Warning: Permanently added '10.128.0.245' (ECDSA) to the list of known hosts. 2021/01/20 22:47:55 fuzzer started 2021/01/20 22:47:56 dialing manager at 10.128.0.105:38545 2021/01/20 22:47:56 syscalls: 3465 2021/01/20 22:47:56 code coverage: enabled 2021/01/20 22:47:56 comparison tracing: enabled 2021/01/20 22:47:56 extra coverage: enabled 2021/01/20 22:47:56 setuid sandbox: enabled 2021/01/20 22:47:56 namespace sandbox: enabled 2021/01/20 22:47:56 Android sandbox: /sys/fs/selinux/policy does not exist 2021/01/20 22:47:56 fault injection: enabled 2021/01/20 22:47:56 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/01/20 22:47:56 net packet injection: enabled 2021/01/20 22:47:56 net device setup: enabled 2021/01/20 22:47:56 concurrency sanitizer: enabled 2021/01/20 22:47:56 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/01/20 22:47:56 USB emulation: enabled 2021/01/20 22:47:56 hci packet injection: enabled 2021/01/20 22:47:56 wifi device emulation: enabled 2021/01/20 22:47:58 suppressing KCSAN reports in functions: 'complete_signal' 'blk_mq_rq_ctx_init' '__mod_timer' 'wg_packet_decrypt_worker' 'ext4_ext_try_to_merge_right' '__xa_clear_mark' 'pcpu_alloc' 'shmem_file_read_iter' '__ext4_new_inode' 'generic_write_end' 'wbt_issue' 'do_sys_poll' 'io_cancel_task_cb' 'blk_mq_do_dispatch_sched' '__add_to_page_cache_locked' 'futex_wait_queue_me' 'n_tty_receive_buf_common' 'dd_has_work' 'xas_find_marked' '_prb_read_valid' 'blk_mq_sched_dispatch_requests' 'do_signal_stop' 'ext4_free_inode' 'blk_mq_dispatch_rq_list' 'ext4_writepages' 'ext4_free_inodes_count' '__d_lookup_done' '__filemap_fdatawrite_range' 'alloc_pid' 'find_get_pages_range_tag' 'isolate_migratepages_block' '__io_cqring_fill_event' 'kauditd_thread' 2021/01/20 22:47:58 fetching corpus: 0, signal 0/2000 (executing program) 2021/01/20 22:47:58 fetching corpus: 38, signal 20770/24551 (executing program) 2021/01/20 22:47:58 fetching corpus: 88, signal 35537/40997 (executing program) 2021/01/20 22:47:58 fetching corpus: 138, signal 46114/53175 (executing program) 2021/01/20 22:47:58 fetching corpus: 188, signal 53422/62064 (executing program) 2021/01/20 22:47:58 fetching corpus: 238, signal 63385/73434 (executing program) 2021/01/20 22:47:58 fetching corpus: 287, signal 69046/80556 (executing program) 2021/01/20 22:47:59 fetching corpus: 337, signal 76973/89786 (executing program) 2021/01/20 22:47:59 fetching corpus: 387, signal 85804/99838 (executing program) 2021/01/20 22:47:59 fetching corpus: 437, signal 90306/105654 (executing program) 2021/01/20 22:47:59 fetching corpus: 487, signal 94718/111310 (executing program) 2021/01/20 22:47:59 fetching corpus: 537, signal 100272/118008 (executing program) 2021/01/20 22:47:59 fetching corpus: 586, signal 104050/122982 (executing program) 2021/01/20 22:47:59 fetching corpus: 635, signal 107883/127979 (executing program) 2021/01/20 22:47:59 fetching corpus: 685, signal 110950/132192 (executing program) 2021/01/20 22:47:59 fetching corpus: 735, signal 115348/137623 (executing program) 2021/01/20 22:47:59 fetching corpus: 785, signal 119328/142631 (executing program) 2021/01/20 22:47:59 fetching corpus: 835, signal 125007/149141 (executing program) 2021/01/20 22:47:59 fetching corpus: 883, signal 129015/154071 (executing program) 2021/01/20 22:48:00 fetching corpus: 933, signal 133172/159129 (executing program) 2021/01/20 22:48:00 fetching corpus: 983, signal 135627/162563 (executing program) 2021/01/20 22:48:00 fetching corpus: 1033, signal 139659/167434 (executing program) 2021/01/20 22:48:00 fetching corpus: 1082, signal 144006/172542 (executing program) 2021/01/20 22:48:00 fetching corpus: 1131, signal 148879/178040 (executing program) 2021/01/20 22:48:00 fetching corpus: 1180, signal 151514/181537 (executing program) 2021/01/20 22:48:00 fetching corpus: 1229, signal 155171/185906 (executing program) 2021/01/20 22:48:00 fetching corpus: 1279, signal 158042/189519 (executing program) 2021/01/20 22:48:00 fetching corpus: 1327, signal 160417/192724 (executing program) 2021/01/20 22:48:00 fetching corpus: 1377, signal 163508/196498 (executing program) 2021/01/20 22:48:00 fetching corpus: 1427, signal 165089/198944 (executing program) 2021/01/20 22:48:01 fetching corpus: 1475, signal 168485/202911 (executing program) 2021/01/20 22:48:01 fetching corpus: 1525, signal 170288/205489 (executing program) 2021/01/20 22:48:01 fetching corpus: 1574, signal 172029/207960 (executing program) 2021/01/20 22:48:01 fetching corpus: 1624, signal 174030/210738 (executing program) 2021/01/20 22:48:01 fetching corpus: 1674, signal 175961/213373 (executing program) 2021/01/20 22:48:01 fetching corpus: 1724, signal 177793/215939 (executing program) 2021/01/20 22:48:01 fetching corpus: 1774, signal 179902/218691 (executing program) 2021/01/20 22:48:01 fetching corpus: 1823, signal 182852/222084 (executing program) 2021/01/20 22:48:01 fetching corpus: 1873, signal 185534/225223 (executing program) 2021/01/20 22:48:01 fetching corpus: 1922, signal 188163/228272 (executing program) 2021/01/20 22:48:02 fetching corpus: 1972, signal 190618/231187 (executing program) 2021/01/20 22:48:02 fetching corpus: 2021, signal 192185/233441 (executing program) 2021/01/20 22:48:02 fetching corpus: 2071, signal 195161/236742 (executing program) 2021/01/20 22:48:02 fetching corpus: 2121, signal 197033/239216 (executing program) 2021/01/20 22:48:02 fetching corpus: 2169, signal 198572/241311 (executing program) 2021/01/20 22:48:02 fetching corpus: 2218, signal 200132/243454 (executing program) 2021/01/20 22:48:02 fetching corpus: 2266, signal 201490/245442 (executing program) 2021/01/20 22:48:02 fetching corpus: 2316, signal 202849/247373 (executing program) 2021/01/20 22:48:02 fetching corpus: 2366, signal 204481/249513 (executing program) 2021/01/20 22:48:02 fetching corpus: 2415, signal 205702/251322 (executing program) 2021/01/20 22:48:02 fetching corpus: 2465, signal 208022/253907 (executing program) 2021/01/20 22:48:02 fetching corpus: 2515, signal 209253/255682 (executing program) 2021/01/20 22:48:02 fetching corpus: 2565, signal 210587/257542 (executing program) 2021/01/20 22:48:03 fetching corpus: 2615, signal 212257/259635 (executing program) 2021/01/20 22:48:03 fetching corpus: 2665, signal 214006/261788 (executing program) 2021/01/20 22:48:03 fetching corpus: 2714, signal 215249/263523 (executing program) 2021/01/20 22:48:03 fetching corpus: 2764, signal 216562/265265 (executing program) 2021/01/20 22:48:03 fetching corpus: 2814, signal 218403/267435 (executing program) 2021/01/20 22:48:03 fetching corpus: 2864, signal 219773/269259 (executing program) 2021/01/20 22:48:03 fetching corpus: 2914, signal 221090/270945 (executing program) 2021/01/20 22:48:03 fetching corpus: 2964, signal 222894/272976 (executing program) 2021/01/20 22:48:03 fetching corpus: 3014, signal 224331/274793 (executing program) 2021/01/20 22:48:03 fetching corpus: 3064, signal 226367/276970 (executing program) 2021/01/20 22:48:03 fetching corpus: 3114, signal 228049/278912 (executing program) 2021/01/20 22:48:03 fetching corpus: 3163, signal 229424/280606 (executing program) 2021/01/20 22:48:03 fetching corpus: 3212, signal 231096/282445 (executing program) 2021/01/20 22:48:03 fetching corpus: 3260, signal 232396/284050 (executing program) 2021/01/20 22:48:04 fetching corpus: 3310, signal 233617/285610 (executing program) 2021/01/20 22:48:04 fetching corpus: 3360, signal 234985/287200 (executing program) 2021/01/20 22:48:04 fetching corpus: 3410, signal 236301/288766 (executing program) 2021/01/20 22:48:04 fetching corpus: 3460, signal 237362/290148 (executing program) 2021/01/20 22:48:04 fetching corpus: 3509, signal 239451/292276 (executing program) 2021/01/20 22:48:04 fetching corpus: 3559, signal 240714/293759 (executing program) 2021/01/20 22:48:04 fetching corpus: 3608, signal 242201/295383 (executing program) 2021/01/20 22:48:04 fetching corpus: 3657, signal 243841/297016 (executing program) 2021/01/20 22:48:04 fetching corpus: 3706, signal 244991/298442 (executing program) 2021/01/20 22:48:04 fetching corpus: 3756, signal 245917/299685 (executing program) 2021/01/20 22:48:04 fetching corpus: 3806, signal 247138/301098 (executing program) 2021/01/20 22:48:04 fetching corpus: 3856, signal 248591/302622 (executing program) 2021/01/20 22:48:04 fetching corpus: 3906, signal 249744/303978 (executing program) 2021/01/20 22:48:04 fetching corpus: 3956, signal 250934/305301 (executing program) 2021/01/20 22:48:05 fetching corpus: 4005, signal 252675/306915 (executing program) 2021/01/20 22:48:05 fetching corpus: 4055, signal 253586/308109 (executing program) 2021/01/20 22:48:05 fetching corpus: 4105, signal 254643/309325 (executing program) 2021/01/20 22:48:05 fetching corpus: 4155, signal 255877/310705 (executing program) 2021/01/20 22:48:05 fetching corpus: 4205, signal 257315/312146 (executing program) 2021/01/20 22:48:05 fetching corpus: 4254, signal 258534/313460 (executing program) 2021/01/20 22:48:05 fetching corpus: 4304, signal 259619/314641 (executing program) 2021/01/20 22:48:05 fetching corpus: 4354, signal 260596/315805 (executing program) 2021/01/20 22:48:05 fetching corpus: 4404, signal 261596/316978 (executing program) 2021/01/20 22:48:05 fetching corpus: 4452, signal 262652/318141 (executing program) 2021/01/20 22:48:05 fetching corpus: 4502, signal 263910/319423 (executing program) 2021/01/20 22:48:05 fetching corpus: 4550, signal 264587/320358 (executing program) 2021/01/20 22:48:05 fetching corpus: 4600, signal 266104/321723 (executing program) 2021/01/20 22:48:06 fetching corpus: 4649, signal 267122/322820 (executing program) 2021/01/20 22:48:06 fetching corpus: 4699, signal 268250/323981 (executing program) 2021/01/20 22:48:06 fetching corpus: 4749, signal 269256/325098 (executing program) 2021/01/20 22:48:06 fetching corpus: 4799, signal 270546/326322 (executing program) 2021/01/20 22:48:06 fetching corpus: 4848, signal 271450/327271 (executing program) 2021/01/20 22:48:06 fetching corpus: 4897, signal 272242/328244 (executing program) 2021/01/20 22:48:06 fetching corpus: 4947, signal 273328/329296 (executing program) 2021/01/20 22:48:06 fetching corpus: 4996, signal 274383/330339 (executing program) 2021/01/20 22:48:06 fetching corpus: 5046, signal 275377/331314 (executing program) 2021/01/20 22:48:06 fetching corpus: 5095, signal 276548/332367 (executing program) 2021/01/20 22:48:06 fetching corpus: 5145, signal 277575/333319 (executing program) 2021/01/20 22:48:06 fetching corpus: 5195, signal 278974/334466 (executing program) 2021/01/20 22:48:06 fetching corpus: 5245, signal 280008/335422 (executing program) 2021/01/20 22:48:06 fetching corpus: 5295, signal 281126/336400 (executing program) 2021/01/20 22:48:06 fetching corpus: 5345, signal 282276/337389 (executing program) 2021/01/20 22:48:07 fetching corpus: 5395, signal 283210/338332 (executing program) 2021/01/20 22:48:07 fetching corpus: 5445, signal 284134/339202 (executing program) 2021/01/20 22:48:07 fetching corpus: 5495, signal 285145/340112 (executing program) 2021/01/20 22:48:07 fetching corpus: 5545, signal 286104/340997 (executing program) 2021/01/20 22:48:07 fetching corpus: 5594, signal 287017/341790 (executing program) 2021/01/20 22:48:07 fetching corpus: 5644, signal 287661/342510 (executing program) 2021/01/20 22:48:07 fetching corpus: 5694, signal 288703/343367 (executing program) 2021/01/20 22:48:07 fetching corpus: 5744, signal 289535/344164 (executing program) 2021/01/20 22:48:07 fetching corpus: 5794, signal 290564/345033 (executing program) 2021/01/20 22:48:07 fetching corpus: 5844, signal 291399/345818 (executing program) 2021/01/20 22:48:07 fetching corpus: 5894, signal 292496/346663 (executing program) 2021/01/20 22:48:07 fetching corpus: 5943, signal 293493/347478 (executing program) 2021/01/20 22:48:07 fetching corpus: 5993, signal 294269/348234 (executing program) 2021/01/20 22:48:07 fetching corpus: 6043, signal 295041/348931 (executing program) 2021/01/20 22:48:07 fetching corpus: 6093, signal 295785/349643 (executing program) 2021/01/20 22:48:08 fetching corpus: 6143, signal 296631/350347 (executing program) 2021/01/20 22:48:08 fetching corpus: 6192, signal 297195/350985 (executing program) 2021/01/20 22:48:08 fetching corpus: 6242, signal 297879/351662 (executing program) 2021/01/20 22:48:08 fetching corpus: 6292, signal 298864/352408 (executing program) 2021/01/20 22:48:08 fetching corpus: 6342, signal 299448/353006 (executing program) 2021/01/20 22:48:08 fetching corpus: 6392, signal 300213/353641 (executing program) 2021/01/20 22:48:08 fetching corpus: 6441, signal 300833/354265 (executing program) 2021/01/20 22:48:08 fetching corpus: 6488, signal 301771/354986 (executing program) 2021/01/20 22:48:08 fetching corpus: 6538, signal 302387/355562 (executing program) 2021/01/20 22:48:08 fetching corpus: 6588, signal 303144/356243 (executing program) 2021/01/20 22:48:08 fetching corpus: 6638, signal 303868/356874 (executing program) 2021/01/20 22:48:09 fetching corpus: 6688, signal 304588/357508 (executing program) 2021/01/20 22:48:09 fetching corpus: 6737, signal 306380/358397 (executing program) 2021/01/20 22:48:09 fetching corpus: 6787, signal 307222/359051 (executing program) 2021/01/20 22:48:09 fetching corpus: 6837, signal 307690/359526 (executing program) 2021/01/20 22:48:09 fetching corpus: 6887, signal 308204/360003 (executing program) 2021/01/20 22:48:09 fetching corpus: 6937, signal 308884/360534 (executing program) 2021/01/20 22:48:09 fetching corpus: 6987, signal 310051/361197 (executing program) 2021/01/20 22:48:09 fetching corpus: 7036, signal 310708/361734 (executing program) 2021/01/20 22:48:09 fetching corpus: 7086, signal 311883/362345 (executing program) 2021/01/20 22:48:09 fetching corpus: 7136, signal 312447/362826 (executing program) 2021/01/20 22:48:09 fetching corpus: 7186, signal 313388/363380 (executing program) 2021/01/20 22:48:09 fetching corpus: 7236, signal 314274/363911 (executing program) 2021/01/20 22:48:09 fetching corpus: 7286, signal 315260/364444 (executing program) 2021/01/20 22:48:09 fetching corpus: 7336, signal 315905/364956 (executing program) 2021/01/20 22:48:09 fetching corpus: 7386, signal 316508/365418 (executing program) 2021/01/20 22:48:10 fetching corpus: 7435, signal 317483/365932 (executing program) 2021/01/20 22:48:10 fetching corpus: 7485, signal 318303/366388 (executing program) 2021/01/20 22:48:10 fetching corpus: 7535, signal 318985/366847 (executing program) 2021/01/20 22:48:10 fetching corpus: 7585, signal 319817/367311 (executing program) 2021/01/20 22:48:10 fetching corpus: 7634, signal 320477/367772 (executing program) 2021/01/20 22:48:10 fetching corpus: 7684, signal 321546/368248 (executing program) 2021/01/20 22:48:10 fetching corpus: 7734, signal 322181/368634 (executing program) 2021/01/20 22:48:10 fetching corpus: 7783, signal 323002/369096 (executing program) 2021/01/20 22:48:10 fetching corpus: 7832, signal 323843/369516 (executing program) 2021/01/20 22:48:10 fetching corpus: 7882, signal 324876/369951 (executing program) 2021/01/20 22:48:10 fetching corpus: 7932, signal 325336/370317 (executing program) 2021/01/20 22:48:10 fetching corpus: 7982, signal 325894/370651 (executing program) 2021/01/20 22:48:10 fetching corpus: 8032, signal 326490/370969 (executing program) 2021/01/20 22:48:10 fetching corpus: 8082, signal 327028/371300 (executing program) 2021/01/20 22:48:11 fetching corpus: 8132, signal 327519/371637 (executing program) 2021/01/20 22:48:11 fetching corpus: 8178, signal 328182/372016 (executing program) 2021/01/20 22:48:11 fetching corpus: 8228, signal 328734/372336 (executing program) 2021/01/20 22:48:11 fetching corpus: 8278, signal 329263/372640 (executing program) 2021/01/20 22:48:11 fetching corpus: 8328, signal 330213/372980 (executing program) 2021/01/20 22:48:11 fetching corpus: 8378, signal 330816/373275 (executing program) 2021/01/20 22:48:11 fetching corpus: 8428, signal 331519/373635 (executing program) 2021/01/20 22:48:11 fetching corpus: 8477, signal 332270/373929 (executing program) 2021/01/20 22:48:11 fetching corpus: 8527, signal 332874/374209 (executing program) 2021/01/20 22:48:12 fetching corpus: 8577, signal 333601/374524 (executing program) 2021/01/20 22:48:12 fetching corpus: 8627, signal 334273/374803 (executing program) 2021/01/20 22:48:12 fetching corpus: 8677, signal 334961/375084 (executing program) 2021/01/20 22:48:12 fetching corpus: 8727, signal 335555/375356 (executing program) 2021/01/20 22:48:12 fetching corpus: 8776, signal 336344/375648 (executing program) 2021/01/20 22:48:12 fetching corpus: 8826, signal 337042/375902 (executing program) 2021/01/20 22:48:12 fetching corpus: 8876, signal 337855/376160 (executing program) 2021/01/20 22:48:12 fetching corpus: 8925, signal 338978/376432 (executing program) 2021/01/20 22:48:12 fetching corpus: 8973, signal 339553/376676 (executing program) 2021/01/20 22:48:12 fetching corpus: 9023, signal 340314/376882 (executing program) 2021/01/20 22:48:12 fetching corpus: 9073, signal 340907/377091 (executing program) 2021/01/20 22:48:12 fetching corpus: 9123, signal 341346/377296 (executing program) 2021/01/20 22:48:12 fetching corpus: 9173, signal 341995/377506 (executing program) 2021/01/20 22:48:12 fetching corpus: 9223, signal 342866/377707 (executing program) 2021/01/20 22:48:13 fetching corpus: 9273, signal 344237/377909 (executing program) 2021/01/20 22:48:13 fetching corpus: 9323, signal 344840/378088 (executing program) 2021/01/20 22:48:13 fetching corpus: 9373, signal 345500/378088 (executing program) 2021/01/20 22:48:13 fetching corpus: 9423, signal 346110/378088 (executing program) 2021/01/20 22:48:13 fetching corpus: 9473, signal 347059/378088 (executing program) 2021/01/20 22:48:13 fetching corpus: 9523, signal 347685/378094 (executing program) 2021/01/20 22:48:13 fetching corpus: 9573, signal 348277/378094 (executing program) 2021/01/20 22:48:13 fetching corpus: 9623, signal 348818/378094 (executing program) 2021/01/20 22:48:13 fetching corpus: 9673, signal 349469/378094 (executing program) 2021/01/20 22:48:13 fetching corpus: 9723, signal 350254/378094 (executing program) 2021/01/20 22:48:13 fetching corpus: 9773, signal 351014/378094 (executing program) 2021/01/20 22:48:13 fetching corpus: 9823, signal 351569/378094 (executing program) 2021/01/20 22:48:13 fetching corpus: 9873, signal 352337/378136 (executing program) 2021/01/20 22:48:13 fetching corpus: 9923, signal 352927/378136 (executing program) 2021/01/20 22:48:13 fetching corpus: 9973, signal 353746/378136 (executing program) 2021/01/20 22:48:13 fetching corpus: 10023, signal 354543/378136 (executing program) 2021/01/20 22:48:14 fetching corpus: 10073, signal 355086/378136 (executing program) 2021/01/20 22:48:14 fetching corpus: 10122, signal 355871/378136 (executing program) 2021/01/20 22:48:14 fetching corpus: 10171, signal 356283/378136 (executing program) 2021/01/20 22:48:14 fetching corpus: 10220, signal 357666/378136 (executing program) 2021/01/20 22:48:14 fetching corpus: 10269, signal 358313/378137 (executing program) 2021/01/20 22:48:14 fetching corpus: 10318, signal 359033/378137 (executing program) 2021/01/20 22:48:14 fetching corpus: 10368, signal 359657/378137 (executing program) 2021/01/20 22:48:14 fetching corpus: 10418, signal 360306/378191 (executing program) 2021/01/20 22:48:14 fetching corpus: 10468, signal 361387/378191 (executing program) 2021/01/20 22:48:14 fetching corpus: 10518, signal 361983/378191 (executing program) 2021/01/20 22:48:14 fetching corpus: 10568, signal 362436/378191 (executing program) 2021/01/20 22:48:14 fetching corpus: 10618, signal 362937/378191 (executing program) 2021/01/20 22:48:15 fetching corpus: 10668, signal 363765/378191 (executing program) 2021/01/20 22:48:15 fetching corpus: 10718, signal 364397/378191 (executing program) 2021/01/20 22:48:15 fetching corpus: 10768, signal 364783/378194 (executing program) 2021/01/20 22:48:15 fetching corpus: 10817, signal 365378/378228 (executing program) 2021/01/20 22:48:15 fetching corpus: 10867, signal 365943/378228 (executing program) 2021/01/20 22:48:15 fetching corpus: 10917, signal 366676/378228 (executing program) 2021/01/20 22:48:15 fetching corpus: 10967, signal 367343/378228 (executing program) 2021/01/20 22:48:15 fetching corpus: 11017, signal 368180/378228 (executing program) 2021/01/20 22:48:15 fetching corpus: 11067, signal 369516/378228 (executing program) 2021/01/20 22:48:16 fetching corpus: 11117, signal 370110/378228 (executing program) 2021/01/20 22:48:16 fetching corpus: 11167, signal 370488/378228 (executing program) 2021/01/20 22:48:16 fetching corpus: 11217, signal 370958/378228 (executing program) 2021/01/20 22:48:16 fetching corpus: 11266, signal 371773/378228 (executing program) 2021/01/20 22:48:16 fetching corpus: 11316, signal 372336/378228 (executing program) 2021/01/20 22:48:16 fetching corpus: 11366, signal 373134/378228 (executing program) 2021/01/20 22:48:16 fetching corpus: 11416, signal 373696/378228 (executing program) 2021/01/20 22:48:16 fetching corpus: 11466, signal 374100/378228 (executing program) 2021/01/20 22:48:16 fetching corpus: 11516, signal 375025/378228 (executing program) 2021/01/20 22:48:16 fetching corpus: 11526, signal 375136/378228 (executing program) 2021/01/20 22:48:16 fetching corpus: 11526, signal 375136/378228 (executing program) 2021/01/20 22:48:18 starting 6 fuzzer processes 22:48:18 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/dev\x00') read$FUSE(r2, &(0x7f00000020c0)={0x2020}, 0x2020) 22:48:18 executing program 1: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000002c0)={{}, 0x0, 0x3}) writev(r1, &(0x7f0000000080)=[{&(0x7f00000000c0)="580000001500ad", 0x7}], 0x1) write$binfmt_elf64(r1, &(0x7f0000000300)=ANY=[], 0xa) close(r2) socket(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) writev(r1, &(0x7f0000000600)=[{&(0x7f0000000380)="f88ac693ce6908", 0x7}], 0x1) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="5c010000100013070000000000000000e0000001000000000000000000000000ff01000000000000000000000000000100000000000000000000040000000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="f0000000000000000000ffff7f0000010000000032000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000d20000000000000048000200656362286369706865725f6e756c6c29000000ffff7ff7000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000240017"], 0x4}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfef0) splice(r0, 0x0, r2, 0x0, 0x80000001, 0x0) 22:48:19 executing program 2: r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r2 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$setperm(0x5, r2, 0x202002) keyctl$chown(0x4, r2, r1, 0x0) keyctl$link(0x8, r2, 0xfffffffffffffffd) 22:48:19 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RWALK(r0, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0x12) perf_event_open(&(0x7f0000000080)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x6}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$P9_RREADDIR(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="c61d"], 0x2) mmap$perf(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x0, 0x412, r0, 0x0) 22:48:19 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000003000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000, 0x40240}) ioctl$BTRFS_IOC_DEV_REPLACE(0xffffffffffffffff, 0xca289435, 0x0) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f00000006c0)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, @struct, 0x0, 0x0, [0x0, 0x0, 0x9, 0x6]}, {0x0, @usage, 0x0, 0x4, 0x0, 0xd1, 0x0, 0x1ff, 0x4, @usage, 0x0, 0x0, [0x0, 0x0, 0x0, 0xc93]}, {0xff, @usage, 0x0, 0x0, 0x0, 0x5, 0x0, 0x8, 0xa48, @usage, 0x7, 0x7, [0x0, 0x1, 0x0, 0x6]}, {0x5}}) ioctl$KVM_RUN(r3, 0xae80, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r3, 0x0) ptrace$setregs(0xd, 0x0, 0x8, &(0x7f00000001c0)) 22:48:19 executing program 5: creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) open(0x0, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140)='l2tp\x00') sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x44, r1, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @empty=0x2635}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @dev}]}, 0x44}}, 0x0) syzkaller login: [ 53.618726][ T8448] IPVS: ftp: loaded support on port[0] = 21 [ 53.696461][ T8448] chnl_net:caif_netlink_parms(): no params data found [ 53.725391][ T8448] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.732790][ T8448] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.740148][ T8448] device bridge_slave_0 entered promiscuous mode [ 53.749116][ T8448] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.756827][ T8448] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.765240][ T8448] device bridge_slave_1 entered promiscuous mode [ 53.780336][ T8448] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.791357][ T8448] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.808078][ T8448] team0: Port device team_slave_0 added [ 53.815499][ T8448] team0: Port device team_slave_1 added [ 53.828798][ T8450] IPVS: ftp: loaded support on port[0] = 21 [ 53.831169][ T8448] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.841739][ T8448] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.868101][ T8448] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.880906][ T8448] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.888061][ T8448] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.915713][ T8448] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.973746][ T8448] device hsr_slave_0 entered promiscuous mode [ 53.980813][ T8448] device hsr_slave_1 entered promiscuous mode [ 53.988084][ T8452] IPVS: ftp: loaded support on port[0] = 21 [ 54.064509][ T8450] chnl_net:caif_netlink_parms(): no params data found [ 54.125668][ T8454] IPVS: ftp: loaded support on port[0] = 21 [ 54.137846][ T8452] chnl_net:caif_netlink_parms(): no params data found [ 54.175695][ T8448] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 54.195028][ T8448] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 54.214056][ T8450] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.221123][ T8450] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.231524][ T8450] device bridge_slave_0 entered promiscuous mode [ 54.249003][ T8448] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 54.283425][ T8450] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.290476][ T8450] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.298198][ T8450] device bridge_slave_1 entered promiscuous mode [ 54.305642][ T8448] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 54.339185][ T8452] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.341514][ T8456] IPVS: ftp: loaded support on port[0] = 21 [ 54.353746][ T8452] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.361319][ T8452] device bridge_slave_0 entered promiscuous mode [ 54.370972][ T8452] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.378491][ T8452] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.386914][ T8452] device bridge_slave_1 entered promiscuous mode [ 54.417280][ T8450] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.436193][ T8454] chnl_net:caif_netlink_parms(): no params data found [ 54.452404][ T8458] IPVS: ftp: loaded support on port[0] = 21 [ 54.483946][ T8450] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.499428][ T8448] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.506583][ T8448] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.513914][ T8448] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.520943][ T8448] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.531248][ T8452] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.544518][ T8452] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.572002][ T8450] team0: Port device team_slave_0 added [ 54.599815][ T8450] team0: Port device team_slave_1 added [ 54.634019][ T8452] team0: Port device team_slave_0 added [ 54.649944][ T8454] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.658210][ T8454] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.665897][ T8454] device bridge_slave_0 entered promiscuous mode [ 54.676695][ T8456] chnl_net:caif_netlink_parms(): no params data found [ 54.685727][ T8452] team0: Port device team_slave_1 added [ 54.696610][ T8454] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.703829][ T8454] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.711184][ T8454] device bridge_slave_1 entered promiscuous mode [ 54.718884][ T8450] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.725883][ T8450] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.751923][ T8450] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.770909][ T3755] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.778733][ T3755] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.792544][ T8450] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.799667][ T8450] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.828120][ T8450] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.845563][ T8452] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.853164][ T8452] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.879625][ T8452] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.892499][ T8452] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.899504][ T8452] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.926201][ T8452] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.941612][ T8454] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.971161][ T8454] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.996250][ T8456] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.004958][ T8456] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.012900][ T8456] device bridge_slave_0 entered promiscuous mode [ 55.031436][ T8454] team0: Port device team_slave_0 added [ 55.043387][ T8456] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.050443][ T8456] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.058634][ T8456] device bridge_slave_1 entered promiscuous mode [ 55.066743][ T8450] device hsr_slave_0 entered promiscuous mode [ 55.073698][ T8450] device hsr_slave_1 entered promiscuous mode [ 55.079978][ T8450] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.087700][ T8450] Cannot create hsr debugfs directory [ 55.095054][ T8458] chnl_net:caif_netlink_parms(): no params data found [ 55.107725][ T8452] device hsr_slave_0 entered promiscuous mode [ 55.114342][ T8452] device hsr_slave_1 entered promiscuous mode [ 55.120593][ T8452] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.128251][ T8452] Cannot create hsr debugfs directory [ 55.134295][ T8454] team0: Port device team_slave_1 added [ 55.170191][ T8456] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.190839][ T8454] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.198113][ T8454] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.224244][ T8454] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.236139][ T8456] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.270625][ T8458] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.277847][ T8458] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.285682][ T8458] device bridge_slave_0 entered promiscuous mode [ 55.292848][ T8454] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.299858][ T8454] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.326080][ T8454] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.354351][ T8448] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.365036][ T8458] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.372066][ T8458] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.379788][ T8458] device bridge_slave_1 entered promiscuous mode [ 55.394155][ T8456] team0: Port device team_slave_0 added [ 55.400707][ T8452] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 55.415064][ T8452] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 55.428363][ T8456] team0: Port device team_slave_1 added [ 55.447980][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.455595][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.463204][ T8452] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 55.472246][ T8458] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.483547][ T8454] device hsr_slave_0 entered promiscuous mode [ 55.490010][ T8454] device hsr_slave_1 entered promiscuous mode [ 55.496525][ T8454] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.504538][ T8454] Cannot create hsr debugfs directory [ 55.514889][ T8456] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.521841][ T8456] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.548888][ T8456] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.560212][ T8452] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 55.571591][ T8458] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.590622][ T8458] team0: Port device team_slave_0 added [ 55.596815][ T8456] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.604440][ T8456] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.630512][ T8456] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.643746][ T8448] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.660061][ T8458] team0: Port device team_slave_1 added [ 55.665732][ T4911] Bluetooth: hci0: command 0x0409 tx timeout [ 55.683790][ T8458] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.691059][ T8458] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.717457][ T8458] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.741504][ T8458] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.748555][ T8458] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.774508][ T8458] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.787335][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.796161][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.805382][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.812572][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.820285][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.828724][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.832562][ T4911] Bluetooth: hci1: command 0x0409 tx timeout [ 55.837078][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.849937][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.857776][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 55.872273][ T8450] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 55.888570][ T8456] device hsr_slave_0 entered promiscuous mode [ 55.895253][ T8456] device hsr_slave_1 entered promiscuous mode [ 55.901681][ T8456] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.909363][ T8456] Cannot create hsr debugfs directory [ 55.917109][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 55.925853][ T8450] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 55.937685][ T8450] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 55.949035][ T8450] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 55.968677][ T8458] device hsr_slave_0 entered promiscuous mode [ 55.975517][ T8458] device hsr_slave_1 entered promiscuous mode [ 55.982016][ T8458] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.982731][ T7] Bluetooth: hci2: command 0x0409 tx timeout [ 55.991085][ T8458] Cannot create hsr debugfs directory [ 56.014301][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 56.023057][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.056517][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 56.064678][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 56.072967][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.081561][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 56.090224][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 56.098456][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 56.106815][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 56.116199][ T8448] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 56.126729][ T8454] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 56.142603][ T4911] Bluetooth: hci3: command 0x0409 tx timeout [ 56.163830][ T8454] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 56.177886][ T8454] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 56.187519][ T8454] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 56.200737][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 56.208355][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 56.230394][ T8448] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.256119][ T8456] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 56.265989][ T8456] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 56.296744][ T8456] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 56.303551][ T4598] Bluetooth: hci4: command 0x0409 tx timeout [ 56.332876][ T8456] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 56.342911][ T8452] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.357579][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 56.366109][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 56.392672][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.400841][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.411957][ T8458] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 56.420553][ T8458] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 56.435640][ T8452] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.449878][ T8458] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 56.458273][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 56.466427][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 56.475033][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 56.483771][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 56.492016][ T3646] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.499140][ T3646] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.506895][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 56.515384][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 56.523764][ T3646] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.530771][ T3646] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.538455][ T8448] device veth0_vlan entered promiscuous mode [ 56.544707][ T3646] Bluetooth: hci5: command 0x0409 tx timeout [ 56.550672][ T8448] device veth1_vlan entered promiscuous mode [ 56.563833][ T8450] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.574247][ T8458] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 56.587896][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 56.596696][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 56.604496][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 56.612309][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 56.620307][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 56.628400][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 56.652841][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 56.662051][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 56.672083][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.680687][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 56.690477][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.699171][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 56.709173][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 56.717656][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 56.726188][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 56.734566][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 56.751031][ T8450] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.753881][ T8454] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.754672][ T8452] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 56.761928][ T8454] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.762771][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.763166][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.805718][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.813733][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.826125][ T8448] device veth0_macvtap entered promiscuous mode [ 56.836421][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 56.845011][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 56.855529][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 56.868628][ T8452] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.881724][ T8448] device veth1_macvtap entered promiscuous mode [ 56.890036][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 56.898097][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 56.907300][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 56.915912][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 56.925023][ T9275] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.932030][ T9275] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.939870][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 56.949651][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 56.957973][ T9275] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.965295][ T9275] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.973234][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 56.981623][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 56.989882][ T9275] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.997014][ T9275] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.024734][ T8448] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.032102][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.040449][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.048789][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.057341][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.065886][ T9275] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.072927][ T9275] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.080647][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.089655][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.098555][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.107133][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.115840][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.124465][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.133186][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 57.141647][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 57.150435][ T9275] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.169903][ T8456] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.183082][ T8448] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.195221][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.203509][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.212123][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.220885][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.229703][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.238113][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.246532][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.254934][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.263518][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.271624][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.279959][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 57.288448][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 57.297061][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.310437][ T8450] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.321749][ T8450] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.330952][ T8448] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.340967][ T8448] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.350080][ T8448] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.358968][ T8448] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.374617][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.383943][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.392048][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.399957][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.407934][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 57.416687][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 57.428619][ T8454] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.439804][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.455211][ T8456] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.471673][ T8452] device veth0_vlan entered promiscuous mode [ 57.478324][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.486555][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.494891][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.503359][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.511551][ T4911] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.518608][ T4911] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.526566][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 57.534584][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 57.543312][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.551916][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.560248][ T4911] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.567319][ T4911] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.575013][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.582799][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 57.590620][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 57.614199][ T8458] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.627613][ T8452] device veth1_vlan entered promiscuous mode [ 57.642259][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 57.651583][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.660434][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.669404][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.677874][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.686836][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 57.694396][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 57.701744][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 57.709427][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 57.729984][ T8450] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.742790][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 57.750691][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.758723][ T3646] Bluetooth: hci0: command 0x041b tx timeout [ 57.761019][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.773293][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.781734][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.789727][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.797410][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.805792][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.815458][ T8458] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.834808][ T8454] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.854600][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.863041][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.871411][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.880490][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.889126][ T3646] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.896222][ T3646] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.904377][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.912774][ T9756] Bluetooth: hci1: command 0x041b tx timeout [ 57.912932][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.927044][ T3646] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.934092][ T3646] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.941794][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.951565][ T8456] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.967967][ T3061] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.977394][ T3061] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.004420][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.017794][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 58.025961][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 58.034804][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.043338][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 58.051753][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.065265][ T8452] device veth0_macvtap entered promiscuous mode [ 58.075165][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.082998][ T7] Bluetooth: hci2: command 0x041b tx timeout [ 58.086286][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.103860][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 58.112186][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 58.124088][ T8450] device veth0_vlan entered promiscuous mode [ 58.141814][ T24] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.145548][ T8452] device veth1_macvtap entered promiscuous mode [ 58.150149][ T24] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.158861][ T8456] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.171356][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 58.179431][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 58.187492][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 58.195689][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 58.204323][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.213169][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 58.220930][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 58.228664][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 58.228837][ T3646] Bluetooth: hci3: command 0x041b tx timeout [ 58.244686][ T8454] device veth0_vlan entered promiscuous mode [ 58.266471][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 58.277158][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 58.289726][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.305534][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.314166][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.323357][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.332261][ T8450] device veth1_vlan entered promiscuous mode [ 58.344049][ T8452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 58.355726][ T8452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! 22:48:24 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/dev\x00') read$FUSE(r2, &(0x7f00000020c0)={0x2020}, 0x2020) [ 58.366981][ T8452] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.377737][ T8452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 58.389190][ T8452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.392514][ T34] Bluetooth: hci4: command 0x041b tx timeout [ 58.404539][ T8452] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 58.416541][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 58.428732][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 58.444335][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 58.451967][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.460252][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.468825][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.479260][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 58.489203][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 58.501005][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 58.510532][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 58.528897][ T8458] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 58.542165][ T8458] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.554664][ T8454] device veth1_vlan entered promiscuous mode [ 58.561762][ T8452] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.574672][ T8452] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.586546][ T8452] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.598527][ T8452] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.622599][ T4911] Bluetooth: hci5: command 0x041b tx timeout [ 58.626186][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 58.637757][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 58.646004][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.654561][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.663197][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready 22:48:25 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/dev\x00') read$FUSE(r2, &(0x7f00000020c0)={0x2020}, 0x2020) [ 58.671675][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.692408][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.700065][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.708558][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 58.732849][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 58.766860][ T8450] device veth0_macvtap entered promiscuous mode [ 58.775693][ T8458] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.785787][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 58.800068][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 58.808509][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 58.818573][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready 22:48:25 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/dev\x00') read$FUSE(r2, &(0x7f00000020c0)={0x2020}, 0x2020) [ 58.834480][ T8450] device veth1_macvtap entered promiscuous mode [ 58.851397][ T8454] device veth0_macvtap entered promiscuous mode [ 58.858813][ T8456] device veth0_vlan entered promiscuous mode [ 58.873725][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 58.881606][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 58.892239][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 58.912972][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 58.921284][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready 22:48:25 executing program 0: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={&(0x7f0000000280)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000010000108002bd62b2fe9a2e951000000", @ANYRES32=r5, @ANYBLOB="fffffffd0000000008001c00ef"], 0x28}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) [ 58.949028][ T8454] device veth1_macvtap entered promiscuous mode [ 58.981705][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 58.998813][ T8456] device veth1_vlan entered promiscuous mode [ 59.031430][ T8454] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 59.049283][ T8454] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.060231][ T8454] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 59.073351][ T8454] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.089998][ T8454] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.100947][ T8450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 59.111674][ T8450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.122681][ T8450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 59.133780][ T8450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.144231][ T8450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 59.155024][ T8450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.165947][ T8450] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.183258][ T3061] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.192898][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.208854][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.210648][ T3061] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.218605][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.235194][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.243966][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 59.251715][ T9818] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 59.265280][ T8450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 59.276931][ T8450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.287793][ T8450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 59.298885][ T8450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.309769][ T8450] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.324971][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 59.333498][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 59.341918][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 59.352039][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.361811][ T8454] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 59.372982][ T8454] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.383796][ T8454] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 59.394278][ T8454] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.404225][ T8454] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 59.414755][ T8454] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.425530][ T8454] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.437223][ T8454] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.445987][ T8454] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.453864][ T3061] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.454724][ T8454] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.471191][ T8454] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.478014][ T3061] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.483951][ T8450] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.500060][ T8450] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.509155][ T8450] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.518085][ T8450] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.530594][ T8456] device veth0_macvtap entered promiscuous mode [ 59.542418][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 59.550363][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready 22:48:26 executing program 2: r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r2 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$setperm(0x5, r2, 0x202002) keyctl$chown(0x4, r2, r1, 0x0) keyctl$link(0x8, r2, 0xfffffffffffffffd) [ 59.559411][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 59.568557][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 59.576510][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 59.585663][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready 22:48:26 executing program 2: r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r2 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$setperm(0x5, r2, 0x202002) keyctl$chown(0x4, r2, r1, 0x0) keyctl$link(0x8, r2, 0xfffffffffffffffd) [ 59.659387][ T8456] device veth1_macvtap entered promiscuous mode [ 59.698850][ T8458] device veth0_vlan entered promiscuous mode [ 59.718736][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 59.730727][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.739630][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready 22:48:26 executing program 2: r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r2 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$setperm(0x5, r2, 0x202002) keyctl$chown(0x4, r2, r1, 0x0) keyctl$link(0x8, r2, 0xfffffffffffffffd) [ 59.761612][ T8456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 59.763308][ T24] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.790311][ T8456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.797441][ T24] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.808846][ T8456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 59.819919][ T8456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.830239][ T5] Bluetooth: hci0: command 0x040f tx timeout [ 59.836428][ T8456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 59.847466][ T8456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.857904][ T8456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 59.868987][ T8456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.880545][ T8456] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.890585][ T8458] device veth1_vlan entered promiscuous mode [ 59.902154][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.915462][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 59.925363][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 59.934737][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 59.943173][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.962858][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.982843][ T9756] Bluetooth: hci1: command 0x040f tx timeout [ 59.984509][ T8456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 60.004110][ T8456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.014759][ T8456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 60.026002][ T8456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.043117][ T8456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 60.064764][ T8456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.074709][ T8456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 60.085360][ T8456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.096919][ T8456] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.121373][ T24] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.124510][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.138871][ T24] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.147414][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 60.149462][ T4911] Bluetooth: hci2: command 0x040f tx timeout [ 60.159237][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 60.178792][ T298] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.181999][ T8458] device veth0_macvtap entered promiscuous mode [ 60.193275][ T298] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.207379][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 60.228385][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 60.237582][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 60.246921][ T8456] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.256036][ T8456] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.266324][ T8456] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.275069][ T8456] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.287574][ T8458] device veth1_macvtap entered promiscuous mode [ 60.298808][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 60.307505][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 60.315570][ T9756] Bluetooth: hci3: command 0x040f tx timeout [ 60.329768][ T8458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 60.340911][ T3061] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.342983][ T8458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.352940][ T3061] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.358663][ T8458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 60.377128][ T8458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.387496][ T8458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 60.398157][ T8458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.408094][ T8458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 60.418689][ T8458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.428704][ T8458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 60.439266][ T8458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.450795][ T8458] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.461311][ T8458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 60.472203][ T19] Bluetooth: hci4: command 0x040f tx timeout [ 60.472873][ T8458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.488202][ T8458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 60.498764][ T8458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.508785][ T8458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 60.519243][ T8458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.529238][ T8458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 60.540381][ T8458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.550717][ T8458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 60.561489][ T8458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.572745][ T8458] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.580303][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 60.589362][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 60.598158][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 60.610093][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.619389][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 60.635463][ T8458] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.646473][ T8458] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.655278][ T8458] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.664150][ T8458] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 22:48:27 executing program 1: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000002c0)={{}, 0x0, 0x3}) writev(r1, &(0x7f0000000080)=[{&(0x7f00000000c0)="580000001500ad", 0x7}], 0x1) write$binfmt_elf64(r1, &(0x7f0000000300)=ANY=[], 0xa) close(r2) socket(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) writev(r1, &(0x7f0000000600)=[{&(0x7f0000000380)="f88ac693ce6908", 0x7}], 0x1) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="5c010000100013070000000000000000e0000001000000000000000000000000ff01000000000000000000000000000100000000000000000000040000000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="f0000000000000000000ffff7f0000010000000032000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000d20000000000000048000200656362286369706865725f6e756c6c29000000ffff7ff7000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000240017"], 0x4}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfef0) splice(r0, 0x0, r2, 0x0, 0x80000001, 0x0) 22:48:27 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) [ 60.713185][ T4911] Bluetooth: hci5: command 0x040f tx timeout 22:48:27 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RWALK(r0, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0x12) perf_event_open(&(0x7f0000000080)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x6}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$P9_RREADDIR(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="c61d"], 0x2) mmap$perf(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x0, 0x412, r0, 0x0) [ 60.769924][ T3061] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.789053][ T3061] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.804768][ T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.833519][ T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.852385][ T298] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.862117][ T24] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.865782][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 60.878154][ T298] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.879828][ T24] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.891573][ T4911] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 60.927728][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 60.928051][ C0] hrtimer: interrupt took 39109 ns [ 60.941054][ T9756] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 61.072126][ T9951] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. 22:48:27 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000003000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000, 0x40240}) ioctl$BTRFS_IOC_DEV_REPLACE(0xffffffffffffffff, 0xca289435, 0x0) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f00000006c0)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, @struct, 0x0, 0x0, [0x0, 0x0, 0x9, 0x6]}, {0x0, @usage, 0x0, 0x4, 0x0, 0xd1, 0x0, 0x1ff, 0x4, @usage, 0x0, 0x0, [0x0, 0x0, 0x0, 0xc93]}, {0xff, @usage, 0x0, 0x0, 0x0, 0x5, 0x0, 0x8, 0xa48, @usage, 0x7, 0x7, [0x0, 0x1, 0x0, 0x6]}, {0x5}}) ioctl$KVM_RUN(r3, 0xae80, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r3, 0x0) ptrace$setregs(0xd, 0x0, 0x8, &(0x7f00000001c0)) 22:48:27 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x7, [@union={0x5, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x1}]}]}, {0x0, [0x61, 0x10, 0x0, 0x0, 0x61]}}, &(0x7f0000000140)=""/159, 0x37, 0x9f, 0x1}, 0x20) 22:48:27 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RWALK(r0, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0x12) perf_event_open(&(0x7f0000000080)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x6}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$P9_RREADDIR(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="c61d"], 0x2) mmap$perf(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x0, 0x412, r0, 0x0) 22:48:27 executing program 1: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000002c0)={{}, 0x0, 0x3}) writev(r1, &(0x7f0000000080)=[{&(0x7f00000000c0)="580000001500ad", 0x7}], 0x1) write$binfmt_elf64(r1, &(0x7f0000000300)=ANY=[], 0xa) close(r2) socket(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) writev(r1, &(0x7f0000000600)=[{&(0x7f0000000380)="f88ac693ce6908", 0x7}], 0x1) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="5c010000100013070000000000000000e0000001000000000000000000000000ff01000000000000000000000000000100000000000000000000040000000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="f0000000000000000000ffff7f0000010000000032000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000d20000000000000048000200656362286369706865725f6e756c6c29000000ffff7ff7000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000240017"], 0x4}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfef0) splice(r0, 0x0, r2, 0x0, 0x80000001, 0x0) 22:48:27 executing program 5: creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) open(0x0, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140)='l2tp\x00') sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x44, r1, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @empty=0x2635}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @dev}]}, 0x44}}, 0x0) 22:48:27 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) 22:48:27 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x7, [@union={0x5, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x1}]}]}, {0x0, [0x61, 0x10, 0x0, 0x0, 0x61]}}, &(0x7f0000000140)=""/159, 0x37, 0x9f, 0x1}, 0x20) 22:48:27 executing program 1: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000002c0)={{}, 0x0, 0x3}) writev(r1, &(0x7f0000000080)=[{&(0x7f00000000c0)="580000001500ad", 0x7}], 0x1) write$binfmt_elf64(r1, &(0x7f0000000300)=ANY=[], 0xa) close(r2) socket(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) writev(r1, &(0x7f0000000600)=[{&(0x7f0000000380)="f88ac693ce6908", 0x7}], 0x1) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="5c010000100013070000000000000000e0000001000000000000000000000000ff01000000000000000000000000000100000000000000000000040000000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="f0000000000000000000ffff7f0000010000000032000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000d20000000000000048000200656362286369706865725f6e756c6c29000000ffff7ff7000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000240017"], 0x4}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfef0) splice(r0, 0x0, r2, 0x0, 0x80000001, 0x0) 22:48:27 executing program 5: creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) open(0x0, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140)='l2tp\x00') sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x44, r1, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @empty=0x2635}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @dev}]}, 0x44}}, 0x0) 22:48:27 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RWALK(r0, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0x12) perf_event_open(&(0x7f0000000080)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x6}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$P9_RREADDIR(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="c61d"], 0x2) mmap$perf(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x0, 0x412, r0, 0x0) 22:48:28 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x7, [@union={0x5, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x1}]}]}, {0x0, [0x61, 0x10, 0x0, 0x0, 0x61]}}, &(0x7f0000000140)=""/159, 0x37, 0x9f, 0x1}, 0x20) 22:48:28 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) [ 61.905352][ T4911] Bluetooth: hci0: command 0x0419 tx timeout 22:48:28 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000003000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000, 0x40240}) ioctl$BTRFS_IOC_DEV_REPLACE(0xffffffffffffffff, 0xca289435, 0x0) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f00000006c0)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, @struct, 0x0, 0x0, [0x0, 0x0, 0x9, 0x6]}, {0x0, @usage, 0x0, 0x4, 0x0, 0xd1, 0x0, 0x1ff, 0x4, @usage, 0x0, 0x0, [0x0, 0x0, 0x0, 0xc93]}, {0xff, @usage, 0x0, 0x0, 0x0, 0x5, 0x0, 0x8, 0xa48, @usage, 0x7, 0x7, [0x0, 0x1, 0x0, 0x6]}, {0x5}}) ioctl$KVM_RUN(r3, 0xae80, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r3, 0x0) ptrace$setregs(0xd, 0x0, 0x8, &(0x7f00000001c0)) 22:48:28 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) 22:48:28 executing program 5: creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) open(0x0, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140)='l2tp\x00') sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x44, r1, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @empty=0x2635}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @dev}]}, 0x44}}, 0x0) 22:48:28 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) 22:48:28 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x7, [@union={0x5, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x1}]}]}, {0x0, [0x61, 0x10, 0x0, 0x0, 0x61]}}, &(0x7f0000000140)=""/159, 0x37, 0x9f, 0x1}, 0x20) 22:48:28 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) [ 62.065058][ T4911] Bluetooth: hci1: command 0x0419 tx timeout 22:48:28 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) 22:48:28 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) 22:48:28 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) [ 62.224692][ T4911] Bluetooth: hci2: command 0x0419 tx timeout 22:48:28 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) 22:48:28 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) [ 62.384678][ T4911] Bluetooth: hci3: command 0x0419 tx timeout 22:48:28 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000003000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000, 0x40240}) ioctl$BTRFS_IOC_DEV_REPLACE(0xffffffffffffffff, 0xca289435, 0x0) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f00000006c0)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, @struct, 0x0, 0x0, [0x0, 0x0, 0x9, 0x6]}, {0x0, @usage, 0x0, 0x4, 0x0, 0xd1, 0x0, 0x1ff, 0x4, @usage, 0x0, 0x0, [0x0, 0x0, 0x0, 0xc93]}, {0xff, @usage, 0x0, 0x0, 0x0, 0x5, 0x0, 0x8, 0xa48, @usage, 0x7, 0x7, [0x0, 0x1, 0x0, 0x6]}, {0x5}}) ioctl$KVM_RUN(r3, 0xae80, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r3, 0x0) ptrace$setregs(0xd, 0x0, 0x8, &(0x7f00000001c0)) 22:48:28 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) 22:48:28 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) 22:48:28 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) [ 62.542557][ T4911] Bluetooth: hci4: command 0x0419 tx timeout 22:48:29 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) 22:48:29 executing program 4: setuid(0xee00) shmget(0x2, 0x2000, 0x800, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffc000/0x1000)=nil) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) setresgid(r1, 0xee00, 0xee01) 22:48:29 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) [ 62.784462][ T4911] Bluetooth: hci5: command 0x0419 tx timeout 22:48:29 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) 22:48:29 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) 22:48:29 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5441, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000040)={0x7ff, 0x0, 0x8d, 0x7502, 0x6, "23311861dcab68da5c68f0b7129145bb9834ad"}) tee(r2, r1, 0x9, 0x1) 22:48:29 executing program 4: setuid(0xee00) shmget(0x2, 0x2000, 0x800, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffc000/0x1000)=nil) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) setresgid(r1, 0xee00, 0xee01) 22:48:29 executing program 1: setuid(0xee00) shmget(0x2, 0x2000, 0x800, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffc000/0x1000)=nil) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) setresgid(r1, 0xee00, 0xee01) 22:48:29 executing program 4: setuid(0xee00) shmget(0x2, 0x2000, 0x800, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffc000/0x1000)=nil) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) setresgid(r1, 0xee00, 0xee01) 22:48:29 executing program 0: setuid(0xee00) shmget(0x2, 0x2000, 0x800, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffc000/0x1000)=nil) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) setresgid(r1, 0xee00, 0xee01) 22:48:29 executing program 1: setuid(0xee00) shmget(0x2, 0x2000, 0x800, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffc000/0x1000)=nil) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) setresgid(r1, 0xee00, 0xee01) 22:48:29 executing program 3: setuid(0xee00) shmget(0x2, 0x2000, 0x800, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffc000/0x1000)=nil) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) setresgid(r1, 0xee00, 0xee01) 22:48:29 executing program 5: select(0x40, &(0x7f0000000000)={0x5}, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2710}) 22:48:29 executing program 4: setuid(0xee00) shmget(0x2, 0x2000, 0x800, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffc000/0x1000)=nil) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) setresgid(r1, 0xee00, 0xee01) 22:48:29 executing program 2: semop(0x0, &(0x7f0000000340)=[{0x0, 0x0, 0x1000}], 0x1) 22:48:29 executing program 0: setuid(0xee00) shmget(0x2, 0x2000, 0x800, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffc000/0x1000)=nil) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) setresgid(r1, 0xee00, 0xee01) 22:48:29 executing program 1: setuid(0xee00) shmget(0x2, 0x2000, 0x800, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffc000/0x1000)=nil) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) setresgid(r1, 0xee00, 0xee01) 22:48:29 executing program 5: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000180)={0x0, 0x1, 0x0, &(0x7f00000000c0)=""/67, 0x0, 0x100000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000780)={0x1, 0x0, 0x0, &(0x7f0000000640)=""/146, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000004c0)=ANY=[]) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000080)=0x1) ioctl$VHOST_SET_FEATURES(r0, 0x4008af04, &(0x7f0000000140)=0xffffffffffffffff) 22:48:29 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x320, 0x188, 0x4000000, 0x158, 0x188, 0x0, 0x250, 0x240, 0x240, 0x250, 0x240, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x160, 0x188, 0x0, {}, [@common=@srh1={{0x90, 'srh\x00'}, {0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, [], [], [], 0x2001, 0x3200}}, @inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0xa8, 0xc8}, @unspec=@NOTRACK={0x20, 'NOTRACK\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x380) 22:48:29 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0xc01, 0x3, 0x270, 0xd8, 0x5002004a, 0x0, 0xd8, 0x0, 0x1d8, 0x3c8, 0x3c8, 0x1d8, 0x3c8, 0x3, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 'bridge_slave_1\x00', 'veth0_macvtap\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x60], 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x0, 0x3}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0xfffe}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x318) 22:48:29 executing program 3: setuid(0xee00) shmget(0x2, 0x2000, 0x800, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffc000/0x1000)=nil) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) setresgid(r1, 0xee00, 0xee01) 22:48:29 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@nat={'nat\x00', 0x19, 0x4, 0x590, [0x200001c0, 0x0, 0x0, 0x20000500, 0x20000530], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000190000000a00000000156e727000000000000000000000000000626f6e643000000000000000000000007465616d5f736c6176655f310000000062637366300000000000000000000000ffffffffffffffff007fffff0180c2000000ffffdfffffff0000e0000000500100008801000073747000000000000000000000000000000000000000000000000000000000004800000000000000020000000200006e8700fffffffffff7ffffffbc00000000000000003b0a000002000900efb5b7053aba0fd6ffff00004e234e21040071ac0600ff7f382803000500070000080100736e6174000000f6ffffffffffffc86cb1cc1d400028000000000000000000001000000000000000d1f9c15dee9e0000ffffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0f0000feffffff00000000736e6174000000000000000000000001000000000000000000000000000000001000000000000000aaaaaaaaaa1a0000feffffff0000000003000000400000000011746e616d3000000000000000000000006772657461703000000000000000000076657468315f746f5f626f6e64000000626f6e6430000000000000000000000052a1927247eaffff470000006a72dd4b319d0000ff3400000000e8000000500100008801000069703600000000000000000000000000000000000000000000000000000000005000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa000000ff10000000ffffffff00000000ffffffffff000000ffffffff00000000093b14044e204e234e214e24000000006172707265706c7900000000000000000000000000000000000000000000000010000000000000000180c200ed010000feffffff0000000072656469726563740000000000000000000000000000000000000000000000000800000000000000fcffffff00000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000ffffffff0000000000000000000000000000000000000000a30000000000000000000000d20000000000000002000000ffffffff0000000000000000000000000000000000000000000000000000000000001c00000000000000000002000000ffffffff02000000090000004a00000000020000000000000000000000000000000073797a5f74756e000000000000000000626f6e6430000000000000000000000069705f767469300000000000000000009f7f83bddffa0000ffffffffffffffffffffff0000ffffff0000c0000000c00000000801000068656c70657200000000000000000000000000000000000000000000000000002800000000000000010000006674702d32303030300000000000000000000000000000000000000000000000000000004552524f520000000000000000000000000000000000000000000000000000002000000000000000c3331f141f48b36a6e8a93c4f2796fab65c75e2fdab6f98342ae6b68a6b900000500000002000000e90d69705f76746930000000000000000000627269646765300000000000000000006966623000000000000000000000000076657468345f746f5f626f6e64000000aaaaaaaaaa11ff0200ffffffffffffffffffffff00ffffff0000b0000000b0000000e800000071756f746100000000000000000000000000000000000000000000000000000018000000000000000000000000000000010000000000000007000000000000006165706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000feffffff0000adcc000000"]}, 0x608) 22:48:29 executing program 0: setuid(0xee00) shmget(0x2, 0x2000, 0x800, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffc000/0x1000)=nil) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) setresgid(r1, 0xee00, 0xee01) 22:48:29 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x320, 0x188, 0x4000000, 0x158, 0x188, 0x0, 0x250, 0x240, 0x240, 0x250, 0x240, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x160, 0x188, 0x0, {}, [@common=@srh1={{0x90, 'srh\x00'}, {0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, [], [], [], 0x2001, 0x3200}}, @inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0xa8, 0xc8}, @unspec=@NOTRACK={0x20, 'NOTRACK\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x380) 22:48:29 executing program 3: setuid(0xee00) shmget(0x2, 0x2000, 0x800, &(0x7f0000ffb000/0x2000)=nil) r0 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffc000/0x1000)=nil) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) setresgid(r1, 0xee00, 0xee01) 22:48:29 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@nat={'nat\x00', 0x19, 0x4, 0x590, [0x200001c0, 0x0, 0x0, 0x20000500, 0x20000530], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000190000000a00000000156e727000000000000000000000000000626f6e643000000000000000000000007465616d5f736c6176655f310000000062637366300000000000000000000000ffffffffffffffff007fffff0180c2000000ffffdfffffff0000e0000000500100008801000073747000000000000000000000000000000000000000000000000000000000004800000000000000020000000200006e8700fffffffffff7ffffffbc00000000000000003b0a000002000900efb5b7053aba0fd6ffff00004e234e21040071ac0600ff7f382803000500070000080100736e6174000000f6ffffffffffffc86cb1cc1d400028000000000000000000001000000000000000d1f9c15dee9e0000ffffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0f0000feffffff00000000736e6174000000000000000000000001000000000000000000000000000000001000000000000000aaaaaaaaaa1a0000feffffff0000000003000000400000000011746e616d3000000000000000000000006772657461703000000000000000000076657468315f746f5f626f6e64000000626f6e6430000000000000000000000052a1927247eaffff470000006a72dd4b319d0000ff3400000000e8000000500100008801000069703600000000000000000000000000000000000000000000000000000000005000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa000000ff10000000ffffffff00000000ffffffffff000000ffffffff00000000093b14044e204e234e214e24000000006172707265706c7900000000000000000000000000000000000000000000000010000000000000000180c200ed010000feffffff0000000072656469726563740000000000000000000000000000000000000000000000000800000000000000fcffffff00000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000ffffffff0000000000000000000000000000000000000000a30000000000000000000000d20000000000000002000000ffffffff0000000000000000000000000000000000000000000000000000000000001c00000000000000000002000000ffffffff02000000090000004a00000000020000000000000000000000000000000073797a5f74756e000000000000000000626f6e6430000000000000000000000069705f767469300000000000000000009f7f83bddffa0000ffffffffffffffffffffff0000ffffff0000c0000000c00000000801000068656c70657200000000000000000000000000000000000000000000000000002800000000000000010000006674702d32303030300000000000000000000000000000000000000000000000000000004552524f520000000000000000000000000000000000000000000000000000002000000000000000c3331f141f48b36a6e8a93c4f2796fab65c75e2fdab6f98342ae6b68a6b900000500000002000000e90d69705f76746930000000000000000000627269646765300000000000000000006966623000000000000000000000000076657468345f746f5f626f6e64000000aaaaaaaaaa11ff0200ffffffffffffffffffffff00ffffff0000b0000000b0000000e800000071756f746100000000000000000000000000000000000000000000000000000018000000000000000000000000000000010000000000000007000000000000006165706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000feffffff0000adcc000000"]}, 0x608) 22:48:29 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0xc01, 0x3, 0x270, 0xd8, 0x5002004a, 0x0, 0xd8, 0x0, 0x1d8, 0x3c8, 0x3c8, 0x1d8, 0x3c8, 0x3, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 'bridge_slave_1\x00', 'veth0_macvtap\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x60], 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x0, 0x3}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0xfffe}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x318) [ 63.361681][T10172] xt_TCPMSS: Only works on TCP SYN packets 22:48:29 executing program 5: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000180)={0x0, 0x1, 0x0, &(0x7f00000000c0)=""/67, 0x0, 0x100000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000780)={0x1, 0x0, 0x0, &(0x7f0000000640)=""/146, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000004c0)=ANY=[]) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000080)=0x1) ioctl$VHOST_SET_FEATURES(r0, 0x4008af04, &(0x7f0000000140)=0xffffffffffffffff) 22:48:29 executing program 3: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000180)={0x0, 0x1, 0x0, &(0x7f00000000c0)=""/67, 0x0, 0x100000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000780)={0x1, 0x0, 0x0, &(0x7f0000000640)=""/146, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000004c0)=ANY=[]) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000080)=0x1) ioctl$VHOST_SET_FEATURES(r0, 0x4008af04, &(0x7f0000000140)=0xffffffffffffffff) 22:48:29 executing program 0: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000180)={0x0, 0x1, 0x0, &(0x7f00000000c0)=""/67, 0x0, 0x100000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000780)={0x1, 0x0, 0x0, &(0x7f0000000640)=""/146, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000004c0)=ANY=[]) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000080)=0x1) ioctl$VHOST_SET_FEATURES(r0, 0x4008af04, &(0x7f0000000140)=0xffffffffffffffff) 22:48:29 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x320, 0x188, 0x4000000, 0x158, 0x188, 0x0, 0x250, 0x240, 0x240, 0x250, 0x240, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x160, 0x188, 0x0, {}, [@common=@srh1={{0x90, 'srh\x00'}, {0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, [], [], [], 0x2001, 0x3200}}, @inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0xa8, 0xc8}, @unspec=@NOTRACK={0x20, 'NOTRACK\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x380) 22:48:29 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0xc01, 0x3, 0x270, 0xd8, 0x5002004a, 0x0, 0xd8, 0x0, 0x1d8, 0x3c8, 0x3c8, 0x1d8, 0x3c8, 0x3, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 'bridge_slave_1\x00', 'veth0_macvtap\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x60], 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x0, 0x3}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0xfffe}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x318) [ 63.479789][T10188] xt_TCPMSS: Only works on TCP SYN packets 22:48:29 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@nat={'nat\x00', 0x19, 0x4, 0x590, [0x200001c0, 0x0, 0x0, 0x20000500, 0x20000530], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000190000000a00000000156e727000000000000000000000000000626f6e643000000000000000000000007465616d5f736c6176655f310000000062637366300000000000000000000000ffffffffffffffff007fffff0180c2000000ffffdfffffff0000e0000000500100008801000073747000000000000000000000000000000000000000000000000000000000004800000000000000020000000200006e8700fffffffffff7ffffffbc00000000000000003b0a000002000900efb5b7053aba0fd6ffff00004e234e21040071ac0600ff7f382803000500070000080100736e6174000000f6ffffffffffffc86cb1cc1d400028000000000000000000001000000000000000d1f9c15dee9e0000ffffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0f0000feffffff00000000736e6174000000000000000000000001000000000000000000000000000000001000000000000000aaaaaaaaaa1a0000feffffff0000000003000000400000000011746e616d3000000000000000000000006772657461703000000000000000000076657468315f746f5f626f6e64000000626f6e6430000000000000000000000052a1927247eaffff470000006a72dd4b319d0000ff3400000000e8000000500100008801000069703600000000000000000000000000000000000000000000000000000000005000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa000000ff10000000ffffffff00000000ffffffffff000000ffffffff00000000093b14044e204e234e214e24000000006172707265706c7900000000000000000000000000000000000000000000000010000000000000000180c200ed010000feffffff0000000072656469726563740000000000000000000000000000000000000000000000000800000000000000fcffffff00000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000ffffffff0000000000000000000000000000000000000000a30000000000000000000000d20000000000000002000000ffffffff0000000000000000000000000000000000000000000000000000000000001c00000000000000000002000000ffffffff02000000090000004a00000000020000000000000000000000000000000073797a5f74756e000000000000000000626f6e6430000000000000000000000069705f767469300000000000000000009f7f83bddffa0000ffffffffffffffffffffff0000ffffff0000c0000000c00000000801000068656c70657200000000000000000000000000000000000000000000000000002800000000000000010000006674702d32303030300000000000000000000000000000000000000000000000000000004552524f520000000000000000000000000000000000000000000000000000002000000000000000c3331f141f48b36a6e8a93c4f2796fab65c75e2fdab6f98342ae6b68a6b900000500000002000000e90d69705f76746930000000000000000000627269646765300000000000000000006966623000000000000000000000000076657468345f746f5f626f6e64000000aaaaaaaaaa11ff0200ffffffffffffffffffffff00ffffff0000b0000000b0000000e800000071756f746100000000000000000000000000000000000000000000000000000018000000000000000000000000000000010000000000000007000000000000006165706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000feffffff0000adcc000000"]}, 0x608) 22:48:29 executing program 3: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000180)={0x0, 0x1, 0x0, &(0x7f00000000c0)=""/67, 0x0, 0x100000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000780)={0x1, 0x0, 0x0, &(0x7f0000000640)=""/146, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000004c0)=ANY=[]) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000080)=0x1) ioctl$VHOST_SET_FEATURES(r0, 0x4008af04, &(0x7f0000000140)=0xffffffffffffffff) 22:48:29 executing program 5: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000180)={0x0, 0x1, 0x0, &(0x7f00000000c0)=""/67, 0x0, 0x100000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000780)={0x1, 0x0, 0x0, &(0x7f0000000640)=""/146, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000004c0)=ANY=[]) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000080)=0x1) ioctl$VHOST_SET_FEATURES(r0, 0x4008af04, &(0x7f0000000140)=0xffffffffffffffff) 22:48:30 executing program 0: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000180)={0x0, 0x1, 0x0, &(0x7f00000000c0)=""/67, 0x0, 0x100000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000780)={0x1, 0x0, 0x0, &(0x7f0000000640)=""/146, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000004c0)=ANY=[]) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000080)=0x1) ioctl$VHOST_SET_FEATURES(r0, 0x4008af04, &(0x7f0000000140)=0xffffffffffffffff) 22:48:30 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x320, 0x188, 0x4000000, 0x158, 0x188, 0x0, 0x250, 0x240, 0x240, 0x250, 0x240, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x160, 0x188, 0x0, {}, [@common=@srh1={{0x90, 'srh\x00'}, {0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, [], [], [], 0x2001, 0x3200}}, @inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0xa8, 0xc8}, @unspec=@NOTRACK={0x20, 'NOTRACK\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x380) 22:48:30 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0xc01, 0x3, 0x270, 0xd8, 0x5002004a, 0x0, 0xd8, 0x0, 0x1d8, 0x3c8, 0x3c8, 0x1d8, 0x3c8, 0x3, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 'bridge_slave_1\x00', 'veth0_macvtap\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x60], 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x0, 0x3}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0xfffe}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x318) 22:48:30 executing program 5: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000180)={0x0, 0x1, 0x0, &(0x7f00000000c0)=""/67, 0x0, 0x100000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000780)={0x1, 0x0, 0x0, &(0x7f0000000640)=""/146, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000004c0)=ANY=[]) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000080)=0x1) ioctl$VHOST_SET_FEATURES(r0, 0x4008af04, &(0x7f0000000140)=0xffffffffffffffff) 22:48:30 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@nat={'nat\x00', 0x19, 0x4, 0x590, [0x200001c0, 0x0, 0x0, 0x20000500, 0x20000530], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000190000000a00000000156e727000000000000000000000000000626f6e643000000000000000000000007465616d5f736c6176655f310000000062637366300000000000000000000000ffffffffffffffff007fffff0180c2000000ffffdfffffff0000e0000000500100008801000073747000000000000000000000000000000000000000000000000000000000004800000000000000020000000200006e8700fffffffffff7ffffffbc00000000000000003b0a000002000900efb5b7053aba0fd6ffff00004e234e21040071ac0600ff7f382803000500070000080100736e6174000000f6ffffffffffffc86cb1cc1d400028000000000000000000001000000000000000d1f9c15dee9e0000ffffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0f0000feffffff00000000736e6174000000000000000000000001000000000000000000000000000000001000000000000000aaaaaaaaaa1a0000feffffff0000000003000000400000000011746e616d3000000000000000000000006772657461703000000000000000000076657468315f746f5f626f6e64000000626f6e6430000000000000000000000052a1927247eaffff470000006a72dd4b319d0000ff3400000000e8000000500100008801000069703600000000000000000000000000000000000000000000000000000000005000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa000000ff10000000ffffffff00000000ffffffffff000000ffffffff00000000093b14044e204e234e214e24000000006172707265706c7900000000000000000000000000000000000000000000000010000000000000000180c200ed010000feffffff0000000072656469726563740000000000000000000000000000000000000000000000000800000000000000fcffffff00000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000ffffffff0000000000000000000000000000000000000000a30000000000000000000000d20000000000000002000000ffffffff0000000000000000000000000000000000000000000000000000000000001c00000000000000000002000000ffffffff02000000090000004a00000000020000000000000000000000000000000073797a5f74756e000000000000000000626f6e6430000000000000000000000069705f767469300000000000000000009f7f83bddffa0000ffffffffffffffffffffff0000ffffff0000c0000000c00000000801000068656c70657200000000000000000000000000000000000000000000000000002800000000000000010000006674702d32303030300000000000000000000000000000000000000000000000000000004552524f520000000000000000000000000000000000000000000000000000002000000000000000c3331f141f48b36a6e8a93c4f2796fab65c75e2fdab6f98342ae6b68a6b900000500000002000000e90d69705f76746930000000000000000000627269646765300000000000000000006966623000000000000000000000000076657468345f746f5f626f6e64000000aaaaaaaaaa11ff0200ffffffffffffffffffffff00ffffff0000b0000000b0000000e800000071756f746100000000000000000000000000000000000000000000000000000018000000000000000000000000000000010000000000000007000000000000006165706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000feffffff0000adcc000000"]}, 0x608) [ 63.625987][T10208] xt_TCPMSS: Only works on TCP SYN packets 22:48:30 executing program 3: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000180)={0x0, 0x1, 0x0, &(0x7f00000000c0)=""/67, 0x0, 0x100000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000780)={0x1, 0x0, 0x0, &(0x7f0000000640)=""/146, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000004c0)=ANY=[]) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000080)=0x1) ioctl$VHOST_SET_FEATURES(r0, 0x4008af04, &(0x7f0000000140)=0xffffffffffffffff) 22:48:30 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r0, 0x0, 0x22b41b9a8748b1b5, 0x0, 0x0, 0x800e00510) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000340)=""/71, 0x47}, {0x0}, {0x0}, {0x0}], 0x4}, 0x40002) recvfrom$inet(r2, 0x0, 0x22b41b9a8748b1b5, 0x0, 0x0, 0x800e00510) shutdown(r1, 0x0) ppoll(&(0x7f00000001c0)=[{}, {}], 0x2, &(0x7f0000000100)={0xe4}, 0x0, 0x0) shutdown(r2, 0x0) 22:48:30 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) 22:48:30 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="b4000000020000006600000000000000730135000000000095000000000000004bb5eea0a6ec9fcd4b0a008a8443f22772d945c7e6dd329e4a0587536a9669924c8341ea7244ddb07b7e9912e0dd1a59541f7cbb1548ee5bd627f5b0b8ec77bd6d5f7b543f9aafaabe53339b12fbbe7decc4aa61b8aad0359083bdd61543fbeee8d560bb4b5925fae801f4c91e31674b124a1b3b000000bc4da4a9b3d5cc9e0000f6a7a72900997320a3f6da9f010d41ac79fdd84abbec7d96629491727375b853d34344c60f0061fbe0131f3c7a026d8f00000800000000000000000bd724e9fc3cc004a1097fddc65c1b1b328277ff85ed56b9261eb7bcee28ec2d3616689ab3f31f849eebce6f21e6302003c0467844e000000000db0700bd694a09b253a1c6c7863d3b9cd506231b40a7ab7069790d5b8f7ab45184ca6d9bee429bc7e2e4d219e1d7ebeb51511d9df85a648b1b85f93cb6cd21f93d5ea3da2b31657c065d052d9b9ee00320c9f97ebac25b929b3c15e33be6e7d54e6229427ee8d181d2f18d772fb5c58a936620ba1f5fbb48703ab211f442697edc165b449db2e3c221fbf270a6db414516949b976e459c9b96a1cbe81a38a23f03bd7c1a3e60c2e294f828e0e7e42cb70328f151f949e387aae9d7d2800c8eeae093c05adc9086d3f143a7b87d06838c6525cafdc01820a8912a1641b38333ce1c8456a467b0d9d033edc9da00c8a2b42e8adfeff69fce7a35f79748e3e5b235269310988a05bf7c4e4cef3d1aa550c83d6328eb8fcadb364a02ef99ed50"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x21e, 0x10, &(0x7f00000002c0), 0xfffffffffffffd02}, 0x48) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x200002, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={@cgroup=r1, r0, 0x1}, 0x14) [ 63.722874][T10219] xt_TCPMSS: Only works on TCP SYN packets 22:48:30 executing program 0: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000180)={0x0, 0x1, 0x0, &(0x7f00000000c0)=""/67, 0x0, 0x100000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000780)={0x1, 0x0, 0x0, &(0x7f0000000640)=""/146, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000004c0)=ANY=[]) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000080)=0x1) ioctl$VHOST_SET_FEATURES(r0, 0x4008af04, &(0x7f0000000140)=0xffffffffffffffff) 22:48:30 executing program 1: r0 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0x401070cd, &(0x7f0000000240)) 22:48:30 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)="cb56b6cc0407008b65d8b4ac2ca35c66", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto(r1, 0x0, 0x0, 0x0, 0x0, 0x0) 22:48:30 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="b4000000020000006600000000000000730135000000000095000000000000004bb5eea0a6ec9fcd4b0a008a8443f22772d945c7e6dd329e4a0587536a9669924c8341ea7244ddb07b7e9912e0dd1a59541f7cbb1548ee5bd627f5b0b8ec77bd6d5f7b543f9aafaabe53339b12fbbe7decc4aa61b8aad0359083bdd61543fbeee8d560bb4b5925fae801f4c91e31674b124a1b3b000000bc4da4a9b3d5cc9e0000f6a7a72900997320a3f6da9f010d41ac79fdd84abbec7d96629491727375b853d34344c60f0061fbe0131f3c7a026d8f00000800000000000000000bd724e9fc3cc004a1097fddc65c1b1b328277ff85ed56b9261eb7bcee28ec2d3616689ab3f31f849eebce6f21e6302003c0467844e000000000db0700bd694a09b253a1c6c7863d3b9cd506231b40a7ab7069790d5b8f7ab45184ca6d9bee429bc7e2e4d219e1d7ebeb51511d9df85a648b1b85f93cb6cd21f93d5ea3da2b31657c065d052d9b9ee00320c9f97ebac25b929b3c15e33be6e7d54e6229427ee8d181d2f18d772fb5c58a936620ba1f5fbb48703ab211f442697edc165b449db2e3c221fbf270a6db414516949b976e459c9b96a1cbe81a38a23f03bd7c1a3e60c2e294f828e0e7e42cb70328f151f949e387aae9d7d2800c8eeae093c05adc9086d3f143a7b87d06838c6525cafdc01820a8912a1641b38333ce1c8456a467b0d9d033edc9da00c8a2b42e8adfeff69fce7a35f79748e3e5b235269310988a05bf7c4e4cef3d1aa550c83d6328eb8fcadb364a02ef99ed50"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x21e, 0x10, &(0x7f00000002c0), 0xfffffffffffffd02}, 0x48) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x200002, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={@cgroup=r1, r0, 0x1}, 0x14) 22:48:30 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="b4000000020000006600000000000000730135000000000095000000000000004bb5eea0a6ec9fcd4b0a008a8443f22772d945c7e6dd329e4a0587536a9669924c8341ea7244ddb07b7e9912e0dd1a59541f7cbb1548ee5bd627f5b0b8ec77bd6d5f7b543f9aafaabe53339b12fbbe7decc4aa61b8aad0359083bdd61543fbeee8d560bb4b5925fae801f4c91e31674b124a1b3b000000bc4da4a9b3d5cc9e0000f6a7a72900997320a3f6da9f010d41ac79fdd84abbec7d96629491727375b853d34344c60f0061fbe0131f3c7a026d8f00000800000000000000000bd724e9fc3cc004a1097fddc65c1b1b328277ff85ed56b9261eb7bcee28ec2d3616689ab3f31f849eebce6f21e6302003c0467844e000000000db0700bd694a09b253a1c6c7863d3b9cd506231b40a7ab7069790d5b8f7ab45184ca6d9bee429bc7e2e4d219e1d7ebeb51511d9df85a648b1b85f93cb6cd21f93d5ea3da2b31657c065d052d9b9ee00320c9f97ebac25b929b3c15e33be6e7d54e6229427ee8d181d2f18d772fb5c58a936620ba1f5fbb48703ab211f442697edc165b449db2e3c221fbf270a6db414516949b976e459c9b96a1cbe81a38a23f03bd7c1a3e60c2e294f828e0e7e42cb70328f151f949e387aae9d7d2800c8eeae093c05adc9086d3f143a7b87d06838c6525cafdc01820a8912a1641b38333ce1c8456a467b0d9d033edc9da00c8a2b42e8adfeff69fce7a35f79748e3e5b235269310988a05bf7c4e4cef3d1aa550c83d6328eb8fcadb364a02ef99ed50"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x21e, 0x10, &(0x7f00000002c0), 0xfffffffffffffd02}, 0x48) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x200002, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={@cgroup=r1, r0, 0x1}, 0x14) 22:48:30 executing program 1: r0 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0x401070cd, &(0x7f0000000240)) [ 63.849013][ T35] audit: type=1326 audit(1611182910.180:2): auid=0 uid=0 gid=0 ses=4 subj==unconfined pid=10230 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=228 compat=0 ip=0x46107a code=0x0 22:48:30 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="b4000000020000006600000000000000730135000000000095000000000000004bb5eea0a6ec9fcd4b0a008a8443f22772d945c7e6dd329e4a0587536a9669924c8341ea7244ddb07b7e9912e0dd1a59541f7cbb1548ee5bd627f5b0b8ec77bd6d5f7b543f9aafaabe53339b12fbbe7decc4aa61b8aad0359083bdd61543fbeee8d560bb4b5925fae801f4c91e31674b124a1b3b000000bc4da4a9b3d5cc9e0000f6a7a72900997320a3f6da9f010d41ac79fdd84abbec7d96629491727375b853d34344c60f0061fbe0131f3c7a026d8f00000800000000000000000bd724e9fc3cc004a1097fddc65c1b1b328277ff85ed56b9261eb7bcee28ec2d3616689ab3f31f849eebce6f21e6302003c0467844e000000000db0700bd694a09b253a1c6c7863d3b9cd506231b40a7ab7069790d5b8f7ab45184ca6d9bee429bc7e2e4d219e1d7ebeb51511d9df85a648b1b85f93cb6cd21f93d5ea3da2b31657c065d052d9b9ee00320c9f97ebac25b929b3c15e33be6e7d54e6229427ee8d181d2f18d772fb5c58a936620ba1f5fbb48703ab211f442697edc165b449db2e3c221fbf270a6db414516949b976e459c9b96a1cbe81a38a23f03bd7c1a3e60c2e294f828e0e7e42cb70328f151f949e387aae9d7d2800c8eeae093c05adc9086d3f143a7b87d06838c6525cafdc01820a8912a1641b38333ce1c8456a467b0d9d033edc9da00c8a2b42e8adfeff69fce7a35f79748e3e5b235269310988a05bf7c4e4cef3d1aa550c83d6328eb8fcadb364a02ef99ed50"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x21e, 0x10, &(0x7f00000002c0), 0xfffffffffffffd02}, 0x48) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x200002, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={@cgroup=r1, r0, 0x1}, 0x14) 22:48:30 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="b4000000020000006600000000000000730135000000000095000000000000004bb5eea0a6ec9fcd4b0a008a8443f22772d945c7e6dd329e4a0587536a9669924c8341ea7244ddb07b7e9912e0dd1a59541f7cbb1548ee5bd627f5b0b8ec77bd6d5f7b543f9aafaabe53339b12fbbe7decc4aa61b8aad0359083bdd61543fbeee8d560bb4b5925fae801f4c91e31674b124a1b3b000000bc4da4a9b3d5cc9e0000f6a7a72900997320a3f6da9f010d41ac79fdd84abbec7d96629491727375b853d34344c60f0061fbe0131f3c7a026d8f00000800000000000000000bd724e9fc3cc004a1097fddc65c1b1b328277ff85ed56b9261eb7bcee28ec2d3616689ab3f31f849eebce6f21e6302003c0467844e000000000db0700bd694a09b253a1c6c7863d3b9cd506231b40a7ab7069790d5b8f7ab45184ca6d9bee429bc7e2e4d219e1d7ebeb51511d9df85a648b1b85f93cb6cd21f93d5ea3da2b31657c065d052d9b9ee00320c9f97ebac25b929b3c15e33be6e7d54e6229427ee8d181d2f18d772fb5c58a936620ba1f5fbb48703ab211f442697edc165b449db2e3c221fbf270a6db414516949b976e459c9b96a1cbe81a38a23f03bd7c1a3e60c2e294f828e0e7e42cb70328f151f949e387aae9d7d2800c8eeae093c05adc9086d3f143a7b87d06838c6525cafdc01820a8912a1641b38333ce1c8456a467b0d9d033edc9da00c8a2b42e8adfeff69fce7a35f79748e3e5b235269310988a05bf7c4e4cef3d1aa550c83d6328eb8fcadb364a02ef99ed50"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x21e, 0x10, &(0x7f00000002c0), 0xfffffffffffffd02}, 0x48) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x200002, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={@cgroup=r1, r0, 0x1}, 0x14) 22:48:30 executing program 1: r0 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0x401070cd, &(0x7f0000000240)) [ 64.680863][ T35] audit: type=1326 audit(1611182911.010:3): auid=0 uid=0 gid=0 ses=4 subj==unconfined pid=10230 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=228 compat=0 ip=0x46107a code=0x0 22:48:31 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r0, 0x0, 0x22b41b9a8748b1b5, 0x0, 0x0, 0x800e00510) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000340)=""/71, 0x47}, {0x0}, {0x0}, {0x0}], 0x4}, 0x40002) recvfrom$inet(r2, 0x0, 0x22b41b9a8748b1b5, 0x0, 0x0, 0x800e00510) shutdown(r1, 0x0) ppoll(&(0x7f00000001c0)=[{}, {}], 0x2, &(0x7f0000000100)={0xe4}, 0x0, 0x0) shutdown(r2, 0x0) 22:48:31 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="b4000000020000006600000000000000730135000000000095000000000000004bb5eea0a6ec9fcd4b0a008a8443f22772d945c7e6dd329e4a0587536a9669924c8341ea7244ddb07b7e9912e0dd1a59541f7cbb1548ee5bd627f5b0b8ec77bd6d5f7b543f9aafaabe53339b12fbbe7decc4aa61b8aad0359083bdd61543fbeee8d560bb4b5925fae801f4c91e31674b124a1b3b000000bc4da4a9b3d5cc9e0000f6a7a72900997320a3f6da9f010d41ac79fdd84abbec7d96629491727375b853d34344c60f0061fbe0131f3c7a026d8f00000800000000000000000bd724e9fc3cc004a1097fddc65c1b1b328277ff85ed56b9261eb7bcee28ec2d3616689ab3f31f849eebce6f21e6302003c0467844e000000000db0700bd694a09b253a1c6c7863d3b9cd506231b40a7ab7069790d5b8f7ab45184ca6d9bee429bc7e2e4d219e1d7ebeb51511d9df85a648b1b85f93cb6cd21f93d5ea3da2b31657c065d052d9b9ee00320c9f97ebac25b929b3c15e33be6e7d54e6229427ee8d181d2f18d772fb5c58a936620ba1f5fbb48703ab211f442697edc165b449db2e3c221fbf270a6db414516949b976e459c9b96a1cbe81a38a23f03bd7c1a3e60c2e294f828e0e7e42cb70328f151f949e387aae9d7d2800c8eeae093c05adc9086d3f143a7b87d06838c6525cafdc01820a8912a1641b38333ce1c8456a467b0d9d033edc9da00c8a2b42e8adfeff69fce7a35f79748e3e5b235269310988a05bf7c4e4cef3d1aa550c83d6328eb8fcadb364a02ef99ed50"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x21e, 0x10, &(0x7f00000002c0), 0xfffffffffffffd02}, 0x48) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x200002, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={@cgroup=r1, r0, 0x1}, 0x14) 22:48:31 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)="cb56b6cc0407008b65d8b4ac2ca35c66", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto(r1, 0x0, 0x0, 0x0, 0x0, 0x0) 22:48:31 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="b4000000020000006600000000000000730135000000000095000000000000004bb5eea0a6ec9fcd4b0a008a8443f22772d945c7e6dd329e4a0587536a9669924c8341ea7244ddb07b7e9912e0dd1a59541f7cbb1548ee5bd627f5b0b8ec77bd6d5f7b543f9aafaabe53339b12fbbe7decc4aa61b8aad0359083bdd61543fbeee8d560bb4b5925fae801f4c91e31674b124a1b3b000000bc4da4a9b3d5cc9e0000f6a7a72900997320a3f6da9f010d41ac79fdd84abbec7d96629491727375b853d34344c60f0061fbe0131f3c7a026d8f00000800000000000000000bd724e9fc3cc004a1097fddc65c1b1b328277ff85ed56b9261eb7bcee28ec2d3616689ab3f31f849eebce6f21e6302003c0467844e000000000db0700bd694a09b253a1c6c7863d3b9cd506231b40a7ab7069790d5b8f7ab45184ca6d9bee429bc7e2e4d219e1d7ebeb51511d9df85a648b1b85f93cb6cd21f93d5ea3da2b31657c065d052d9b9ee00320c9f97ebac25b929b3c15e33be6e7d54e6229427ee8d181d2f18d772fb5c58a936620ba1f5fbb48703ab211f442697edc165b449db2e3c221fbf270a6db414516949b976e459c9b96a1cbe81a38a23f03bd7c1a3e60c2e294f828e0e7e42cb70328f151f949e387aae9d7d2800c8eeae093c05adc9086d3f143a7b87d06838c6525cafdc01820a8912a1641b38333ce1c8456a467b0d9d033edc9da00c8a2b42e8adfeff69fce7a35f79748e3e5b235269310988a05bf7c4e4cef3d1aa550c83d6328eb8fcadb364a02ef99ed50"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x21e, 0x10, &(0x7f00000002c0), 0xfffffffffffffd02}, 0x48) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x200002, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={@cgroup=r1, r0, 0x1}, 0x14) 22:48:31 executing program 1: r0 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0x401070cd, &(0x7f0000000240)) 22:48:31 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)="cb56b6cc0407008b65d8b4ac2ca35c66", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto(r1, 0x0, 0x0, 0x0, 0x0, 0x0) 22:48:31 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$procfs(0xffffff9c, &(0x7f0000000640)='/proc/diskstats\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4, 0x21a001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x0, 0xfffffffe, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0x44}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) epoll_create1(0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000555000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="2ef40f0056000fc738f32e0f070f225e66b9800000c00f326635000400000f300f00d7baa000b80f00efb81e008ed866b80500000066b9e0315b050f01c1", 0x3e}], 0x1, 0xe, &(0x7f0000000540)=[@dstype0={0x6, 0x8}], 0x1) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000027c0)=[{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="dba2ae4033a12cac56dfa2705338692c33b4d08c1f1e13ab78076e9cc098621e87ff49165350623717bc52e8ad230199a080ee8266666e3a0bb5", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x14}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002700), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0c00000000000000015389b4980e4d7f42f565612c436b2c92f8a4ce471099c198", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x40, 0x80}], 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:48:31 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)="cb56b6cc0407008b65d8b4ac2ca35c66", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto(r1, 0x0, 0x0, 0x0, 0x0, 0x0) 22:48:31 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)="cb56b6cc0407008b65d8b4ac2ca35c66", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto(r1, 0x0, 0x0, 0x0, 0x0, 0x0) 22:48:31 executing program 0: mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000400)=""/157, 0x9d) close(r0) 22:48:31 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010080000040000000020000000900010073797a300000000048000000030a1d0200000000000000000200fffe0900010073797a30000000001c0004800800024000000000080001400000000008000200000000a60900030073797a32000000002c000000000a030000000000000000e6050000000c00044000000000000000020900010073797a300000000014000000020a3b6000000000000000000000000114000000110001"], 0xd0}}, 0x0) 22:48:31 executing program 0: mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000400)=""/157, 0x9d) close(r0) [ 65.008198][T10311] kvm [10310]: vcpu0, guest rIP: 0xcc ignored wrmsr: 0x11e data 0xbe702111 [ 65.029184][T10311] kvm [10310]: vcpu0, guest rIP: 0xcc disabled perfctr wrmsr: 0xc1 data 0x0 22:48:32 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r0, 0x0, 0x22b41b9a8748b1b5, 0x0, 0x0, 0x800e00510) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000340)=""/71, 0x47}, {0x0}, {0x0}, {0x0}], 0x4}, 0x40002) recvfrom$inet(r2, 0x0, 0x22b41b9a8748b1b5, 0x0, 0x0, 0x800e00510) shutdown(r1, 0x0) ppoll(&(0x7f00000001c0)=[{}, {}], 0x2, &(0x7f0000000100)={0xe4}, 0x0, 0x0) shutdown(r2, 0x0) 22:48:32 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)="cb56b6cc0407008b65d8b4ac2ca35c66", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto(r1, 0x0, 0x0, 0x0, 0x0, 0x0) 22:48:32 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)="cb56b6cc0407008b65d8b4ac2ca35c66", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto(r1, 0x0, 0x0, 0x0, 0x0, 0x0) 22:48:32 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010080000040000000020000000900010073797a300000000048000000030a1d0200000000000000000200fffe0900010073797a30000000001c0004800800024000000000080001400000000008000200000000a60900030073797a32000000002c000000000a030000000000000000e6050000000c00044000000000000000020900010073797a300000000014000000020a3b6000000000000000000000000114000000110001"], 0xd0}}, 0x0) 22:48:32 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$procfs(0xffffff9c, &(0x7f0000000640)='/proc/diskstats\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4, 0x21a001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x0, 0xfffffffe, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0x44}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) epoll_create1(0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000555000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="2ef40f0056000fc738f32e0f070f225e66b9800000c00f326635000400000f300f00d7baa000b80f00efb81e008ed866b80500000066b9e0315b050f01c1", 0x3e}], 0x1, 0xe, &(0x7f0000000540)=[@dstype0={0x6, 0x8}], 0x1) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000027c0)=[{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="dba2ae4033a12cac56dfa2705338692c33b4d08c1f1e13ab78076e9cc098621e87ff49165350623717bc52e8ad230199a080ee8266666e3a0bb5", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x14}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002700), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0c00000000000000015389b4980e4d7f42f565612c436b2c92f8a4ce471099c198", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x40, 0x80}], 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:48:32 executing program 0: mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000400)=""/157, 0x9d) close(r0) 22:48:32 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$procfs(0xffffff9c, &(0x7f0000000640)='/proc/diskstats\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4, 0x21a001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x0, 0xfffffffe, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0x44}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) epoll_create1(0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000555000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="2ef40f0056000fc738f32e0f070f225e66b9800000c00f326635000400000f300f00d7baa000b80f00efb81e008ed866b80500000066b9e0315b050f01c1", 0x3e}], 0x1, 0xe, &(0x7f0000000540)=[@dstype0={0x6, 0x8}], 0x1) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000027c0)=[{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="dba2ae4033a12cac56dfa2705338692c33b4d08c1f1e13ab78076e9cc098621e87ff49165350623717bc52e8ad230199a080ee8266666e3a0bb5", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x14}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002700), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0c00000000000000015389b4980e4d7f42f565612c436b2c92f8a4ce471099c198", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x40, 0x80}], 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:48:32 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$procfs(0xffffff9c, &(0x7f0000000640)='/proc/diskstats\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4, 0x21a001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x0, 0xfffffffe, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0x44}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) epoll_create1(0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000555000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="2ef40f0056000fc738f32e0f070f225e66b9800000c00f326635000400000f300f00d7baa000b80f00efb81e008ed866b80500000066b9e0315b050f01c1", 0x3e}], 0x1, 0xe, &(0x7f0000000540)=[@dstype0={0x6, 0x8}], 0x1) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000027c0)=[{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="dba2ae4033a12cac56dfa2705338692c33b4d08c1f1e13ab78076e9cc098621e87ff49165350623717bc52e8ad230199a080ee8266666e3a0bb5", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x14}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002700), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0c00000000000000015389b4980e4d7f42f565612c436b2c92f8a4ce471099c198", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x40, 0x80}], 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:48:32 executing program 0: mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000400)=""/157, 0x9d) close(r0) 22:48:32 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010080000040000000020000000900010073797a300000000048000000030a1d0200000000000000000200fffe0900010073797a30000000001c0004800800024000000000080001400000000008000200000000a60900030073797a32000000002c000000000a030000000000000000e6050000000c00044000000000000000020900010073797a300000000014000000020a3b6000000000000000000000000114000000110001"], 0xd0}}, 0x0) [ 65.929527][T10354] kvm [10347]: vcpu0, guest rIP: 0xcc ignored wrmsr: 0x11e data 0xbe702111 22:48:32 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$procfs(0xffffff9c, &(0x7f0000000640)='/proc/diskstats\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4, 0x21a001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x0, 0xfffffffe, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0x44}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) epoll_create1(0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000555000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="2ef40f0056000fc738f32e0f070f225e66b9800000c00f326635000400000f300f00d7baa000b80f00efb81e008ed866b80500000066b9e0315b050f01c1", 0x3e}], 0x1, 0xe, &(0x7f0000000540)=[@dstype0={0x6, 0x8}], 0x1) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000027c0)=[{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="dba2ae4033a12cac56dfa2705338692c33b4d08c1f1e13ab78076e9cc098621e87ff49165350623717bc52e8ad230199a080ee8266666e3a0bb5", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x14}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002700), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0c00000000000000015389b4980e4d7f42f565612c436b2c92f8a4ce471099c198", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x40, 0x80}], 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:48:32 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010080000040000000020000000900010073797a300000000048000000030a1d0200000000000000000200fffe0900010073797a30000000001c0004800800024000000000080001400000000008000200000000a60900030073797a32000000002c000000000a030000000000000000e6050000000c00044000000000000000020900010073797a300000000014000000020a3b6000000000000000000000000114000000110001"], 0xd0}}, 0x0) [ 66.025009][T10354] kvm [10347]: vcpu0, guest rIP: 0xcc disabled perfctr wrmsr: 0xc1 data 0x0 [ 66.120057][T10371] kvm [10363]: vcpu0, guest rIP: 0xcc ignored wrmsr: 0x11e data 0xbe702111 [ 66.169130][T10371] kvm [10363]: vcpu0, guest rIP: 0xcc disabled perfctr wrmsr: 0xc1 data 0x0 [ 66.234653][T10365] kvm [10362]: vcpu0, guest rIP: 0xcc ignored wrmsr: 0x11e data 0xbe702111 [ 66.356185][T10371] kvm [10363]: vcpu0, guest rIP: 0xcc ignored wrmsr: 0x11e data 0xbe702111 [ 66.361814][T10365] kvm [10362]: vcpu0, guest rIP: 0xcc disabled perfctr wrmsr: 0xc1 data 0x0 22:48:33 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r0, 0x0, 0x22b41b9a8748b1b5, 0x0, 0x0, 0x800e00510) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000340)=""/71, 0x47}, {0x0}, {0x0}, {0x0}], 0x4}, 0x40002) recvfrom$inet(r2, 0x0, 0x22b41b9a8748b1b5, 0x0, 0x0, 0x800e00510) shutdown(r1, 0x0) ppoll(&(0x7f00000001c0)=[{}, {}], 0x2, &(0x7f0000000100)={0xe4}, 0x0, 0x0) shutdown(r2, 0x0) 22:48:33 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$procfs(0xffffff9c, &(0x7f0000000640)='/proc/diskstats\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4, 0x21a001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x0, 0xfffffffe, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0x44}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) epoll_create1(0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000555000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="2ef40f0056000fc738f32e0f070f225e66b9800000c00f326635000400000f300f00d7baa000b80f00efb81e008ed866b80500000066b9e0315b050f01c1", 0x3e}], 0x1, 0xe, &(0x7f0000000540)=[@dstype0={0x6, 0x8}], 0x1) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000027c0)=[{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="dba2ae4033a12cac56dfa2705338692c33b4d08c1f1e13ab78076e9cc098621e87ff49165350623717bc52e8ad230199a080ee8266666e3a0bb5", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x14}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002700), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0c00000000000000015389b4980e4d7f42f565612c436b2c92f8a4ce471099c198", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x40, 0x80}], 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:48:33 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$procfs(0xffffff9c, &(0x7f0000000640)='/proc/diskstats\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4, 0x21a001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x0, 0xfffffffe, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0x44}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) epoll_create1(0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000555000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="2ef40f0056000fc738f32e0f070f225e66b9800000c00f326635000400000f300f00d7baa000b80f00efb81e008ed866b80500000066b9e0315b050f01c1", 0x3e}], 0x1, 0xe, &(0x7f0000000540)=[@dstype0={0x6, 0x8}], 0x1) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000027c0)=[{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="dba2ae4033a12cac56dfa2705338692c33b4d08c1f1e13ab78076e9cc098621e87ff49165350623717bc52e8ad230199a080ee8266666e3a0bb5", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x14}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002700), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0c00000000000000015389b4980e4d7f42f565612c436b2c92f8a4ce471099c198", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x40, 0x80}], 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:48:33 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$procfs(0xffffff9c, &(0x7f0000000640)='/proc/diskstats\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4, 0x21a001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x0, 0xfffffffe, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0x44}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) epoll_create1(0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000555000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="2ef40f0056000fc738f32e0f070f225e66b9800000c00f326635000400000f300f00d7baa000b80f00efb81e008ed866b80500000066b9e0315b050f01c1", 0x3e}], 0x1, 0xe, &(0x7f0000000540)=[@dstype0={0x6, 0x8}], 0x1) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000027c0)=[{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="dba2ae4033a12cac56dfa2705338692c33b4d08c1f1e13ab78076e9cc098621e87ff49165350623717bc52e8ad230199a080ee8266666e3a0bb5", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x14}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002700), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0c00000000000000015389b4980e4d7f42f565612c436b2c92f8a4ce471099c198", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x40, 0x80}], 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:48:33 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$procfs(0xffffff9c, &(0x7f0000000640)='/proc/diskstats\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4, 0x21a001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x0, 0xfffffffe, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0x44}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) epoll_create1(0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000555000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="2ef40f0056000fc738f32e0f070f225e66b9800000c00f326635000400000f300f00d7baa000b80f00efb81e008ed866b80500000066b9e0315b050f01c1", 0x3e}], 0x1, 0xe, &(0x7f0000000540)=[@dstype0={0x6, 0x8}], 0x1) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000027c0)=[{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="dba2ae4033a12cac56dfa2705338692c33b4d08c1f1e13ab78076e9cc098621e87ff49165350623717bc52e8ad230199a080ee8266666e3a0bb5", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x14}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002700), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0c00000000000000015389b4980e4d7f42f565612c436b2c92f8a4ce471099c198", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x40, 0x80}], 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:48:33 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$procfs(0xffffff9c, &(0x7f0000000640)='/proc/diskstats\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4, 0x21a001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x0, 0xfffffffe, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0x44}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) epoll_create1(0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000555000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="2ef40f0056000fc738f32e0f070f225e66b9800000c00f326635000400000f300f00d7baa000b80f00efb81e008ed866b80500000066b9e0315b050f01c1", 0x3e}], 0x1, 0xe, &(0x7f0000000540)=[@dstype0={0x6, 0x8}], 0x1) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000027c0)=[{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="dba2ae4033a12cac56dfa2705338692c33b4d08c1f1e13ab78076e9cc098621e87ff49165350623717bc52e8ad230199a080ee8266666e3a0bb5", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x14}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002700), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0c00000000000000015389b4980e4d7f42f565612c436b2c92f8a4ce471099c198", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x40, 0x80}], 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 66.767152][T10399] kvm [10395]: vcpu0, guest rIP: 0xcc ignored wrmsr: 0x11e data 0xbe702111 [ 66.814321][T10406] kvm [10398]: vcpu0, guest rIP: 0xcc ignored wrmsr: 0x11e data 0xbe702111 [ 66.823847][T10403] kvm [10396]: vcpu0, guest rIP: 0xcc ignored wrmsr: 0x11e data 0xbe702111 [ 66.838031][T10399] kvm [10395]: vcpu0, guest rIP: 0xcc disabled perfctr wrmsr: 0xc1 data 0x0 [ 66.859712][T10406] kvm [10398]: vcpu0, guest rIP: 0xcc disabled perfctr wrmsr: 0xc1 data 0x0 [ 66.871554][T10403] kvm [10396]: vcpu0, guest rIP: 0xcc disabled perfctr wrmsr: 0xc1 data 0x0 22:48:33 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$procfs(0xffffff9c, &(0x7f0000000640)='/proc/diskstats\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4, 0x21a001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x0, 0xfffffffe, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0x44}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) epoll_create1(0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000555000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="2ef40f0056000fc738f32e0f070f225e66b9800000c00f326635000400000f300f00d7baa000b80f00efb81e008ed866b80500000066b9e0315b050f01c1", 0x3e}], 0x1, 0xe, &(0x7f0000000540)=[@dstype0={0x6, 0x8}], 0x1) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000027c0)=[{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="dba2ae4033a12cac56dfa2705338692c33b4d08c1f1e13ab78076e9cc098621e87ff49165350623717bc52e8ad230199a080ee8266666e3a0bb5", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x14}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002700), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0c00000000000000015389b4980e4d7f42f565612c436b2c92f8a4ce471099c198", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x40, 0x80}], 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 66.925344][T10405] kvm [10394]: vcpu0, guest rIP: 0xcc ignored wrmsr: 0x11e data 0xbe702111 [ 66.947529][T10405] kvm [10394]: vcpu0, guest rIP: 0xcc disabled perfctr wrmsr: 0xc1 data 0x0 [ 66.981464][T10399] kvm [10395]: vcpu0, guest rIP: 0xcc disabled perfctr wrmsr: 0xc2 data 0x0 [ 67.059817][T10403] kvm [10396]: vcpu0, guest rIP: 0xcc disabled perfctr wrmsr: 0xc1 data 0x0 22:48:33 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$procfs(0xffffff9c, &(0x7f0000000640)='/proc/diskstats\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4, 0x21a001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x0, 0xfffffffe, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0x44}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) epoll_create1(0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000555000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="2ef40f0056000fc738f32e0f070f225e66b9800000c00f326635000400000f300f00d7baa000b80f00efb81e008ed866b80500000066b9e0315b050f01c1", 0x3e}], 0x1, 0xe, &(0x7f0000000540)=[@dstype0={0x6, 0x8}], 0x1) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000027c0)=[{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="dba2ae4033a12cac56dfa2705338692c33b4d08c1f1e13ab78076e9cc098621e87ff49165350623717bc52e8ad230199a080ee8266666e3a0bb5", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x14}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002700), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0c00000000000000015389b4980e4d7f42f565612c436b2c92f8a4ce471099c198", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x40, 0x80}], 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:48:33 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$procfs(0xffffff9c, &(0x7f0000000640)='/proc/diskstats\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4, 0x21a001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x0, 0xfffffffe, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0x44}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) epoll_create1(0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000555000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="2ef40f0056000fc738f32e0f070f225e66b9800000c00f326635000400000f300f00d7baa000b80f00efb81e008ed866b80500000066b9e0315b050f01c1", 0x3e}], 0x1, 0xe, &(0x7f0000000540)=[@dstype0={0x6, 0x8}], 0x1) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000027c0)=[{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="dba2ae4033a12cac56dfa2705338692c33b4d08c1f1e13ab78076e9cc098621e87ff49165350623717bc52e8ad230199a080ee8266666e3a0bb5", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x14}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002700), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0c00000000000000015389b4980e4d7f42f565612c436b2c92f8a4ce471099c198", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x40, 0x80}], 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:48:33 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$procfs(0xffffff9c, &(0x7f0000000640)='/proc/diskstats\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4, 0x21a001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x0, 0xfffffffe, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0x44}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) epoll_create1(0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000555000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="2ef40f0056000fc738f32e0f070f225e66b9800000c00f326635000400000f300f00d7baa000b80f00efb81e008ed866b80500000066b9e0315b050f01c1", 0x3e}], 0x1, 0xe, &(0x7f0000000540)=[@dstype0={0x6, 0x8}], 0x1) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000027c0)=[{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="dba2ae4033a12cac56dfa2705338692c33b4d08c1f1e13ab78076e9cc098621e87ff49165350623717bc52e8ad230199a080ee8266666e3a0bb5", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x14}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002700), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0c00000000000000015389b4980e4d7f42f565612c436b2c92f8a4ce471099c198", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x40, 0x80}], 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 67.195921][T10427] kvm [10426]: vcpu0, guest rIP: 0xcc ignored wrmsr: 0x11e data 0xbe702111 22:48:33 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$procfs(0xffffff9c, &(0x7f0000000640)='/proc/diskstats\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4, 0x21a001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x0, 0xfffffffe, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0x44}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) epoll_create1(0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000555000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="2ef40f0056000fc738f32e0f070f225e66b9800000c00f326635000400000f300f00d7baa000b80f00efb81e008ed866b80500000066b9e0315b050f01c1", 0x3e}], 0x1, 0xe, &(0x7f0000000540)=[@dstype0={0x6, 0x8}], 0x1) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000027c0)=[{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="dba2ae4033a12cac56dfa2705338692c33b4d08c1f1e13ab78076e9cc098621e87ff49165350623717bc52e8ad230199a080ee8266666e3a0bb5", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x14}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002700), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0c00000000000000015389b4980e4d7f42f565612c436b2c92f8a4ce471099c198", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x40, 0x80}], 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:48:33 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$procfs(0xffffff9c, &(0x7f0000000640)='/proc/diskstats\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4, 0x21a001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x0, 0xfffffffe, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0x44}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) epoll_create1(0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000555000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="2ef40f0056000fc738f32e0f070f225e66b9800000c00f326635000400000f300f00d7baa000b80f00efb81e008ed866b80500000066b9e0315b050f01c1", 0x3e}], 0x1, 0xe, &(0x7f0000000540)=[@dstype0={0x6, 0x8}], 0x1) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000027c0)=[{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="dba2ae4033a12cac56dfa2705338692c33b4d08c1f1e13ab78076e9cc098621e87ff49165350623717bc52e8ad230199a080ee8266666e3a0bb5", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x14}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002700), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0c00000000000000015389b4980e4d7f42f565612c436b2c92f8a4ce471099c198", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x40, 0x80}], 0x2, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:48:33 executing program 2: mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000400)=""/157, 0x9d) close(r0) 22:48:34 executing program 4: socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) sendmsg$sock(r0, &(0x7f0000001480)={0x0, 0x0, 0x0}, 0x0) 22:48:34 executing program 0: r0 = socket$inet(0x2, 0x3, 0x80000000002) setsockopt$inet_int(r0, 0x0, 0xc8, &(0x7f0000000080), 0x4) setsockopt$inet_int(r0, 0x0, 0xd1, 0x0, 0x0) 22:48:34 executing program 1: set_mempolicy(0x4001, &(0x7f0000000000)=0x802000000001, 0x4) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/timer\x00', 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f00000000c0)={{0x3}}) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000000000)=""/80) 22:48:34 executing program 2: mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000400)=""/157, 0x9d) close(r0) 22:48:34 executing program 4: socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) sendmsg$sock(r0, &(0x7f0000001480)={0x0, 0x0, 0x0}, 0x0) 22:48:34 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f0000000140)={0x16, 0x98, 0xfa00, {0x0, 0x0, 0xffffffffffffffff, 0x1c, 0x2, @in6={0xa, 0x0, 0x0, @remote}}}, 0xa0) 22:48:34 executing program 1: set_mempolicy(0x4001, &(0x7f0000000000)=0x802000000001, 0x4) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/timer\x00', 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f00000000c0)={{0x3}}) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000000000)=""/80) 22:48:34 executing program 0: r0 = socket$inet(0x2, 0x3, 0x80000000002) setsockopt$inet_int(r0, 0x0, 0xc8, &(0x7f0000000080), 0x4) setsockopt$inet_int(r0, 0x0, 0xd1, 0x0, 0x0) 22:48:34 executing program 2: mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000400)=""/157, 0x9d) close(r0) 22:48:34 executing program 4: socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) sendmsg$sock(r0, &(0x7f0000001480)={0x0, 0x0, 0x0}, 0x0) 22:48:34 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f0000000140)={0x16, 0x98, 0xfa00, {0x0, 0x0, 0xffffffffffffffff, 0x1c, 0x2, @in6={0xa, 0x0, 0x0, @remote}}}, 0xa0) 22:48:34 executing program 5: set_mempolicy(0x4001, &(0x7f0000000000)=0x802000000001, 0x4) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/timer\x00', 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f00000000c0)={{0x3}}) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000000000)=""/80) 22:48:34 executing program 1: set_mempolicy(0x4001, &(0x7f0000000000)=0x802000000001, 0x4) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/timer\x00', 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f00000000c0)={{0x3}}) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000000000)=""/80) 22:48:34 executing program 2: set_mempolicy(0x4001, &(0x7f0000000000)=0x802000000001, 0x4) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/timer\x00', 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f00000000c0)={{0x3}}) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000000000)=""/80) 22:48:34 executing program 4: socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) sendmsg$sock(r0, &(0x7f0000001480)={0x0, 0x0, 0x0}, 0x0) 22:48:34 executing program 0: r0 = socket$inet(0x2, 0x3, 0x80000000002) setsockopt$inet_int(r0, 0x0, 0xc8, &(0x7f0000000080), 0x4) setsockopt$inet_int(r0, 0x0, 0xd1, 0x0, 0x0) 22:48:34 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f0000000140)={0x16, 0x98, 0xfa00, {0x0, 0x0, 0xffffffffffffffff, 0x1c, 0x2, @in6={0xa, 0x0, 0x0, @remote}}}, 0xa0) 22:48:34 executing program 5: set_mempolicy(0x4001, &(0x7f0000000000)=0x802000000001, 0x4) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/timer\x00', 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f00000000c0)={{0x3}}) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000000000)=""/80) 22:48:34 executing program 1: set_mempolicy(0x4001, &(0x7f0000000000)=0x802000000001, 0x4) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/timer\x00', 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f00000000c0)={{0x3}}) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000000000)=""/80) 22:48:34 executing program 2: set_mempolicy(0x4001, &(0x7f0000000000)=0x802000000001, 0x4) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/timer\x00', 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f00000000c0)={{0x3}}) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000000000)=""/80) 22:48:34 executing program 0: r0 = socket$inet(0x2, 0x3, 0x80000000002) setsockopt$inet_int(r0, 0x0, 0xc8, &(0x7f0000000080), 0x4) setsockopt$inet_int(r0, 0x0, 0xd1, 0x0, 0x0) 22:48:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x49, 0x0, 0x2}]}) 22:48:34 executing program 5: set_mempolicy(0x4001, &(0x7f0000000000)=0x802000000001, 0x4) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/timer\x00', 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f00000000c0)={{0x3}}) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000000000)=""/80) 22:48:34 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f0000000140)={0x16, 0x98, 0xfa00, {0x0, 0x0, 0xffffffffffffffff, 0x1c, 0x2, @in6={0xa, 0x0, 0x0, @remote}}}, 0xa0) 22:48:34 executing program 2: set_mempolicy(0x4001, &(0x7f0000000000)=0x802000000001, 0x4) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/timer\x00', 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f00000000c0)={{0x3}}) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000000000)=""/80) 22:48:34 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000000)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000001c0)={0x2, 0x1, 0x0, "bcfef99a08a04181a2886d664a2e4bcf8a53b7f7ef800a4078972d66d875fafc"}) 22:48:34 executing program 0: r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) bind(r0, &(0x7f0000000140)=@tipc=@nameseq={0x1e, 0x1, 0x48a02afb7101048d, {0x43}}, 0x80) 22:48:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x49, 0x0, 0x2}]}) 22:48:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x49, 0x0, 0x2}]}) 22:48:34 executing program 5: r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) write$apparmor_exec(r0, 0x0, 0xd) 22:48:34 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x2, 0x2, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 22:48:34 executing program 0: r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) bind(r0, &(0x7f0000000140)=@tipc=@nameseq={0x1e, 0x1, 0x48a02afb7101048d, {0x43}}, 0x80) 22:48:34 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000000)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000001c0)={0x2, 0x1, 0x0, "bcfef99a08a04181a2886d664a2e4bcf8a53b7f7ef800a4078972d66d875fafc"}) 22:48:34 executing program 5: r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) write$apparmor_exec(r0, 0x0, 0xd) 22:48:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x49, 0x0, 0x2}]}) 22:48:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x49, 0x0, 0x2}]}) 22:48:34 executing program 2: r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) write$apparmor_exec(r0, 0x0, 0xd) 22:48:34 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000000)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000001c0)={0x2, 0x1, 0x0, "bcfef99a08a04181a2886d664a2e4bcf8a53b7f7ef800a4078972d66d875fafc"}) 22:48:34 executing program 0: r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) bind(r0, &(0x7f0000000140)=@tipc=@nameseq={0x1e, 0x1, 0x48a02afb7101048d, {0x43}}, 0x80) 22:48:34 executing program 5: r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) write$apparmor_exec(r0, 0x0, 0xd) 22:48:35 executing program 2: r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) write$apparmor_exec(r0, 0x0, 0xd) 22:48:35 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x49, 0x0, 0x2}]}) 22:48:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x49, 0x0, 0x2}]}) 22:48:35 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000000)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000001c0)={0x2, 0x1, 0x0, "bcfef99a08a04181a2886d664a2e4bcf8a53b7f7ef800a4078972d66d875fafc"}) 22:48:35 executing program 0: r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) bind(r0, &(0x7f0000000140)=@tipc=@nameseq={0x1e, 0x1, 0x48a02afb7101048d, {0x43}}, 0x80) 22:48:35 executing program 5: r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) write$apparmor_exec(r0, 0x0, 0xd) 22:48:35 executing program 2: r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) write$apparmor_exec(r0, 0x0, 0xd) 22:48:35 executing program 1: r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) bind(r0, &(0x7f0000000140)=@tipc=@nameseq={0x1e, 0x1, 0x48a02afb7101048d, {0x43}}, 0x80) 22:48:35 executing program 4: r0 = socket(0x40000000015, 0x805, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc], [], @local}}, 0x1c) getsockname$packet(r0, 0x0, &(0x7f0000000140)) 22:48:35 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000100)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e8ba63b66788a341cca555fedbe9d8f3b423cdacfa7e32fe0231368b2264f9c504c9f1f65515b0e1a38d8665522be18bd10a48b043d2c42646d25dfd73d06d7535f7866970e9f03d124cd0293bfae5ca5c9f07dc6751df1394e757fa1bd904006271d065a0e3ccae6603173a649c1a1a4d3975b98848bf0f8b6587d452d64e7cc957d77578f4c35235138d5521f9653559bea8a860e8efbc6f2b2a3e3173d5de1b5e64a6ec7ae0dab5d91cec3da386621441ecda46c4b8ac49a510ce03cf02a76d33ad825bc8f83ab94442038bb385ab3a20b71a81c662904f7fd84a468290bb122fcccc82a6c97c99dbe195038d6248aef9e6fcbba90289e6dd466adf83f94c854476f8cdfcdb4f3c7b94b89f26c972058761c819054c90cc8a09063fef84ce"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='sys_exit\x00', r0}, 0x10) keyctl$get_keyring_id(0x300, 0x0, 0x0) 22:48:35 executing program 3: socket$inet6(0xa, 0x800000000000002, 0x0) socket$packet(0x11, 0x2, 0x300) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) socket$nl_generic(0x10, 0x3, 0x10) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000100)=0x2, 0x4) socket$netlink(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) sendto$packet(r1, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14) 22:48:35 executing program 5: openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x6, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)) write$cgroup_subtree(r0, &(0x7f0000000480)=ANY=[@ANYBLOB="f5b2283bfb044b"], 0xfd45) [ 68.888137][T10593] ================================================================== [ 68.896243][T10593] BUG: KCSAN: data-race in ext4_mark_iloc_dirty / find_inode_bit [ 68.903967][T10593] [ 68.906283][T10593] write to 0xffff888134644014 of 4 bytes by task 10594 on cpu 0: [ 68.913997][T10593] ext4_mark_iloc_dirty+0x8a4/0x16e0 [ 68.919288][T10593] __ext4_mark_inode_dirty+0x4cd/0x5d0 [ 68.924746][T10593] ext4_ext_tree_init+0x7e/0x90 [ 68.929602][T10593] __ext4_new_inode+0x2a90/0x3060 [ 68.934624][T10593] ext4_symlink+0x2bc/0x780 [ 68.939125][T10593] vfs_symlink+0x216/0x2d0 [ 68.943553][T10593] do_symlinkat+0xee/0x280 [ 68.947985][T10593] __x64_sys_symlink+0x32/0x40 [ 68.952743][T10593] do_syscall_64+0x39/0x80 [ 68.957165][T10593] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 68.963064][T10593] [ 68.965380][T10593] read to 0xffff888134644014 of 4 bytes by task 10593 on cpu 1: [ 68.973014][T10593] find_inode_bit+0x227/0x3a0 [ 68.977700][T10593] __ext4_new_inode+0xd22/0x3060 [ 68.982657][T10593] ext4_symlink+0x2bc/0x780 [ 68.987209][T10593] vfs_symlink+0x216/0x2d0 [ 68.991634][T10593] do_symlinkat+0xee/0x280 [ 68.996060][T10593] __x64_sys_symlink+0x32/0x40 [ 69.000837][T10593] do_syscall_64+0x39/0x80 [ 69.005265][T10593] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 69.011156][T10593] [ 69.013467][T10593] Reported by Kernel Concurrency Sanitizer on: [ 69.019971][T10593] CPU: 1 PID: 10593 Comm: syz-executor.1 Not tainted 5.11.0-rc4-syzkaller #0 [ 69.028746][T10593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.038815][T10593] ================================================================== [ 69.046893][T10593] Kernel panic - not syncing: panic_on_warn set ... [ 69.053469][T10593] CPU: 1 PID: 10593 Comm: syz-executor.1 Not tainted 5.11.0-rc4-syzkaller #0 [ 69.062224][T10593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.072275][T10593] Call Trace: [ 69.075550][T10593] dump_stack+0x116/0x15d [ 69.079877][T10593] panic+0x1e7/0x5fa [ 69.084348][T10593] ? vprintk_emit+0x2e2/0x360 [ 69.089038][T10593] kcsan_report+0x67b/0x680 [ 69.093546][T10593] ? kcsan_setup_watchpoint+0x47b/0x4e0 [ 69.099090][T10593] ? find_inode_bit+0x227/0x3a0 [ 69.103945][T10593] ? __ext4_new_inode+0xd22/0x3060 [ 69.109052][T10593] ? ext4_symlink+0x2bc/0x780 [ 69.113725][T10593] ? vfs_symlink+0x216/0x2d0 [ 69.118310][T10593] ? do_symlinkat+0xee/0x280 [ 69.122897][T10593] ? __x64_sys_symlink+0x32/0x40 [ 69.127827][T10593] ? do_syscall_64+0x39/0x80 [ 69.132413][T10593] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 69.138480][T10593] ? ___cache_free+0x3c/0x2f0 [ 69.143152][T10593] ? prandom_u32_state+0x9/0x80 [ 69.148003][T10593] kcsan_setup_watchpoint+0x47b/0x4e0 [ 69.153370][T10593] find_inode_bit+0x227/0x3a0 [ 69.158047][T10593] __ext4_new_inode+0xd22/0x3060 [ 69.162985][T10593] ext4_symlink+0x2bc/0x780 [ 69.167484][T10593] ? bpf_lsm_inode_symlink+0x5/0x10 [ 69.172762][T10593] vfs_symlink+0x216/0x2d0 [ 69.177179][T10593] do_symlinkat+0xee/0x280 [ 69.181680][T10593] __x64_sys_symlink+0x32/0x40 [ 69.186439][T10593] do_syscall_64+0x39/0x80 [ 69.190851][T10593] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 69.196745][T10593] RIP: 0033:0x45df47 [ 69.200638][T10593] Code: 0f 1f 00 b8 5c 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 58 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 69.220237][T10593] RSP: 002b:00007ffdc6aa55d8 EFLAGS: 00000206 ORIG_RAX: 0000000000000058 [ 69.228650][T10593] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045df47 [ 69.236616][T10593] RDX: 00007ffdc6aa5693 RSI: 00000000004c3c8c RDI: 00007ffdc6aa5680 [ 69.244583][T10593] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000013 [ 69.252547][T10593] R10: 0000000000000075 R11: 0000000000000206 R12: 0000000000000000 [ 69.260512][T10593] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 [ 69.269004][T10593] Kernel Offset: disabled [ 69.273344][T10593] Rebooting in 86400 seconds..