/0x1f0 [ 92.676849][ T7084] ? __pfx___lock_acquire+0x10/0x10 [ 92.676863][ T7084] ? do_ipv6_setsockopt+0x2158/0x4520 [ 92.676874][ T7084] ? lock_acquire+0x2f/0xb0 [ 92.676887][ T7084] ? do_ipv6_setsockopt+0x2158/0x4520 [ 92.676899][ T7084] __mutex_lock+0x19b/0xb10 [ 92.676911][ T7084] ? do_ipv6_setsockopt+0x2158/0x4520 [ 92.676923][ T7084] ? do_ipv6_setsockopt+0x2158/0x4520 [ 92.676934][ T7084] ? __pfx___mutex_lock+0x10/0x10 [ 92.676945][ T7084] ? __pfx_lock_release+0x10/0x10 [ 92.676959][ T7084] ? trace_lock_acquire+0x14e/0x1f0 [ 92.676972][ T7084] ? __might_fault+0xe3/0x190 [ 92.676984][ T7084] ? do_ipv6_setsockopt+0x2158/0x4520 [ 92.676995][ T7084] ? rtnl_lock+0x9/0x20 [ 92.677011][ T7084] do_ipv6_setsockopt+0x2158/0x4520 [ 92.677024][ T7084] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 92.677037][ T7084] ? lock_acquire.part.0+0x11b/0x380 [ 92.677053][ T7084] ? __mutex_trylock_common+0xea/0x250 [ 92.677097][ T7084] ? __pfx___mutex_trylock_common+0x10/0x10 [ 92.677112][ T7084] ? smc_setsockopt+0x101/0xa00 [ 92.677126][ T7084] ? rcu_is_watching+0x12/0xc0 [ 92.677136][ T7084] ? trace_contention_end+0xee/0x140 [ 92.677151][ T7084] ? __mutex_lock+0x1cc/0xb10 [ 92.677162][ T7084] ? __pfx___futex_wait+0x10/0x10 [ 92.677179][ T7084] ? smc_setsockopt+0x101/0xa00 [ 92.677191][ T7084] ? try_to_wake_up+0x158/0x1490 [ 92.677206][ T7084] ? __pfx___mutex_lock+0x10/0x10 [ 92.677219][ T7084] ? ipv6_setsockopt+0xcb/0x170 [ 92.677229][ T7084] ipv6_setsockopt+0xcb/0x170 [ 92.677241][ T7084] tcp_setsockopt+0xa4/0x100 [ 92.677252][ T7084] smc_setsockopt+0x1b4/0xa00 [ 92.677265][ T7084] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 92.677282][ T7084] ? __pfx_smc_setsockopt+0x10/0x10 [ 92.677296][ T7084] ? find_held_lock+0x2d/0x110 [ 92.677307][ T7084] ? __pfx_smc_setsockopt+0x10/0x10 [ 92.677320][ T7084] do_sock_setsockopt+0x222/0x480 [ 92.677337][ T7084] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 92.677353][ T7084] ? lock_acquire+0x2f/0xb0 [ 92.677370][ T7084] __sys_setsockopt+0x1a0/0x230 [ 92.677384][ T7084] __ia32_sys_setsockopt+0xbc/0x160 [ 92.677398][ T7084] ? lockdep_hardirqs_on+0x7c/0x110 [ 92.677412][ T7084] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 92.677425][ T7084] __do_fast_syscall_32+0x73/0x120 [ 92.677438][ T7084] do_fast_syscall_32+0x32/0x80 [ 92.677450][ T7084] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 92.677469][ T7084] RIP: 0023:0xf7f86579 [ 92.677477][ T7084] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 92.677487][ T7084] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 92.677497][ T7084] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000000029 [ 92.677503][ T7084] RDX: 0000000000000015 RSI: 0000000080000040 RDI: 0000000000000014 [ 92.677509][ T7084] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 92.677514][ T7084] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 92.677520][ T7084] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 92.677528][ T7084] [ 92.803104][ T1488] usb 8-1: language id specifier not provided by device, defaulting to English [ 92.806800][ T1488] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 92.809344][ T1488] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 92.811522][ T1488] usb 8-1: Product: syz [ 92.812793][ T1488] usb 8-1: Manufacturer: syz [ 92.814176][ T1488] usb 8-1: SerialNumber: syz [ 93.177712][ T1488] adutux 8-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 93.180972][ T1488] usb 8-1: USB disconnect, device number 7 VM DIAGNOSIS: 08:24:25 Registers: info registers vcpu 0 CPU#0 RAX=000000000006f62c RBX=000000000000001f RCX=ffffc9000c402000 RDX=0000000000080000 RSI=ffffffff8199a946 RDI=0000000000000001 RBP=1ffff9200073ee46 RSP=ffffc900039f7220 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=3a474e494e524157 R12=0000000000000001 R13=0000000000000000 R14=ffff888022f54880 R15=ffffc900039f72e8 RIP=ffffffff8199a948 RFL=00000083 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c2c14a1 CR3=000000006abc6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff853e3d85 RDI=ffffffff9ab6be20 RBP=ffffffff9ab6bde0 RSP=ffffc90007a2f040 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e34312e36 R12=0000000000000000 R13=0000000000000030 R14=ffffffff9ab6bde0 R15=0000000000000000 RIP=ffffffff853e3daf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c432d96 CR3=000000004edf0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=ffffc900071c0000 RBX=ffff888022c90000 RCX=ffffffff819adca7 RDX=1ffff1100459224d RSI=ffffffff8684c16f RDI=0000000000000016 RBP=0000000000000080 RSP=ffffc90000548eb8 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=ffffc90000548ff8 R12=0000000000000000 R13=dffffc0000000000 R14=ffff888022c91268 R15=0000000000000000 RIP=ffffffff8684c197 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffdff820fc4 CR3=000000004a98c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73dcff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000092e14 RBX=0000000000000003 RCX=ffffffff8b54f469 RDX=ffffed10056e6f86 RSI=ffffffff8bd34300 RDI=ffffffff81907269 RBP=ffffed1003772488 RSP=ffffc9000049fe08 R8 =0000000000000000 R9 =ffffed10056e6f85 R10=ffff88802b737c2b R11=0000000000000000 R12=0000000000000003 R13=ffff88801bb92440 R14=ffffffff90626510 R15=0000000000000000 RIP=ffffffff8b55084f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f71dd800 CR3=000000004a184000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000