last executing test programs: 8m35.404339205s ago: executing program 3 (id=313): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) setxattr$trusted_overlay_origin(&(0x7f0000000440)='./file0\x00', &(0x7f0000000500), 0x0, 0x0, 0x1) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x80}}]}, {0x2}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket(0x2c, 0x4, 0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[]) chdir(&(0x7f0000000300)='./file0\x00') r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0) r5 = inotify_init() inotify_add_watch(r5, 0x0, 0x20000002) getsockname$packet(r4, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000640)={'#! ', './file0', [{}, {0x20, 'rp\xee\xff\xe4'}, {0x20, '\x12~\x85\xecZ@\xb5\x18\xec\x182\xc9L\xdc\xb2\x81\xdam\xa8\xc5{\x92\x14\xce\xf2\xb8\xf7\xa9\xa7\x00X \x93t\x91!%\xff\x13\xdc\aIY\x0e\xb4zh\\\x06\r\xe8^Z\x81\xb8$:P\x83\x98_\xa1\x98\xd6\xd2g-\xefr\x14<\xd1\xb84\x94\xa09\x9f\x12I\xed\xd5dT#f\xb4\xf3\x88\xcf\xde\x00\xd4\x81WN\xca\xb5c\xbf\r\xb0Q\xa9\xbaC\xd2\xa2\x1d~\xc5D(\x92A\x12f\x83fn\xd0\xb6\x02\x116t:|\x94\xc7\xac\xf6\xbc~m\xd6\xd1\xe5\xe0\xdd\xc2\x9cl#\x85\xab\xe7\xa9\xcb\"\xd2\x97\x10\xa5\xa8\xc1\x8d@U\a]Gi^\xd2\xdf\xb0\xa5!\x836\x92\xc9\x92\xe4'}], 0xa, "7bad65c4da5338577feb172ca63250224c76e2027f000000000000007e2ac7fe2e31a2e87e3ee43ed92dfbb6bc0700de24db4ec870b8000000000000002c65e7495fe9afeb28bb60e91e23e104f6dbbf40e1fc2ab1a77fd9f6414e438f03"}, 0xfffffc43) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x2c, &(0x7f00000001c0)={&(0x7f00000000c0)={0x28, r0, 0x105, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0x65}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x50) 8m34.470905086s ago: executing program 3 (id=317): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) socket(0x2, 0x80805, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) r1 = openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0) ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x3) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000006207000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f000000a200)='afs_cell\x00', r2}, 0x10) r3 = fsopen(&(0x7f0000000040)='afs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000300)='source', &(0x7f00000000c0)='%(,:', 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bind$inet6(0xffffffffffffffff, 0x0, 0x0) close(0xffffffffffffffff) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r5, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) r6 = socket$kcm(0x2d, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r6, 0x89e0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) r7 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0) fcntl$setlease(r7, 0x400, 0x0) mq_unlink(&(0x7f0000000340)='eth0\x00') close(r7) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) 8m33.364788091s ago: executing program 3 (id=321): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, 0x0, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x14, 0x2, 0x6, 0x5, 0x0, 0x0, {0x6, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x4000081}, 0x20000804) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, 0x0, 0x0, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x15) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x0, @empty=0x1000000}, 0x10, &(0x7f00000000c0)=[{0x0}], 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB='\x00'/16], 0x14}, 0x0) socket$rxrpc(0x21, 0x2, 0xa) syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xffffffffffffff2b) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) readv(r4, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/214, 0xd6}], 0x1) sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100001e0001eb25bd70000000000001"], 0x114}], 0x1}, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) r6 = openat$comedi(0xffffff9c, &(0x7f0000000100)='/dev/comedi3\x00', 0x1, 0x0) ioctl$COMEDI_CMDTEST(r6, 0x8040640a, &(0x7f0000000080)={0x0, 0x30000, 0x2, 0x9, 0x1, 0x8, 0x0, 0x8, 0x1c0, 0x9845, 0x2, 0x1, 0x0, 0x0, 0x0}) 8m31.595409864s ago: executing program 3 (id=326): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) setxattr$trusted_overlay_origin(&(0x7f0000000440)='./file0\x00', &(0x7f0000000500), 0x0, 0x0, 0x1) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x80}}]}, {0x2}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket(0x2c, 0x4, 0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[]) chdir(&(0x7f0000000300)='./file0\x00') r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0) r5 = inotify_init() inotify_add_watch(r5, 0x0, 0x20000002) getsockname$packet(r4, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000640)={'#! ', './file0', [{}, {0x20, 'rp\xee\xff\xe4'}, {0x20, '\x12~\x85\xecZ@\xb5\x18\xec\x182\xc9L\xdc\xb2\x81\xdam\xa8\xc5{\x92\x14\xce\xf2\xb8\xf7\xa9\xa7\x00X \x93t\x91!%\xff\x13\xdc\aIY\x0e\xb4zh\\\x06\r\xe8^Z\x81\xb8$:P\x83\x98_\xa1\x98\xd6\xd2g-\xefr\x14<\xd1\xb84\x94\xa09\x9f\x12I\xed\xd5dT#f\xb4\xf3\x88\xcf\xde\x00\xd4\x81WN\xca\xb5c\xbf\r\xb0Q\xa9\xbaC\xd2\xa2\x1d~\xc5D(\x92A\x12f\x83fn\xd0\xb6\x02\x116t:|\x94\xc7\xac\xf6\xbc~m\xd6\xd1\xe5\xe0\xdd\xc2\x9cl#\x85\xab\xe7\xa9\xcb\"\xd2\x97\x10\xa5\xa8\xc1\x8d@U\a]Gi^\xd2\xdf\xb0\xa5!\x836\x92\xc9\x92\xe4'}], 0xa, "7bad65c4da5338577feb172ca63250224c76e2027f000000000000007e2ac7fe2e31a2e87e3ee43ed92dfbb6bc0700de24db4ec870b8000000000000002c65e7495fe9afeb28bb60e91e23e104f6dbbf40e1fc2ab1a77fd9f6414e438f03"}, 0xfffffc43) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x2c, &(0x7f00000001c0)={&(0x7f00000000c0)={0x28, r0, 0x105, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0x65}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x50) 8m29.388417508s ago: executing program 3 (id=330): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000600)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000001b00)={'syz_tun\x00', &(0x7f0000001ac0)=@ethtool_cmd={0x27, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x3}}) socket$kcm(0x21, 0x2, 0x2) pipe(&(0x7f0000000080)) syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)) socket(0x10, 0x803, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(0xffffffffffffffff, &(0x7f0000000440), 0x0, 0x0) rseq(&(0x7f0000000040), 0x20, 0x0, 0x0) futex(&(0x7f0000004000), 0x5, 0x0, 0x0, &(0x7f0000004000), 0xa3020000) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x440001, 0x4) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = syz_open_dev$sndctrl(0x0, 0x1, 0xa480) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, 0x0) io_submit(0x0, 0x1, &(0x7f0000000080)=[0x0]) timer_create(0x1, &(0x7f00000000c0)={0x0, 0x18, 0x4}, &(0x7f0000000140)=0x0) timer_gettime(r3, 0x0) openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/clear_refs\x00', 0x1, 0x0) r4 = eventfd(0x0) poll(&(0x7f0000000100)=[{r4}], 0x1, 0x1ff) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) 8m28.912175813s ago: executing program 3 (id=334): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, 0x0, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x14, 0x2, 0x6, 0x5, 0x0, 0x0, {0x6, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x4000081}, 0x20000804) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, 0x0, 0x0, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x15) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x0, @empty=0x1000000}, 0x10, &(0x7f00000000c0)=[{0x0}], 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB='\x00'/16], 0x14}, 0x0) socket$rxrpc(0x21, 0x2, 0xa) syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xffffffffffffff2b) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) readv(r4, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/214, 0xd6}], 0x1) sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100001e0001eb25bd70000000000001"], 0x114}], 0x1}, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) r6 = openat$comedi(0xffffff9c, &(0x7f0000000100)='/dev/comedi3\x00', 0x1, 0x0) ioctl$COMEDI_CMDTEST(r6, 0x8040640a, &(0x7f0000000080)={0x0, 0x30000, 0x2, 0x9, 0x1, 0x8, 0x0, 0x8, 0x1c0, 0x9845, 0x2, 0x1, 0x0, 0x0, 0x0}) 8m28.900473633s ago: executing program 32 (id=334): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, 0x0, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x14, 0x2, 0x6, 0x5, 0x0, 0x0, {0x6, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x4000081}, 0x20000804) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, 0x0, 0x0, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x15) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x0, @empty=0x1000000}, 0x10, &(0x7f00000000c0)=[{0x0}], 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB='\x00'/16], 0x14}, 0x0) socket$rxrpc(0x21, 0x2, 0xa) syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xffffffffffffff2b) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) readv(r4, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/214, 0xd6}], 0x1) sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100001e0001eb25bd70000000000001"], 0x114}], 0x1}, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) r6 = openat$comedi(0xffffff9c, &(0x7f0000000100)='/dev/comedi3\x00', 0x1, 0x0) ioctl$COMEDI_CMDTEST(r6, 0x8040640a, &(0x7f0000000080)={0x0, 0x30000, 0x2, 0x9, 0x1, 0x8, 0x0, 0x8, 0x1c0, 0x9845, 0x2, 0x1, 0x0, 0x0, 0x0}) 7m52.645970222s ago: executing program 4 (id=460): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xb, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x18}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$can_raw(0x1d, 0x3, 0x1) r1 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r1, &(0x7f0000000000), 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x800, 0x70bd2b, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x84042, 0x0) openat$audio(0xffffffffffffff9c, 0x0, 0x40000000101a81, 0x0) r5 = socket$inet6(0xa, 0x3, 0x4) setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000001f40)={0x9, {{0xa, 0x0, 0x3, @mcast2}}, {{0xa, 0x2, 0x4, @ipv4={'\x00', '\xff\xff', @local}, 0xfffffff8}}}, 0x108) setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, 0x0, 0x0) setsockopt$inet6_MCAST_MSFILTER(r5, 0x29, 0x30, &(0x7f0000000580)=ANY=[@ANYBLOB="090000000a00004000000003ff020000000000000000000000000001f300"/70], 0x8c) r6 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r6, &(0x7f00000001c0), 0x10) dup3(r0, r1, 0x0) unshare(0x20000600) bpf$LINK_DETACH(0x22, 0x0, 0x0) 7m51.046666957s ago: executing program 4 (id=463): r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfc, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0x100000f}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) r5 = socket$kcm(0x29, 0x5, 0x0) write$cgroup_pressure(r5, &(0x7f0000000140)={'full'}, 0xfffffdef) dup(0xffffffffffffffff) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc2c45512, &(0x7f0000000640)={{0x7, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0xffffffff, 0xffbf, 0x8, 0xfffffffd, 0x80000001, 0x0, 0xfffffffe, 0xfffffffd, 0xfffffffc, 0x0, 0x400006, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffd, 0x9, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x40, 0x7fffffff, 0x0, 0x0, 0x0, 0x6, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4, 0x20000000, 0x2, 0x3, 0x0, 0x0, 0x4, 0x0, 0x68, 0x0, 0x20000000, 0x3, 0x7fff, 0x0, 0x800, 0x402, 0x0, 0x8, 0x4, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x408, 0x0, 0x0, 0x9, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffd, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc]}) ioctl$IOCTL_STOP_ACCEL_DEV(r0, 0x541b, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x32) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r6, &(0x7f00000025c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}}, {{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x20000004}}], 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x4e24, @remote}, 0xfffffffffffffeca) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002300)=[{{&(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000080)="640f", 0x2}], 0x1}}], 0x1, 0x2000c000) getpeername$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @broadcast}, &(0x7f00000001c0)=0x4) 7m50.2008178s ago: executing program 4 (id=465): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x45) r3 = accept4(r2, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r3) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x46014}, 0x2404c880) recvmmsg(r3, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb47, 0x9, 0x8, 0x80000001, 0x3}, 0x0) ioctl$TIOCMGET(0xffffffffffffffff, 0x541e, &(0x7f0000000040)) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080)={0x40000014}) r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x0, 0x0) renameat(r4, &(0x7f00000004c0)='./cgroup.net/devices.allow\x00', r4, &(0x7f0000000500)='./cgroup.net/cgroup.procs\x00') r5 = gettid() ioctl$BLKTRACESETUP(r4, 0xc0401273, &(0x7f00000002c0)={'\x00', 0x5, 0x1, 0x6, 0x439f, 0x101, r5}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0) rt_sigqueueinfo(0x0, 0xe, &(0x7f00000004c0)={0x22, 0x6, 0x7}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0) 7m48.510176595s ago: executing program 4 (id=467): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) setxattr$trusted_overlay_origin(&(0x7f0000000440)='./file0\x00', &(0x7f0000000500), 0x0, 0x0, 0x1) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x80}}]}, {0x2}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket(0x2c, 0x4, 0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[]) chdir(&(0x7f0000000300)='./file0\x00') r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0) r5 = inotify_init() inotify_add_watch(r5, 0x0, 0x20000002) getsockname$packet(r4, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000640)={'#! ', './file0', [{}, {0x20, 'rp\xee\xff\xe4'}, {0x20, '\x12~\x85\xecZ@\xb5\x18\xec\x182\xc9L\xdc\xb2\x81\xdam\xa8\xc5{\x92\x14\xce\xf2\xb8\xf7\xa9\xa7\x00X \x93t\x91!%\xff\x13\xdc\aIY\x0e\xb4zh\\\x06\r\xe8^Z\x81\xb8$:P\x83\x98_\xa1\x98\xd6\xd2g-\xefr\x14<\xd1\xb84\x94\xa09\x9f\x12I\xed\xd5dT#f\xb4\xf3\x88\xcf\xde\x00\xd4\x81WN\xca\xb5c\xbf\r\xb0Q\xa9\xbaC\xd2\xa2\x1d~\xc5D(\x92A\x12f\x83fn\xd0\xb6\x02\x116t:|\x94\xc7\xac\xf6\xbc~m\xd6\xd1\xe5\xe0\xdd\xc2\x9cl#\x85\xab\xe7\xa9\xcb\"\xd2\x97\x10\xa5\xa8\xc1\x8d@U\a]Gi^\xd2\xdf\xb0\xa5!\x836\x92\xc9\x92\xe4'}], 0xa, "7bad65c4da5338577feb172ca63250224c76e2027f000000000000007e2ac7fe2e31a2e87e3ee43ed92dfbb6bc0700de24db4ec870b8000000000000002c65e7495fe9afeb28bb60e91e23e104f6dbbf40e1fc2ab1a77fd9f6414e438f03"}, 0xfffffc43) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x2c, &(0x7f00000001c0)={&(0x7f00000000c0)={0x28, r0, 0x105, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0x65}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x50) 7m46.861072346s ago: executing program 4 (id=469): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$isdn(0x22, 0x2, 0x25) io_uring_register$IORING_REGISTER_PBUF_RING(0xffffffffffffffff, 0x1f, &(0x7f00000004c0)={&(0x7f0000001000)}, 0x1) r5 = socket$isdn(0x22, 0x2, 0x22) dup3(r4, r5, 0x0) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) r6 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r6, &(0x7f00000017c0)=[{{&(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000180), 0x1}], 0x1}}, {{&(0x7f00000002c0)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000100)="a7", 0x1}], 0x1e}}], 0x2, 0x0) r7 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f00000003c0)={r8, 0x0, 0x20}, 0xc) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r3, 0x0, 0x80) r9 = syz_open_dev$tty1(0xc, 0x4, 0x1) rt_sigprocmask(0x2, &(0x7f0000000000)={[0x4, 0x5559]}, &(0x7f0000000040), 0x8) r10 = syz_io_uring_setup(0x495, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x3, 0xd7}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r11, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r11, r12, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r9, 0x4, 0x0}) io_uring_enter(r10, 0x3516, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1ff, 0x3, 0xffff1000, 0x1000, &(0x7f0000000000/0x1000)=nil}) mmap$KVM_VCPU(&(0x7f0000d93000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) 7m46.471976007s ago: executing program 4 (id=472): socket$nl_route(0x10, 0x3, 0x0) r0 = socket(0x10, 0x803, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet6(0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0xc8000) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e24, 0x41, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7}, 0x1c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080) socket$inet_smc(0x2b, 0x1, 0x0) r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f0000001340)) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x8, 0x8, 0xfffffffffffffffc, 0x0, 0x2}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0xffffffffffffffff}, 0x0, 0x0) write$dsp(r4, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000000880)={{{@in6=@remote, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in=@multicast1}}, &(0x7f00000006c0)=0xe4) quotactl_fd$Q_GETINFO(r0, 0xffffffff80000501, r6, &(0x7f0000000700)) sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="0100280000000000000004000000200001800d0001007564703a73797a32"], 0x34}}, 0x4040) r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r7, 0xc0105500, &(0x7f0000000000)={0x20, 0xc, 0x3, 0x0, 0x0, 0xfffffffd, 0x0}) 7m46.449052734s ago: executing program 33 (id=472): socket$nl_route(0x10, 0x3, 0x0) r0 = socket(0x10, 0x803, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet6(0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0xc8000) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e24, 0x41, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7}, 0x1c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080) socket$inet_smc(0x2b, 0x1, 0x0) r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f0000001340)) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x8, 0x8, 0xfffffffffffffffc, 0x0, 0x2}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0xffffffffffffffff}, 0x0, 0x0) write$dsp(r4, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000000880)={{{@in6=@remote, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in=@multicast1}}, &(0x7f00000006c0)=0xe4) quotactl_fd$Q_GETINFO(r0, 0xffffffff80000501, r6, &(0x7f0000000700)) sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="0100280000000000000004000000200001800d0001007564703a73797a32"], 0x34}}, 0x4040) r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r7, 0xc0105500, &(0x7f0000000000)={0x20, 0xc, 0x3, 0x0, 0x0, 0xfffffffd, 0x0}) 7m36.520198789s ago: executing program 0 (id=501): socket$inet6(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) socket$igmp6(0xa, 0x3, 0x2) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$nl_rdma(0x10, 0x3, 0x14) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x40c}, 0x0) syz_usb_connect(0x0, 0x5f, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19) syz_open_dev$sndmidi(0x0, 0x80000001, 0x439143) r2 = dup(0xffffffffffffffff) ioctl$DRM_IOCTL_GET_MAP(r2, 0xc0286404, &(0x7f0000000140)={&(0x7f0000329000/0x4000)=nil}) ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, &(0x7f0000000100)=0x3) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0x13, 0x0, 0x0) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0xfffffb07, @local, 0x680}, 0x1c) r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2002, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000600)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000002000000", @ANYRES32=r7, @ANYBLOB="0c00990000000000000000000800a000ea15000008009f00030000000800"], 0x40}}, 0x0) write$rfkill(r4, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x1}, 0x8) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x0) 7m33.491712479s ago: executing program 0 (id=504): r0 = socket$packet(0x11, 0x3, 0x300) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) r4 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f91124fc60", 0x14}], 0x1}, 0x0) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil) madvise(&(0x7f0000f0f000/0x2000)=nil, 0x2000, 0x15) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4) r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_SECURITY_LEVEL(r5, 0x0, 0x2, &(0x7f0000000000)=0xffffffffffffffff, 0x4) openat2$dir(0xffffff9c, &(0x7f0000000200)='./cgroup\x00', &(0x7f0000000480)={0x300, 0x0, 0x8}, 0x18) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bridge0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="09000000e70014000000d97bfbf788a83baa88a8000000000033008100000000", 0x20, 0x200000c4, &(0x7f0000000080)={0x11, 0x8100, r6, 0x1, 0x8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x31}}, 0x14) 7m32.572266931s ago: executing program 0 (id=508): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8) mkdirat(0xffffffffffffff9c, 0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]}) syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00') r0 = syz_open_dev$radio(&(0x7f0000000100), 0x2, 0x2) io_submit(0x0, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x2, r0, 0x0}]) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5) ioctl$SG_IO(r1, 0x2285, 0x0) writev(r1, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d7", 0x20}], 0x1) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x6, 0x10001, 0x34324152, 0x0, 0xb, [{}, {0x10}, {0x2}, {0x40, 0x101}, {0x0, 0xffffffff}]}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) socket$inet6_sctp(0xa, 0x1, 0x84) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) rseq(0x0, 0x0, 0x0, 0x0) r3 = gettid() timer_create(0x0, &(0x7f00000005c0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0) timer_settime(0x0, 0x1, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) 7m31.579265273s ago: executing program 0 (id=512): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) setxattr$trusted_overlay_origin(&(0x7f0000000440)='./file0\x00', &(0x7f0000000500), 0x0, 0x0, 0x1) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x80}}]}, {0x2}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket(0x2c, 0x4, 0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[]) chdir(&(0x7f0000000300)='./file0\x00') r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0) r5 = inotify_init() inotify_add_watch(r5, 0x0, 0x20000002) getsockname$packet(r4, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000640)={'#! ', './file0', [{}, {0x20, 'rp\xee\xff\xe4'}, {0x20, '\x12~\x85\xecZ@\xb5\x18\xec\x182\xc9L\xdc\xb2\x81\xdam\xa8\xc5{\x92\x14\xce\xf2\xb8\xf7\xa9\xa7\x00X \x93t\x91!%\xff\x13\xdc\aIY\x0e\xb4zh\\\x06\r\xe8^Z\x81\xb8$:P\x83\x98_\xa1\x98\xd6\xd2g-\xefr\x14<\xd1\xb84\x94\xa09\x9f\x12I\xed\xd5dT#f\xb4\xf3\x88\xcf\xde\x00\xd4\x81WN\xca\xb5c\xbf\r\xb0Q\xa9\xbaC\xd2\xa2\x1d~\xc5D(\x92A\x12f\x83fn\xd0\xb6\x02\x116t:|\x94\xc7\xac\xf6\xbc~m\xd6\xd1\xe5\xe0\xdd\xc2\x9cl#\x85\xab\xe7\xa9\xcb\"\xd2\x97\x10\xa5\xa8\xc1\x8d@U\a]Gi^\xd2\xdf\xb0\xa5!\x836\x92\xc9\x92\xe4'}], 0xa, "7bad65c4da5338577feb172ca63250224c76e2027f000000000000007e2ac7fe2e31a2e87e3ee43ed92dfbb6bc0700de24db4ec870b8000000000000002c65e7495fe9afeb28bb60e91e23e104f6dbbf40e1fc2ab1a77fd9f6414e438f03"}, 0xfffffc43) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x2c, &(0x7f00000001c0)={&(0x7f00000000c0)={0x28, r0, 0x105, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0x65}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x50) 7m29.78320436s ago: executing program 0 (id=517): mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000340), 0x7f, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000140)={0x16, 0x1, 0x0, "18e889d15b38429faa8ff62438eaed752e68f3a6d09382b392b049e33958b16c"}) socket$kcm(0x21, 0x2, 0x2) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r4, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10) setsockopt$packet_rx_ring(r4, 0x107, 0x5, &(0x7f0000000040)=@req3={0xb90b, 0xfffffffc, 0xfffffffe, 0x0, 0x0, 0x2, 0xffffffff}, 0x1c) kexec_load(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x7ffdd000, 0x8000}], 0x320000) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) r5 = syz_open_dev$radio(&(0x7f0000000100), 0x2, 0x2) r6 = epoll_create(0x5) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f00000000c0)={0x4000000b}) ioctl$VIDIOC_SUBSCRIBE_EVENT(r5, 0x4020565a, &(0x7f0000000180)={0x3, 0xa, 0x2}) 7m29.469762008s ago: executing program 0 (id=519): prlimit64(0x0, 0xe, 0x0, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@newtaction={0x70, 0x30, 0x1, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_ife={0x2c, 0x1d, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x5}}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x844}, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000200)={0x1, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil}) r4 = dup(r3) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000040)=@arm64={0x7, 0x6, 0x81, '\x00', 0x3c}) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f00000000c0)=0xffff) syz_open_dev$video4linux(&(0x7f0000000000), 0x2, 0x600) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000440), r5) sendmsg$NLBL_MGMT_C_REMOVEDEF(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)={0x14, r6, 0x1, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x20044006}, 0x30000080) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000f80), r7) sendmsg$NLBL_MGMT_C_ADDDEF(r7, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000fc0)={0x1c, r8, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040014}, 0x4004000) r9 = add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) ioctl$KVM_RUN(r4, 0xae80, 0x0) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) request_key(&(0x7f00000002c0)='big_key\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000340)='/dev/kvm\x00', r9) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000280)={'syztnl2\x00', &(0x7f0000000180)={'ip_vti0\x00', r10, 0x8000, 0x700, 0x9, 0x1ff, {{0x12, 0x4, 0x3, 0x7, 0x48, 0x68, 0x0, 0x80, 0x29, 0x0, @remote, @remote, {[@generic={0x82, 0x2}, @timestamp_addr={0x44, 0x14, 0x23, 0x1, 0x1, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3}, {@private=0xa010101, 0x4}]}, @noop, @ssrr={0x89, 0x1b, 0x84, [@loopback, @multicast1, @loopback, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}]}]}}}}}) 7m29.438976317s ago: executing program 34 (id=519): prlimit64(0x0, 0xe, 0x0, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@newtaction={0x70, 0x30, 0x1, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_ife={0x2c, 0x1d, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x5}}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x844}, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000200)={0x1, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil}) r4 = dup(r3) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000040)=@arm64={0x7, 0x6, 0x81, '\x00', 0x3c}) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f00000000c0)=0xffff) syz_open_dev$video4linux(&(0x7f0000000000), 0x2, 0x600) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000440), r5) sendmsg$NLBL_MGMT_C_REMOVEDEF(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)={0x14, r6, 0x1, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x20044006}, 0x30000080) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000f80), r7) sendmsg$NLBL_MGMT_C_ADDDEF(r7, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000fc0)={0x1c, r8, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040014}, 0x4004000) r9 = add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) ioctl$KVM_RUN(r4, 0xae80, 0x0) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) request_key(&(0x7f00000002c0)='big_key\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000340)='/dev/kvm\x00', r9) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000280)={'syztnl2\x00', &(0x7f0000000180)={'ip_vti0\x00', r10, 0x8000, 0x700, 0x9, 0x1ff, {{0x12, 0x4, 0x3, 0x7, 0x48, 0x68, 0x0, 0x80, 0x29, 0x0, @remote, @remote, {[@generic={0x82, 0x2}, @timestamp_addr={0x44, 0x14, 0x23, 0x1, 0x1, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3}, {@private=0xa010101, 0x4}]}, @noop, @ssrr={0x89, 0x1b, 0x84, [@loopback, @multicast1, @loopback, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}]}]}}}}}) 7m26.726199736s ago: executing program 5 (id=525): creat(0x0, 0xd931d3864d39ddd8) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d400500000000004704000001ed00001f030000000000001d44000000000000620a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x1) r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x40, 0x0) ioctl$COMEDI_CHANINFO(r0, 0x80206403, &(0x7f0000000380)={0x1, 0x0, 0x0, 0x0}) r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x8, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x800) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$inet(r6, &(0x7f0000001540)=[{{0x0, 0x5b, 0x0}}], 0x800000000000214, 0x20000001) syz_open_dev$tty1(0xc, 0x4, 0x1) socket$nl_route(0x10, 0x3, 0x0) close(r7) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$qrtrtun(r1, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r8, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x3c) 7m25.419999675s ago: executing program 5 (id=528): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) munmap(&(0x7f0000901000/0x3000)=nil, 0x3000) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x300, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e77, 0x20000000, 0x94a, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3ffa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r1 = gettid() sched_setscheduler(r1, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x14, r6, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) keyctl$set_timeout(0xf, 0x0, 0x1) sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x1, 0x1, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x10b85}, [@IFLA_IFNAME={0x14, 0x3, 'vlan1\x00'}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x40}, 0x1, 0x0, 0x0, 0x90}, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140) r9 = eventfd(0xffffffff) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r9) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r9}) 7m24.472415368s ago: executing program 5 (id=530): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00') sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0) ftruncate(r2, 0x8800000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r4, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0) sendfile(r3, r2, 0x0, 0x578410eb) process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000008640), 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r5 = socket$kcm(0x29, 0x5, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r5, 0x0, r6, 0x0, 0xf3e, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @thr={0x0, &(0x7f0000000380)="c75f16175bb69c4013d0479f629c0ba46ff8ac8dc98098b878545ed70bb5bc1bacf36b28b91a23b1365fa8e67059f7c1fc1ade5eb855207f7066f96bdafb14234e8d9afeee1f3fd22e4b4fe5a61f4afde21805ae5206b87bb22d882df14583a3e6616fce86827ba486d004155a4450ce7bc978b14dadd17103787da46b699548"}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r7 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r7, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x890}, 0x0) recvmmsg(r7, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000840)=""/127, 0x7f}], 0x2}, 0x101}], 0x1, 0x60, 0x0) 7m23.041029086s ago: executing program 5 (id=539): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) setxattr$trusted_overlay_origin(&(0x7f0000000440)='./file0\x00', &(0x7f0000000500), 0x0, 0x0, 0x1) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x80}}]}, {0x2}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket(0x2c, 0x4, 0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[]) chdir(&(0x7f0000000300)='./file0\x00') r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0) r5 = inotify_init() inotify_add_watch(r5, 0x0, 0x20000002) getsockname$packet(r4, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000640)={'#! ', './file0', [{}, {0x20, 'rp\xee\xff\xe4'}, {0x20, '\x12~\x85\xecZ@\xb5\x18\xec\x182\xc9L\xdc\xb2\x81\xdam\xa8\xc5{\x92\x14\xce\xf2\xb8\xf7\xa9\xa7\x00X \x93t\x91!%\xff\x13\xdc\aIY\x0e\xb4zh\\\x06\r\xe8^Z\x81\xb8$:P\x83\x98_\xa1\x98\xd6\xd2g-\xefr\x14<\xd1\xb84\x94\xa09\x9f\x12I\xed\xd5dT#f\xb4\xf3\x88\xcf\xde\x00\xd4\x81WN\xca\xb5c\xbf\r\xb0Q\xa9\xbaC\xd2\xa2\x1d~\xc5D(\x92A\x12f\x83fn\xd0\xb6\x02\x116t:|\x94\xc7\xac\xf6\xbc~m\xd6\xd1\xe5\xe0\xdd\xc2\x9cl#\x85\xab\xe7\xa9\xcb\"\xd2\x97\x10\xa5\xa8\xc1\x8d@U\a]Gi^\xd2\xdf\xb0\xa5!\x836\x92\xc9\x92\xe4'}], 0xa, "7bad65c4da5338577feb172ca63250224c76e2027f000000000000007e2ac7fe2e31a2e87e3ee43ed92dfbb6bc0700de24db4ec870b8000000000000002c65e7495fe9afeb28bb60e91e23e104f6dbbf40e1fc2ab1a77fd9f6414e438f03"}, 0xfffffc43) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x2c, &(0x7f00000001c0)={&(0x7f00000000c0)={0x28, r0, 0x105, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0x65}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x50) 7m21.6138319s ago: executing program 5 (id=544): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000580)='\x00'/15, 0xf) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = accept4(r1, 0x0, 0x0, 0x80000) sendmmsg$inet6(r3, &(0x7f0000003200)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000680)="a7804ba0", 0x4}], 0x1, 0x0, 0x0, 0x7000300}}], 0x1, 0x41) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) socket$nl_netfilter(0x10, 0x3, 0xc) socket$pppl2tp(0x18, 0x1, 0x1) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) syz_usb_connect$cdc_ncm(0x1, 0x0, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='status\x00') preadv(r4, &(0x7f0000000040)=[{&(0x7f0000000180)=""/136, 0x88}], 0x1, 0x4, 0x0) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)}, 0x0) 7m21.341609211s ago: executing program 5 (id=547): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000002c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x81b}}, './file0\x00'}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, 0x0) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008c04"]) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdir(&(0x7f0000000100)='./file1\x00', 0x13b) mkdir(&(0x7f0000000000)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f0000000140)='./bus\x00') connect$unix(r1, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e) r5 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f) write$FUSE_CREATE_OPEN(r5, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x0, 0x9, 0x20ff, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0) sendfile(r5, r5, &(0x7f0000000080), 0x7f03) r6 = open(&(0x7f0000000180)='./bus\x00', 0x189a7c, 0x113) ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000240)=0x1) setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000300)={'security\x00', 0x4, [{}, {}, {}, {}]}, 0x64) r7 = open(&(0x7f0000000040)='./bus\x00', 0x4e142, 0x0) pwritev2(r7, &(0x7f0000000680)=[{&(0x7f0000000200)="05", 0x6a000}], 0x1, 0x6000000, 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x37fffee, 0x4002011, r6, 0x0) 7m21.283402164s ago: executing program 35 (id=547): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000002c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x81b}}, './file0\x00'}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, 0x0) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008c04"]) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdir(&(0x7f0000000100)='./file1\x00', 0x13b) mkdir(&(0x7f0000000000)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f0000000140)='./bus\x00') connect$unix(r1, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e) r5 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f) write$FUSE_CREATE_OPEN(r5, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x0, 0x9, 0x20ff, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0) sendfile(r5, r5, &(0x7f0000000080), 0x7f03) r6 = open(&(0x7f0000000180)='./bus\x00', 0x189a7c, 0x113) ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000240)=0x1) setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000300)={'security\x00', 0x4, [{}, {}, {}, {}]}, 0x64) r7 = open(&(0x7f0000000040)='./bus\x00', 0x4e142, 0x0) pwritev2(r7, &(0x7f0000000680)=[{&(0x7f0000000200)="05", 0x6a000}], 0x1, 0x6000000, 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x37fffee, 0x4002011, r6, 0x0) 4m43.974952672s ago: executing program 1 (id=1064): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_G_SLICED_VBI_CAP(r0, 0xc0745645, &(0x7f0000000100)={0x7, [0x1, 0x405, 0x2, 0x1, 0x1, 0x5, 0x0, 0x7ffe, 0x7, 0x5, 0xf9f, 0x2, 0x7, 0x2, 0x8f, 0x8, 0x864, 0x222, 0x2, 0xcc, 0x7, 0xa67b, 0x8005, 0xb, 0x7, 0xff00, 0x800, 0x8, 0x0, 0x9, 0x4, 0x5, 0xa000, 0xf, 0xd4b, 0x5, 0x8, 0x3, 0xfff, 0xd, 0x10, 0x7, 0x7, 0x43e, 0xffff, 0x0, 0x2, 0x402], 0x4}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = gettid() r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'tunl0\x00'}) sendmsg$nl_route_sched(r3, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) rt_sigtimedwait(0x0, 0x0, &(0x7f0000000100)={0x0, 0x989680}, 0x0) gettid() futex(&(0x7f00000002c0)=0x2, 0xb, 0x2, &(0x7f0000000300)={0x77359400}, &(0x7f00000004c0)=0x1, 0x2) eventfd2(0x8e8, 0x80001) r4 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$MRT6_INIT(r4, 0x29, 0xc8, &(0x7f0000000040), 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90) socket$nl_generic(0x10, 0x3, 0x10) ioctl$VHOST_VDPA_GET_DEVICE_ID(0xffffffffffffffff, 0x8004af70, &(0x7f0000000200)) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) read$FUSE(0xffffffffffffffff, &(0x7f0000001480)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) timer_create(0x4, &(0x7f0000000240)={0x0, 0x27, 0x800000000004, @tid=r5}, 0x0) timer_gettime(0x0, 0x0) 4m41.89202087s ago: executing program 1 (id=1074): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0xb8, &(0x7f0000000140), &(0x7f00000000c0)=0x4) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) r2 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)}], 0x1, 0x2040801) sendmsg$key(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={0x0}}, 0x80) r3 = openat$cdrom(0xffffff9c, &(0x7f00000001c0), 0x2000, 0x0) readv(r3, &(0x7f0000000380)=[{&(0x7f0000000200)=""/195, 0xc3}], 0x1) ioctl$CDROMRESET(r3, 0x5312) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000000)={0x3, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000001040)={0x3, {{0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x22}}}}, 0x84) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00') r6 = socket$nl_route(0x10, 0x3, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRES32], 0x44}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x2c, 0x11, 0x1, 0x2000000, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xffff}}, [{0x8, 0xb, 0x200}]}, 0x2c}}, 0x0) ioctl$BSG_GET_RESERVED_SIZE(r5, 0x2272, &(0x7f00000003c0)) sendmsg$key(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) unshare(0x46000000) mount(&(0x7f0000000080)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000180)='ufs\x00', 0x2a08840, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18}, './cgroup\x00'}) 4m40.833291981s ago: executing program 1 (id=1077): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x20004080}, 0x2404c044) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f00000002c0), 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb3, &(0x7f0000000140)=""/179, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x64, 0x30, 0xb, 0x0, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_ACTION={0x6, 0x3, 0x9}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r4, &(0x7f0000002540)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=@delsa={0x34, 0x11, 0x4b49a87d091fa3c9, 0x70bd2c, 0x25dfdbfe, {@in6=@remote, 0x4d6, 0xa, 0x33}, [@mark={0xc, 0x15, {0x35075d, 0x6e}}]}, 0x34}}, 0x8000) r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0) r8 = syz_open_dev$tty1(0xc, 0x4, 0x2) write$UHID_INPUT(r8, &(0x7f00000025c0)={0x9, {"a2e3ad21ed0d09f90e3d090987f70e06d038e7ff7fc6e5539b0d5b0e8b099b3f360068090890e0878f0e1ac6e7f89b334d959b4a9a24315b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0a6193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000400000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617679314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec230911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918c91243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac5a4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4b333bd5bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3be3b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ce0700c7e658828163e2d25c4aa348561f927eff7f3aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f05004b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d486046b2c0e2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee6157eb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de225727aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d78749a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29c60acebdbe8ddbd75c2f998d8a57f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe290030000002414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95ff80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8870b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513007000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae8489d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60299473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b41519539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d946a2daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810300000000000000a12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf000000800000000007b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae0e797e8bd1f4108b7807fb36207685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ad50dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b9048017848416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b00f1000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8e91516db587c2cb5fe36d7d3e5db21b013b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cf4b23329072e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06810002000000000000957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f3e90d5943dbc10360a1a49700d1dfbf66d69f6fbafe1e83cdde8bb0d872a02238926407a4eddd5d0fc5a752f900000000000000100", 0x1000}}, 0x1006) sendfile(r7, 0xffffffffffffffff, 0x0, 0x1fe22dc8) socket(0x400000000010, 0x3, 0x0) fsopen(&(0x7f00000004c0)='ocfs2\x00', 0x1) 4m39.677062352s ago: executing program 1 (id=1079): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC, @ANYRESDEC, @ANYRES8], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'lo\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@bridge_newneigh={0x30, 0x1c, 0x1, 0x70bd28, 0x25dfdbfe, {0x2, 0x0, 0x0, r2, 0x3f, 0x0, 0x4}, [@NDA_DST_IPV4={0x8, 0x1, @empty}, @NDA_LLADDR={0xa, 0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}]}, 0x30}}, 0x4000004) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$igmp(0x2, 0x3, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x2814002, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f00000000c0)='./file0\x00') r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x62881, 0x9d) write$P9_RREADLINK(r6, &(0x7f0000000180)={0x10, 0x17, 0xfffd, {0x7, './file0'}}, 0x10) open(&(0x7f0000000140)='./file0\x00', 0x33f, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYRESDEC=r3], 0x6c}, 0x1, 0x0, 0x0, 0x4040}, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota') bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000780)=ANY=[@ANYBLOB="9feb010018000000000000000000000000080000000000000000"], 0x0, 0x1a}, 0x28) syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x0) 4m38.67754159s ago: executing program 1 (id=1082): syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) io_uring_register$IORING_REGISTER_SYNC_CANCEL(0xffffffffffffffff, 0x18, 0x0, 0x1) ioctl$KVM_REINJECT_CONTROL(0xffffffffffffffff, 0xae71, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r3 = socket$kcm(0x10, 0x2, 0x0) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) ioctl$SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000000000)=0x1000) r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000001340)) ioctl$SNDCTL_DSP_CHANNELS(r5, 0xc0045006, &(0x7f0000000180)=0x6f) write$dsp(r5, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) sendmsg$kcm(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x0) sendmsg$kcm(r3, &(0x7f0000000100)={0x0, 0xfd, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x80) 4m38.539438605s ago: executing program 1 (id=1085): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x10) r2 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r2, 0x0, 0x0) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f00000005c0)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x1}}]}}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = gettid() timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) r6 = syz_open_dev$evdev(0x0, 0x1, 0x140) read$FUSE(r6, &(0x7f0000000180)={0x2020}, 0x2020) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r7, &(0x7f0000001a40)=""/102392, 0x18ff8) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, 0x0) sendmsg$NL80211_CMD_SET_COALESCE(r4, 0x0, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r0, 0x0, 0x80) r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r8, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8}]}, 0x3c}}, 0x0) 4m38.495249359s ago: executing program 36 (id=1085): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x10) r2 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r2, 0x0, 0x0) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f00000005c0)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x1}}]}}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = gettid() timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) r6 = syz_open_dev$evdev(0x0, 0x1, 0x140) read$FUSE(r6, &(0x7f0000000180)={0x2020}, 0x2020) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r7, &(0x7f0000001a40)=""/102392, 0x18ff8) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, 0x0) sendmsg$NL80211_CMD_SET_COALESCE(r4, 0x0, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r0, 0x0, 0x80) r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r8, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8}]}, 0x3c}}, 0x0) 8.477536487s ago: executing program 8 (id=2030): r0 = socket$pptp(0x18, 0x1, 0x2) connect$pptp(r0, 0x0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000300)="ad56b6c5820fae9d6dcd3292ea54c7be", 0x20) r2 = syz_open_dev$video(&(0x7f0000000080), 0x7, 0x40580) bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8) bpf$TOKEN_CREATE(0x24, &(0x7f0000000140), 0x8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) io_setup(0x8, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x3, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0xfffffffffffffe7a, 0x0, 0x40f00, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000280)=0xc) lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(0x0, r4, r5) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8b1a, &(0x7f0000000000)={'wlan1\x00'}) r6 = open(0x0, 0x44842, 0x0) r7 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSIGACCEPT(r7, 0x5607, 0x2c) ioctl$EVIOCSABS2F(r6, 0x401845ef, &(0x7f0000000180)={0x2, 0x3, 0xc1a, 0x0, 0x1d4, 0x83}) r8 = syz_open_dev$tty1(0xc, 0x4, 0x1) dup(r8) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r6, 0x6, 0x1d, 0x0, &(0x7f0000000200)) r9 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$VT_ACTIVATE(r9, 0x5606, 0x4) ioctl$VIDIOC_TRY_EXT_CTRLS(r2, 0xc0185649, &(0x7f0000000140)={0xf000000, 0x7, 0x290, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x990a96, 0x7f, '\x00', @p_u32=0x0}}) 7.947083335s ago: executing program 6 (id=2039): ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vxcan1\x00'}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x2000000000000001, 0x0, 0x2, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x40844) unshare(0x2c020400) lseek(0xffffffffffffffff, 0xfffffffffffffff9, 0x1) ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(0xffffffffffffffff, 0xc0984124, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000003400)=@base={0x1c, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x48) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000040)={0x6, 'bond_slave_1\x00', {0x1}, 0xff7f}) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f00000023c0)={0x0, 'veth0_vlan\x00', {0xffe}, 0x2b1}) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0) r2 = socket$netlink(0x10, 0x3, 0x15) recvmmsg(r2, &(0x7f0000000740), 0x0, 0x40010000, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24008000}, 0x4000) sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x10, 0x0, 0xfe, 0x4, 0x0, 0x1, 0x20000000}, [@RTA_NH_ID={0x8, 0x1e, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010) r4 = socket(0x10, 0x80002, 0x0) getsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000000)={0x0, @multicast1, @private}, &(0x7f0000000040)=0xc) 7.652966108s ago: executing program 8 (id=2033): bind$alg(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) bind$netlink(0xffffffffffffffff, 0x0, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000040)=0x1800, 0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) unshare(0x20020680) r3 = syz_io_uring_setup(0x10b, &(0x7f00000000c0)={0x0, 0x0, 0x80, 0x1, 0x2000008}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)='./file0/../file0\x00', 0x4e, 0x28040, 0x12345}) io_uring_enter(r3, 0x47f9, 0x0, 0x0, 0x0, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00'}) sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0) bind$tipc(0xffffffffffffffff, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x3, {0x2, 0x4, 0x4}}, 0x10) sendfile(r0, 0xffffffffffffffff, &(0x7f00000000c0)=0x6, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r0, &(0x7f0000000040)='\x00', 0x1, 0x20000045, &(0x7f00000002c0)={0xa, 0x2, 0x395, @empty}, 0x1c) sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x37e0c97c68c1c84a}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)={0x174, 0x0, 0x20, 0x70bd2b, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NODE={0xb8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ID={0x97, 0x3, "1a5e16c99995704074748b7382a64c43d2f7e0a0ba9b546f126a18def712765a222cb8c7d0133a344dc820ddc320fec3aabc0e417b835b528b81f0fc5a836fda620fe102c24a84e4cc8333f7bd46eee7cfd9a36fd9fe47f659a53568a25e69e9b9683d2659455027481be83513c5df5d17f27b4cf8a2863de29da6ea8396bc07e2657ba8bad2d184947d2d7b6726acb9648eae"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x100}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_MEDIA={0x8c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x20000000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x68}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x101}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffff9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa3c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x800}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000}]}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xb38}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}]}]}, 0x174}, 0x1, 0x0, 0x0, 0x20000080}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018200000000000003400000034000000060000000400000000000d00000904000000000000000000800400000000000000000000000800000000000000006100"/82], 0x0, 0x52}, 0x20) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) 6.885360459s ago: executing program 8 (id=2043): bind$alg(0xffffffffffffffff, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f00000000c0)={0x0, 0x0, 0xfe, 0x2, 0x0, 0x8, 0x5, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3}, 0xe) shutdown(r1, 0x1) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000100)=0x6, 0x4) recvmmsg(r1, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x414, 0x0, 0x0) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, &(0x7f0000000280)=0x1, 0x4) syz_open_dev$evdev(0x0, 0x0, 0x60000) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newtfilter={0x68, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xb, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x38, 0x2, [@TCA_BASIC_EMATCHES={0x34, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x28, 0x2, 0x0, 0x1, [@TCF_EM_META={0x24, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x4}, [@TCA_EM_META_RVALUE={0x4}, @TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xe, 0x1}, {0x5, 0x40}}}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x9]}]}}]}]}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x20041090}, 0x0) r6 = socket$inet_udp(0x2, 0x2, 0x0) socket$nl_rdma(0x10, 0x3, 0x14) bind$inet(r6, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r6, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x0) 5.946208942s ago: executing program 8 (id=2037): syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/tcp6\x00') openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socket$nl_generic(0x10, 0x3, 0x10) syz_usb_connect$hid(0x6, 0x36, 0x0, 0x0) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @random="a0725ce9403b", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb8000", 0x30, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast2, {[], @time_exceed={0x4, 0x0, 0x0, 0x60, '\x00', {0x0, 0x6, "fd9063", 0x2, 0x3a, 0x0, @empty, @mcast2}}}}}}}, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES64], 0xf8) setpriority(0x2, 0x0, 0x7) r1 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000001000)={0x10, 0x140d, 0xe3263c25d365e57d, 0x70bd2a, 0x25dfdbff}, 0x10}, 0x1, 0x0, 0x0, 0x20000000}, 0x50) r2 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYBLOB="02140907070000002abd7000fedbdf25050005002b8000000a004e2000000788fe80000000000000000000000000001905000000000000003328d45f84d3756a827414950af16927d0b9ec564d3c1d4741f1fb4f858273f3e457e2b3b3c9fdccad074659a9633baded905b74c26223aee11b61bf7c63c6e9b04a5ad55908ed70848aa9fa3be4fa001a9ab9c0f4729d020ac44e"], 0x38}}, 0x4000040) bind$netlink(r3, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x318, 0x1, 0x24}, 0x9c) 5.15184784s ago: executing program 7 (id=2040): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_G_SLICED_VBI_CAP(r0, 0xc0745645, &(0x7f0000000100)={0x7, [0x1, 0x405, 0x2, 0x1, 0x1, 0x5, 0x0, 0x7ffe, 0x7, 0x5, 0xf9f, 0x2, 0x7, 0x2, 0x8f, 0x8, 0x864, 0x222, 0x2, 0xcc, 0x7, 0xa67b, 0x8005, 0xb, 0x7, 0xff00, 0x800, 0x8, 0x0, 0x9, 0x4, 0x5, 0xa000, 0xf, 0xd4b, 0x5, 0x8, 0x3, 0xfff, 0xd, 0x10, 0x7, 0x7, 0x43e, 0xffff, 0x0, 0x2, 0x402], 0x4}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = gettid() ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'tunl0\x00'}) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) rt_sigtimedwait(0x0, 0x0, &(0x7f0000000100)={0x0, 0x989680}, 0x0) gettid() futex(&(0x7f00000002c0)=0x2, 0xb, 0x2, &(0x7f0000000300)={0x77359400}, &(0x7f00000004c0)=0x1, 0x2) eventfd2(0x8e8, 0x80001) r3 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$MRT6_INIT(r3, 0x29, 0xc8, &(0x7f0000000040), 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90) socket$nl_generic(0x10, 0x3, 0x10) ioctl$VHOST_VDPA_GET_DEVICE_ID(0xffffffffffffffff, 0x8004af70, &(0x7f0000000200)) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) read$FUSE(0xffffffffffffffff, &(0x7f0000001480)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) timer_create(0x4, &(0x7f0000000240)={0x0, 0x27, 0x800000000004, @tid=r4}, 0x0) timer_gettime(0x0, 0x0) 4.312196468s ago: executing program 7 (id=2042): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, 0x1c) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCADDRT(r1, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @multicast2}, @nfc={0x27, 0x0, 0x0, 0x2}, @nl=@unspec, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb7, &(0x7f0000000140)=""/183, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'stdrng\x00'}, 0x58) r6 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xbcb5, 0x0, 0x5, 0x1000}, &(0x7f0000000340)=0x0, &(0x7f0000000300)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x3, r5, 0x0, 0x0, 0x0, 0x80800}) io_uring_enter(r6, 0x3516, 0x3e44, 0x8, 0x0, 0x0) sendto$inet6(r0, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c) capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) r9 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x0) ioctl$DRM_IOCTL_GET_UNIQUE(r9, 0xc0106412, &(0x7f00000000c0)={0x0, 0x0}) ppoll(&(0x7f0000000000)=[{r0, 0x6}], 0x1, 0x0, 0x0, 0x0) syz_init_net_socket$ax25(0x3, 0x2, 0xf0) 4.310316581s ago: executing program 6 (id=2051): prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x804) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$inet(r3, &(0x7f0000001540), 0x800000000000214, 0x20000001) recvmmsg(r4, &(0x7f0000000ec0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000400)=""/52, 0x34}, {&(0x7f0000000440)=""/173, 0xad}], 0x2}, 0x9}, {{&(0x7f00000005c0)=@xdp, 0x80, 0x0, 0x0, &(0x7f0000001580)=""/4096, 0x1000}, 0x5}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000e80)=""/54, 0x36}, 0x6}], 0x3, 0x40000000, &(0x7f0000000f80)={0x77359400}) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'bond_slave_1\x00'}) r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$sock_TIOCINQ(r6, 0x541b, &(0x7f0000000000)) r7 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r7, 0x84, 0x77, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYBLOB='\x00'], 0xa) prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) io_setup(0x20, &(0x7f0000001140)=0x0) io_submit(r8, 0x1, &(0x7f00000001c0)=[&(0x7f0000000d80)={0xf, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000c40)='\r', 0x1}]) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0) ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000200)={0xffffffffffffffff, 0x4, {0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x2, 0x7, 0x14, "45feb605f984275597a70c0898cd82e503fe19eee50bbcdf2651a435da332a0910fd492e2e6c32faf6f45bca23aad3a09056d52e51864bbaf0c8f88ffa3c664a", "a1b160ad29955d89deb24c2567b4d02dff367585e781efa61d63d201a83e74f2039169087b642396e3a699cd431a9c10ac76e5a841832c52b2985a158c20cda6", "b0fb4a6a2e5e7178c16e697743fb72ed5036fa0038f4fa8d25a5df10bad267ef", [0x60, 0xff]}}) 3.38321149s ago: executing program 7 (id=2045): prlimit64(0x0, 0xe, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007baaf8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$inet6_sctp(0xa, 0x1, 0x84) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r3 = socket(0x2, 0x2, 0x1) bind$unix(r3, &(0x7f0000000000)=@file={0x0, './file0/file0\x00'}, 0x6e) socket$kcm(0xa, 0x922000000003, 0x11) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0}, 0x90) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000000)={0x11, @rand_addr, 0x0, 0x4, 'lblcr\x00', 0x0, 0xfffffff8}, 0x2c) getsockopt$IP_VS_SO_GET_SERVICE(r4, 0x0, 0x483, &(0x7f0000000000), &(0x7f0000000180)=0x68) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000640)='bcache_write\x00', r1, 0x0, 0xfffffffffffffffa}, 0x18) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CAP_X86_APIC_BUS_CYCLES_NS(r6, 0x4068aea3, 0x0) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) r7 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000150081fb7059ae08060c04000aff0f11000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703c48f93b8", 0x48}], 0x1}, 0x0) 3.206107928s ago: executing program 6 (id=2047): creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d400500000000004704000001ed00001f030000000000001d44000000000000620a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x1) r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x8, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x800) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x18, &(0x7f00000006c0)=ANY=[@ANYBLOB="18240000", @ANYRES32=r1, @ANYBLOB="00000000040000001a77100008000000b7080000000000007b8af8ff00000000b70800000c0000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000", @ANYRES32=r1, @ANYBLOB="6383c68100000000dc3e10c5c71a463fb200000000b705000008000024ae362dd3bb1deafc6fd33c7b", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000007f7c0038c6070000185300000800"/56], &(0x7f0000000280)='syzkaller\x00', 0x8, 0x3d, &(0x7f0000000440)=""/61, 0x41000, 0x28, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000000480)={0x3, 0x1}, 0x8, 0x10, &(0x7f00000004c0)={0x3, 0xe, 0x4}, 0x10, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000500)=[{0x0, 0x3, 0xb, 0x2}], 0x10, 0x8001}, 0x94) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$inet(r6, &(0x7f0000001540)=[{{0x0, 0x5b, 0x0}}], 0x800000000000214, 0x20000001) socket$nl_route(0x10, 0x3, 0x0) close(r7) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0) mount(&(0x7f0000000280)=@sr0, &(0x7f0000000340)='./cgroup\x00', &(0x7f0000000300)='nilfs2\x00', 0x1a0c000, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$qrtrtun(r1, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r8, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x3c) mmap$xdp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1f, 0x12, r0, 0x100000000) 2.841323833s ago: executing program 8 (id=2048): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mknod$loop(&(0x7f00000190c0)='./file0\x00', 0xfff, 0x0) execve(&(0x7f0000019100)='./file0\x00', 0x0, 0x0) add_key(&(0x7f0000000000)='rxrpc\x00', 0x0, &(0x7f0000000240)="000000000000003299b8f276dc75584a8d87d907005858367d61f49e1639a48f614a54a8192c2876b7f843cd3a3c07288fa0f1e28983b5cdc2e29b6e", 0x3c, 0xffffffffffffffff) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002f00)='fdinfo\x00') syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000003b810000850000007d000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9}) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r4, 0x100000) syz_clone3(&(0x7f0000001880)={0x0, 0x0, 0x0, 0x0, {0x800}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f00000005c0)={{0x1, 0x1, 0x18, r3, {0xf}}, './file0\x00'}) r5 = syz_open_dev$I2C(&(0x7f0000000000), 0x9, 0x129441) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0) pread64(r6, &(0x7f00000001c0)=""/200, 0xc8, 0x0) lseek(r6, 0x0, 0x1) pselect6(0xfffffffffffffefd, &(0x7f00000003c0)={0x7, 0x81, 0x6, 0x8, 0xe863, 0x2, 0x4}, &(0x7f0000000400)={0x2, 0x36cc80000000000, 0x5, 0x8000000000000000, 0x8000, 0x6f21, 0xda8, 0x1}, &(0x7f0000000440)={0x3, 0x0, 0x58, 0x1, 0xfd, 0x7f, 0x2}, &(0x7f0000000480), &(0x7f0000000500)={&(0x7f00000004c0)={[0xe, 0x4]}, 0x8}) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) ioctl$I2C_RDWR(r5, 0x707, &(0x7f0000000380)={&(0x7f0000000240)=[{0x5, 0x0, 0x49, &(0x7f00000000c0)="fc310d2095e71eed012ca62fa1acd23af7de1eccbc4ee54dca54523aec829e7a3a4e25f574db8c44510491ac3d8383371ac34d43447cd382d5007f5e2afd0637207c3105b8d3adab94"}, {0x2, 0x1, 0x16, &(0x7f0000000140)="2b12be082ab76dd69cb383d7fc860677c3aaf90ee320"}, {0x6, 0x2000, 0x8d, &(0x7f00000002c0)="895f97819fbbfbce919c3b51d426b25663393cf761f523cf25696f8055f8f897082fb9ae6e26b1ff274ea0c5096a91e782544f827aab97aa7d09686db3aff901a858fb8b8b3fe7925ad89e3da5decbde856cfa9247989e019bf4a63f45a752af64efb1b642252cf41ca7c6e55ec1562d0543db8c8a4748eee66ac77dc7167ef9ae9c42b0bb4f7b18f10420480a"}], 0x3}) ioctl$BTRFS_IOC_LOGICAL_INO(r5, 0xc0389424, &(0x7f0000000580)={0xfffffffffffff808, 0x18, '\x00', 0x0, &(0x7f0000000540)=[0x0, 0x0, 0x0]}) 2.435723347s ago: executing program 2 (id=2049): syz_open_dev$sndmidi(0x0, 0x2, 0x141101) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) dup3(r1, r0, 0x0) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r2, 0x0) getpid() ppoll(&(0x7f0000000000)=[{r2, 0x200}], 0x1, &(0x7f00000002c0)={0x0, 0x989680}, 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000001c0)) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.096938526s ago: executing program 8 (id=2050): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) r3 = socket(0x10, 0x2, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB], 0x9) write(r3, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) recvmmsg(r3, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0) pipe2$watch_queue(0x0, 0x80) add_key(0x0, 0x0, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe) preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r5 = getpid() sched_setscheduler(r5, 0x2, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) getrlimit(0xe, &(0x7f0000000140)) 2.096697055s ago: executing program 2 (id=2052): r0 = socket$inet6(0xa, 0xa, 0x400000) connect$inet6(r0, 0x0, 0x0) sendmmsg$inet6(r0, 0x0, 0x0, 0xc8000) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"}) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, 0x0, &(0x7f00000001c0)) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000300)={0x0, @in6={{0xa, 0x4e22, 0x1, @remote, 0xfffffff0}}, 0x5, 0x8, 0x5, 0x10100, 0xff}, 0x0) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, 0x0, 0x0) ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000180)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="0f01cb650f741065666765f36f0f330f09660f3a0cb9000000752066b9800000c00f326635004000000f300f01d7ba4100ed", 0x32}], 0x1, 0x12, 0x0, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000080)={[{0x85, 0x0, 0xfe, 0xd2, 0x0, 0x5f, 0xfb, 0x0, 0xa6, 0x4, 0xff, 0x0, 0xf7fffffffffffdfc}, {0xfffffffc, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x4, 0xff, 0x2, 0x0, 0x800000000000000}, {0x2, 0x33, 0x0, 0x0, 0xac, 0x5, 0x14, 0x9, 0x5}], 0xfffffffd}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x1000000000, 0x2004cb, 0x1, 0xfffffffffffffffe, 0x3, 0x0, 0xff, 0x0, 0x4, 0x2, 0x1ffc], 0x80a0000}) r6 = openat$tun(0xffffff9c, &(0x7f00000000c0), 0x109940, 0x0) ioctl$TUNSETQUEUE(r6, 0x400454d9, 0x0) syz_emit_ethernet(0x22c, &(0x7f0000000840)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb86dd60122d9201f63afffe8000000000000000000000000000bbff020000000000000000000000000001860090780000000000000000000000000007a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d1818fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61e18002107ffffffffffff0000000000020000000000000000749f23253d3f9749575cd20def7c740000000000008879e66485201a0015ca8374000000000000000000000000000000000000105e14f0e7e72d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7780305d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed"], 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 2.096522898s ago: executing program 7 (id=2053): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0) ioctl$TCSETS(r1, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) r4 = socket$inet_udp(0x2, 0x2, 0x0) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000040000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000010000004400050000000000000000000000000000000000000000022b0000000a000000fe8000000000000000000000000000aa0000000004000000000000000000000000000000c6d6eac3624ce3cd3a1301d696468ff5bb8ab14d7f3ca4d28916cbf3f884ae1ea97f19ea656b3ff7b72d6cebffa7d6d14d358f53e8daf4cf3dcba452f82ae0bdeff0b5df5b8e2d84ae497edf8d"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) unshare(0x8010800) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040f0200f80d20"], 0x7) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) syz_init_net_socket$ax25(0x3, 0x3, 0xcf) sendmsg$nl_route(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x25dfdbff, {}, [@NHA_OIF={0x8, 0x5, r9}]}, 0x20}}, 0x0) r10 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newnexthop={0x2c, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=@newlink={0x20, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r9, 0x192}}, 0x20}}, 0x0) bind$inet(r4, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10) setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4) connect$inet(r4, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10) sendmmsg$inet(r4, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00) 2.092859709s ago: executing program 6 (id=2059): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet_smc(0x2b, 0x1, 0x0) set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) r1 = io_uring_setup(0x3eae, &(0x7f0000000080)) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) bind$inet6(r2, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @mcast2}, 0x1c) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x0, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x80002, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r6 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r6, &(0x7f0000000040)={0xa, 0x0, 0xfffffffd, @mcast1, 0x2}, 0x1c) sendmmsg$inet6(r6, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'lblc\x00', 0x0, 0xfffffffd, 0x33}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x483, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'sh\x00'}, 0x2c) 2.078362831s ago: executing program 2 (id=2054): syz_open_dev$tty20(0xc, 0x4, 0x1) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet6(0xa, 0x3, 0x84) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000280)={{{@in=@rand_addr=0x64010102, @in=@dev={0xac, 0x14, 0x14, 0x28}, 0x0, 0x156, 0x2, 0x0, 0x2, 0x0, 0x0, 0x5e}, {0x0, 0x0, 0xffffffffffffffff, 0x2, 0xfffffffffffffffe, 0x2000000, 0x1}, {0x4, 0x0, 0x10000000000004}, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2}, {{@in=@local, 0x0, 0x2b}, 0xa, @in6=@private0, 0x3507, 0x4, 0x0, 0x0, 0xffffffff, 0x8, 0x4}}, 0xe8) connect$inet6(r0, 0x0, 0x0) socket$inet6(0xa, 0x80001, 0x0) keyctl$instantiate(0xc, 0x0, 0x0, 0x2a, 0x0) add_key(0x0, 0x0, &(0x7f0000000100), 0x0, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x1) arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x1) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x2) arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x0) ptrace$getregset(0x4204, r1, 0x204, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000) r3 = socket(0x25, 0x1, 0x0) sendmmsg$unix(r3, &(0x7f0000004400), 0x400000000000203, 0x0) ptrace$setregset(0x4205, r1, 0x204, 0x0) arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x1) r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r4, &(0x7f0000000140)={{0x6, @rose}, [@bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @bcast, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000100)={'nr0\x00', 0x2}) 1.819424449s ago: executing program 2 (id=2055): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_G_SLICED_VBI_CAP(r0, 0xc0745645, &(0x7f0000000100)={0x7, [0x1, 0x405, 0x2, 0x1, 0x1, 0x5, 0x0, 0x7ffe, 0x7, 0x5, 0xf9f, 0x2, 0x7, 0x2, 0x8f, 0x8, 0x864, 0x222, 0x2, 0xcc, 0x7, 0xa67b, 0x8005, 0xb, 0x7, 0xff00, 0x800, 0x8, 0x0, 0x9, 0x4, 0x5, 0xa000, 0xf, 0xd4b, 0x5, 0x8, 0x3, 0xfff, 0xd, 0x10, 0x7, 0x7, 0x43e, 0xffff, 0x0, 0x2, 0x402], 0x4}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = gettid() r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) rt_sigtimedwait(0x0, 0x0, &(0x7f0000000100)={0x0, 0x989680}, 0x0) gettid() futex(&(0x7f00000002c0)=0x2, 0xb, 0x2, &(0x7f0000000300)={0x77359400}, &(0x7f00000004c0)=0x1, 0x2) eventfd2(0x8e8, 0x80001) r4 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$MRT6_INIT(r4, 0x29, 0xc8, &(0x7f0000000040), 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90) socket$nl_generic(0x10, 0x3, 0x10) ioctl$VHOST_VDPA_GET_DEVICE_ID(0xffffffffffffffff, 0x8004af70, &(0x7f0000000200)) read$FUSE(0xffffffffffffffff, &(0x7f0000001480)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) timer_create(0x4, &(0x7f0000000240)={0x0, 0x27, 0x800000000004, @tid=r5}, 0x0) timer_gettime(0x0, 0x0) 1.682500765s ago: executing program 7 (id=2056): lsetxattr$system_posix_acl(0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x5c, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$UFFDIO_MOVE(0xffffffffffffffff, 0xc028aa05, 0x0) r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000003c0)=ANY=[], 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x28, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x6d}, 0x2c) setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e20, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@remote, 0x4e23, 0x2000, 0x0, 0x12d5c, 0x12d5c}}, 0x44) 978.799978ms ago: executing program 2 (id=2057): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, 0x1c) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCADDRT(r1, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @multicast2}, @nfc={0x27, 0x0, 0x0, 0x2}, @nl=@unspec, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb7, &(0x7f0000000140)=""/183, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'stdrng\x00'}, 0x58) r6 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xbcb5, 0x0, 0x5, 0x1000}, &(0x7f0000000340)=0x0, &(0x7f0000000300)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x3, r5, 0x0, 0x0, 0x0, 0x80800}) io_uring_enter(r6, 0x3516, 0x3e44, 0x8, 0x0, 0x0) sendto$inet6(r0, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c) capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) r9 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x0) ioctl$DRM_IOCTL_GET_UNIQUE(r9, 0xc0106412, &(0x7f00000000c0)={0x0, 0x0}) ppoll(&(0x7f0000000000)=[{r0, 0x6}], 0x1, 0x0, 0x0, 0x0) syz_init_net_socket$ax25(0x3, 0x2, 0xf0) 977.443319ms ago: executing program 6 (id=2066): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_G_SLICED_VBI_CAP(r0, 0xc0745645, &(0x7f0000000100)={0x7, [0x1, 0x405, 0x2, 0x1, 0x1, 0x5, 0x0, 0x7ffe, 0x7, 0x5, 0xf9f, 0x2, 0x7, 0x2, 0x8f, 0x8, 0x864, 0x222, 0x2, 0xcc, 0x7, 0xa67b, 0x8005, 0xb, 0x7, 0xff00, 0x800, 0x8, 0x0, 0x9, 0x4, 0x5, 0xa000, 0xf, 0xd4b, 0x5, 0x8, 0x3, 0xfff, 0xd, 0x10, 0x7, 0x7, 0x43e, 0xffff, 0x0, 0x2, 0x402], 0x4}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = gettid() r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) rt_sigtimedwait(0x0, 0x0, &(0x7f0000000100)={0x0, 0x989680}, 0x0) gettid() futex(&(0x7f00000002c0)=0x2, 0xb, 0x2, &(0x7f0000000300)={0x77359400}, &(0x7f00000004c0)=0x1, 0x2) eventfd2(0x8e8, 0x80001) r4 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$MRT6_INIT(r4, 0x29, 0xc8, &(0x7f0000000040), 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90) socket$nl_generic(0x10, 0x3, 0x10) ioctl$VHOST_VDPA_GET_DEVICE_ID(0xffffffffffffffff, 0x8004af70, &(0x7f0000000200)) read$FUSE(0xffffffffffffffff, &(0x7f0000001480)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) timer_create(0x4, &(0x7f0000000240)={0x0, 0x27, 0x800000000004, @tid=r5}, 0x0) timer_gettime(0x0, 0x0) 114.477901ms ago: executing program 6 (id=2058): socket$netlink(0x10, 0x3, 0x12) syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0xd5) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'gre0\x00'}) r0 = getpgid(0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) r4 = semget$private(0x0, 0x1, 0x210) semctl$GETALL(r4, 0x0, 0xd, 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='nfsd\x00', 0x0, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={r3, 0x20, &(0x7f0000000040)={&(0x7f00000005c0)=""/193, 0xc1, 0x0, &(0x7f00000006c0)=""/150, 0x96}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xa, 0x0, 0x0, 0x0, 0x4, 0x87, &(0x7f0000000380)=""/135, 0x41100, 0x10, '\x00', 0x0, @fallback=0x15, r3, 0x8, &(0x7f0000000440)={0x8, 0x3}, 0x8, 0x10, &(0x7f0000000480)={0x1, 0x10000004, 0x101}, 0x10, r5, r3, 0x0, &(0x7f00000004c0), 0x0, 0x10, 0x2000009}, 0x94) umount2(&(0x7f00000002c0)='./file0\x00', 0x0) r6 = socket(0x1e, 0x4, 0x0) ioctl$sock_qrtr_TIOCINQ(r6, 0x541b, &(0x7f0000000340)) r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) mknod$loop(0x0, 0xfff, 0x0) syz_open_procfs(0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000840)='net/packet\x00') ioctl$sock_ifreq(r7, 0x8910, &(0x7f0000000000)={'pimreg1\x00', @ifru_ivalue=0x7}) ioctl$sock_netdev_private(r7, 0x8949, &(0x7f0000000000)) 114.271151ms ago: executing program 7 (id=2060): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$igmp(0x2, 0x3, 0x2) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x8401, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(r1, 0x5201) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100000b}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r3 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r4 = syz_io_uring_setup(0x48be, &(0x7f0000001280)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000000), &(0x7f0000001180)) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f0000000240)=[{&(0x7f00000013c0)=""/4081, 0xff1}, {&(0x7f00000003c0)=""/254, 0xfe}, {&(0x7f0000000580)=""/165, 0xa5}, {&(0x7f0000000640)=""/135, 0x87}], 0x4) ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000000280)={'wg0\x00'}) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c) r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r6 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f00000000c0)={0x4, 0x2, 0x1}) ioctl$vim2m_VIDIOC_QBUF(r6, 0xc044560f, &(0x7f00000001c0)=@mmap={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x0, "2063569a"}}) close(r6) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000100)=0x7fffffff, 0x4) io_setup(0x8, &(0x7f0000000540)=0x0) r8 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) io_submit(r7, 0x1, &(0x7f0000000180)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x1, r8, &(0x7f0000000140)="010000", 0x3, 0x2a21}]) 0s ago: executing program 2 (id=2061): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000061d6f83d00"/35], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = dup(0xffffffffffffffff) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008"], 0x64}}, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r4, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r5, 0x40045402, &(0x7f0000000140)=0x1) r6 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0) ioctl$I2C_SMBUS(r6, 0x720, &(0x7f0000000000)={0x0, 0x0, 0x3, &(0x7f00000000c0)={0x19, "90f50180e64f61909103f1fbbc2b81c9f144d76e44c700100000e52829e7cb8393"}}) r7 = syz_io_uring_setup(0x318b, &(0x7f00000003c0)={0x0, 0xfec9}, &(0x7f0000000240)=0x0, &(0x7f0000000380)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000340)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0xc, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x842a}}) io_uring_enter(r7, 0xdb4, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): an up link [ 383.540337][T11690] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1089'. [ 383.564060][T11690] netlink: 'syz.7.1089': attribute type 5 has an invalid length. [ 383.567554][T11690] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1089'. [ 383.760774][T11690] geneve2: entered promiscuous mode [ 383.763644][T11690] geneve2: entered allmulticast mode [ 383.772942][T11667] team0: Port device team_slave_0 added [ 383.775714][ T1141] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 256 - 0 [ 383.779104][T11667] team0: Port device team_slave_1 added [ 383.781959][ T1141] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 256 - 0 [ 383.785715][ T1141] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 256 - 0 [ 383.827456][ T1141] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 256 - 0 [ 383.830654][T11667] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 383.833223][T11667] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 383.846406][T11667] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 383.852360][T11667] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 383.854633][T11667] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 383.863888][T11667] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 383.898279][T11667] hsr_slave_0: entered promiscuous mode [ 383.901049][T11667] hsr_slave_1: entered promiscuous mode [ 383.904262][T11667] debugfs: 'hsr0' already exists in 'hsr' [ 383.907180][T11667] Cannot create hsr debugfs directory [ 384.023522][T11667] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 384.027660][T11667] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 384.031611][T11667] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 384.035203][T11667] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 384.046036][T11667] bridge0: port 2(bridge_slave_1) entered blocking state [ 384.048327][T11667] bridge0: port 2(bridge_slave_1) entered forwarding state [ 384.050650][T11667] bridge0: port 1(bridge_slave_0) entered blocking state [ 384.052874][T11667] bridge0: port 1(bridge_slave_0) entered forwarding state [ 384.133108][T11703] wireguard0: entered promiscuous mode [ 384.135050][T11703] wireguard0: entered allmulticast mode [ 384.351988][ T1141] bridge0: port 1(bridge_slave_0) entered disabled state [ 384.355652][ T1141] bridge0: port 2(bridge_slave_1) entered disabled state [ 384.399050][T11667] 8021q: adding VLAN 0 to HW filter on device bond0 [ 384.410940][T11667] 8021q: adding VLAN 0 to HW filter on device team0 [ 384.415538][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state [ 384.418469][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 384.443294][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state [ 384.446891][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state [ 384.562755][ T5853] libceph: connect (1)[c::]:6789 error -101 [ 384.565247][ T5853] libceph: mon0 (1)[c::]:6789 connect error [ 384.580772][T11711] ceph: No mds server is up or the cluster is laggy [ 384.589430][T11716] /dev/nullb0: Can't lookup blockdev [ 384.626406][ T5975] Bluetooth: hci3: command tx timeout [ 384.796066][T11667] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 384.907142][T11667] veth0_vlan: entered promiscuous mode [ 384.913237][T11667] veth1_vlan: entered promiscuous mode [ 384.930622][T11667] veth0_macvtap: entered promiscuous mode [ 384.936066][T11667] veth1_macvtap: entered promiscuous mode [ 384.947148][T11667] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 384.954428][T11667] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 384.961349][ T46] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 384.965504][ T46] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 384.970100][ T46] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 384.973942][ T46] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.006750][ T1166] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 385.013488][ T1166] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 385.023045][ T1166] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 385.027186][ T1166] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 385.237721][T11735] kvm_intel: kvm [11729]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 385.241950][ T5853] IPVS: starting estimator thread 0... [ 385.326375][T11736] IPVS: using max 57 ests per chain, 136800 per kthread [ 386.706430][ T5975] Bluetooth: hci3: command tx timeout [ 387.076485][T11743] bridge0: port 2(bridge_slave_1) entered disabled state [ 387.079504][T11743] bridge0: port 1(bridge_slave_0) entered disabled state [ 387.186729][T11743] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 387.192772][T11743] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 387.257116][ T87] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.271240][ T46] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.279144][ T60] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.283902][ T60] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.834262][T11764] batadv_slave_0: entered promiscuous mode [ 388.846729][ T5975] Bluetooth: hci3: command tx timeout [ 388.984255][T11772] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1105'. [ 389.014866][T11772] overlayfs: failed to clone upperpath [ 389.224078][T11777] wg2: entered allmulticast mode [ 389.981501][T11785] ieee802154 phy0 wpan0: encryption failed: -22 [ 390.204022][ T40] audit: type=1804 audit(1755727444.799:445): pid=11793 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.1109" name="/newroot/130/bus/bus" dev="overlay" ino=751 res=1 errno=0 [ 390.219975][ T40] audit: type=1804 audit(1755727444.799:446): pid=11793 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.1109" name="/newroot/130/bus/bus" dev="overlay" ino=751 res=1 errno=0 [ 390.866601][ T5975] Bluetooth: hci3: command tx timeout [ 391.056840][T11805] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1112'. [ 391.082013][T11805] 8021q: adding VLAN 0 to HW filter on device bond0 [ 391.089519][T11805] 8021q: adding VLAN 0 to HW filter on device team0 [ 391.143061][T11805] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 392.769993][T11831] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1118'. [ 393.187446][T11840] ata1.00: invalid multi_count 1 ignored [ 393.321164][ T5853] hid-generic 00A0:0008:0003.0007: unknown main item tag 0x7 [ 393.327522][ T5853] hid-generic 00A0:0008:0003.0007: item fetching failed at offset 14/15 [ 393.332502][ T5853] hid-generic 00A0:0008:0003.0007: probe with driver hid-generic failed with error -22 [ 393.336262][ T9031] usb 13-1: new high-speed USB device number 2 using dummy_hcd [ 393.486242][ T9031] usb 13-1: Using ep0 maxpacket: 16 [ 393.493843][ T9031] usb 13-1: unable to get BOS descriptor or descriptor too short [ 393.500542][ T9031] usb 13-1: config 15 has an invalid interface number: 174 but max is 1 [ 393.505898][ T9031] usb 13-1: config 15 has an invalid interface number: 5 but max is 1 [ 393.512388][ T9031] usb 13-1: config 15 has no interface number 0 [ 393.517727][ T9031] usb 13-1: config 15 has no interface number 1 [ 393.522090][ T9031] usb 13-1: config 15 interface 174 has no altsetting 0 [ 393.525130][ T9031] usb 13-1: config 15 interface 5 has no altsetting 0 [ 393.533693][ T9031] usb 13-1: language id specifier not provided by device, defaulting to English [ 393.544194][ T9031] usb 13-1: New USB device found, idVendor=1199, idProduct=6859, bcdDevice=fd.7d [ 393.550318][ T9031] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 393.555329][ T9031] usb 13-1: Product: syz [ 393.558588][ T9031] usb 13-1: Manufacturer: syz [ 393.561639][ T9031] usb 13-1: SerialNumber: syz [ 393.790234][ T9031] sierra 13-1:15.174: Sierra USB modem converter detected [ 393.796356][ T9031] usb 13-1: Sierra USB modem converter now attached to ttyUSB0 [ 393.802503][ T9031] sierra 13-1:15.5: Sierra USB modem converter detected [ 393.807857][ T9031] usb 13-1: Sierra USB modem converter now attached to ttyUSB1 [ 393.814058][ T9031] usb 13-1: USB disconnect, device number 2 [ 393.818242][ T9031] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0 [ 393.824563][ T9031] sierra 13-1:15.174: device disconnected [ 393.830979][ T9031] sierra ttyUSB1: Sierra USB modem converter now disconnected from ttyUSB1 [ 393.834946][ T9031] sierra 13-1:15.5: device disconnected [ 394.268483][T11852] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1124'. [ 394.271757][T11852] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1124'. [ 394.506397][T11856] block nbd0: server does not support multiple connections per device. [ 394.509989][T11856] block nbd0: shutting down sockets [ 394.598589][T11863] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 394.603385][T11863] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 394.984508][T11869] bridge0: port 2(veth0_to_team) entered blocking state [ 394.988914][T11869] bridge0: port 2(veth0_to_team) entered disabled state [ 394.992111][T11869] veth0_to_team: entered allmulticast mode [ 394.994502][T11869] veth0_to_team: entered promiscuous mode [ 395.719303][T11877] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1131'. [ 396.118309][T11885] kvm_intel: kvm [11880]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 396.256863][T11887] ata1.00: invalid multi_count 1 ignored [ 396.409127][ T6039] hid-generic 00A0:0008:0003.0008: unknown main item tag 0x7 [ 396.417556][ T6039] hid-generic 00A0:0008:0003.0008: item fetching failed at offset 14/15 [ 396.446620][ T6039] hid-generic 00A0:0008:0003.0008: probe with driver hid-generic failed with error -22 [ 396.776532][T11898] overlayfs: failed to clone upperpath [ 396.908477][T11901] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1137'. [ 397.486877][ T40] audit: type=1804 audit(1755727451.879:447): pid=11898 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1136" name="bus" dev="tmpfs" ino=1678 res=1 errno=0 [ 397.783683][T11912] tipc: Failed to remove unknown binding: 66,1,1/0:212288830/212288832 [ 397.786415][T11912] tipc: Failed to remove unknown binding: 66,1,1/0:212288830/212288832 [ 397.820783][T11914] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1141'. [ 399.146599][T11949] kvm_intel: kvm [11943]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 399.427252][T11954] kvm_intel: kvm [11951]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 400.121433][ T40] audit: type=1804 audit(1755727454.719:448): pid=11962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.8.1149" name="/newroot/13/bus/bus" dev="overlay" ino=97 res=1 errno=0 [ 400.142801][ T40] audit: type=1804 audit(1755727454.729:449): pid=11962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.1149" name="/newroot/13/bus/bus" dev="overlay" ino=97 res=1 errno=0 [ 401.901142][T11989] netlink: 'syz.2.1155': attribute type 10 has an invalid length. [ 401.905078][T11989] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 402.321486][T12009] kvm_intel: kvm [11998]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 402.541221][T12008] syzkaller1: entered promiscuous mode [ 402.543163][T12008] syzkaller1: entered allmulticast mode [ 402.547924][T12008] program syz.7.1159 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 402.553194][T12008] nfs: Unknown parameter 'ntext' [ 402.719528][T11995] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 403.421268][T12027] kvm_intel: kvm [12021]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 403.676509][T12031] netlink: 'syz.2.1162': attribute type 4 has an invalid length. [ 403.682612][T12031] netlink: 'syz.2.1162': attribute type 4 has an invalid length. [ 403.955671][T12038] kvm_intel: kvm [12033]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 404.560907][T12042] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 404.563453][T12042] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 404.566332][T12042] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 404.568760][T12042] comedi comedi3: 8255: I/O port conflict (0xfff,4) [ 404.571247][T12042] comedi comedi3: 8255: I/O port conflict (0x5c952399,4) [ 404.573664][T12042] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 404.575871][T12042] comedi comedi3: 8255: I/O port conflict (0x3ff,4) [ 404.578333][T12042] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 404.580634][T12042] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 404.583117][T12042] comedi comedi3: 8255: I/O port conflict (0x9,4) [ 404.585578][T12042] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 404.588017][T12042] comedi comedi3: 8255: I/O port conflict (0x4,4) [ 404.590240][T12042] comedi comedi3: 8255: I/O port conflict (0x3,4) [ 404.592560][T12042] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4) [ 404.595360][T12042] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4) [ 405.589592][T12053] wg2: entered allmulticast mode [ 405.600207][T12053] capability: warning: `syz.8.1168' uses 32-bit capabilities (legacy support in use) [ 405.708538][T12057] netlink: 'syz.6.1169': attribute type 10 has an invalid length. [ 405.712315][T12057] dummy0: entered promiscuous mode [ 405.714579][T12057] dummy0: entered allmulticast mode [ 405.718820][T12057] team0: Port device dummy0 added [ 405.786763][T12058] block device autoloading is deprecated and will be removed. [ 405.836513][T12057] md1: using deprecated bitmap file support [ 405.838929][T12057] md1: error: bitmap file must be a regular file [ 406.122957][T12066] kvm_intel: kvm [12061]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 406.562812][T12075] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1171'. [ 406.993738][T12080] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1172'. [ 407.029519][T12079] could not allocate digest TFM handle sha1-generic [ 407.502334][T12095] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1177'. [ 407.509434][T12095] batadv_slave_0: entered promiscuous mode [ 408.238276][T12104] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1179'. [ 411.210406][T12158] netlink: 'syz.7.1190': attribute type 4 has an invalid length. [ 411.218518][T12158] netlink: 'syz.7.1190': attribute type 4 has an invalid length. [ 411.236645][T12156] could not allocate digest TFM handle sha1-generic [ 411.256280][T12156] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1188'. [ 411.539966][ T6025] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 411.588844][T12166] batadv_slave_0: left promiscuous mode [ 411.598223][ T6025] hid-generic 0000:0000:0000.0009: hidraw1: HID v0.00 Device [syz1] on syz0 [ 411.651783][T12168] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1191'. [ 411.654650][T12168] netlink: 'syz.6.1191': attribute type 5 has an invalid length. [ 411.657766][T12168] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1191'. [ 411.667829][T12168] geneve2: entered promiscuous mode [ 411.675957][T12168] geneve2: entered allmulticast mode [ 411.686225][ T1166] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 256 - 0 [ 411.709925][ T1166] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 256 - 0 [ 411.712769][ T1166] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 256 - 0 [ 411.715804][ T1166] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 256 - 0 [ 413.437022][T12184] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1196'. [ 414.579605][T12219] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1198'. [ 414.667130][T12219] 8021q: adding VLAN 0 to HW filter on device bond0 [ 414.670027][T12219] bridge0: port 3(team0) entered blocking state [ 414.672042][T12219] bridge0: port 3(team0) entered forwarding state [ 414.674291][T12219] 8021q: adding VLAN 0 to HW filter on device team0 [ 414.683904][T12219] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 415.466400][ T6025] usb 13-1: new full-speed USB device number 3 using dummy_hcd [ 415.658478][ T6025] usb 13-1: config 195 has an invalid interface number: 145 but max is 0 [ 415.664291][ T6025] usb 13-1: config 195 has no interface number 0 [ 415.671985][ T6025] usb 13-1: config 195 interface 145 has no altsetting 0 [ 415.679232][ T6025] usb 13-1: New USB device found, idVendor=055f, idProduct=c211, bcdDevice=9b.e4 [ 415.683240][ T6025] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 415.687428][ T6025] usb 13-1: Product: syz [ 415.689344][ T6025] usb 13-1: Manufacturer: syz [ 415.691435][ T6025] usb 13-1: SerialNumber: syz [ 415.761178][T12238] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 415.792118][T12238] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1202'. [ 415.795731][T12238] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1202'. [ 416.040634][T12242] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1204'. [ 416.045075][T12242] netlink: 'syz.2.1204': attribute type 5 has an invalid length. [ 416.054570][T12242] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1204'. [ 416.103815][T12242] geneve2: entered promiscuous mode [ 416.107725][T12242] geneve2: entered allmulticast mode [ 416.125863][ T13] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 256 - 0 [ 416.129327][ T13] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 256 - 0 [ 416.132451][ T13] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 256 - 0 [ 416.135411][ T13] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 256 - 0 [ 416.293527][T12246] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1205'. [ 416.474539][T12248] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1206'. [ 417.611434][ T6025] gspca_main: sunplus-2.14.0 probing 055f:c211 [ 417.614214][ T6025] gspca_sunplus: reg_r err -71 [ 417.985000][T12275] kvm_intel: kvm [12270]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 418.519904][T12277] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1211'. [ 418.535806][T12277] 8021q: adding VLAN 0 to HW filter on device team0 [ 418.541297][T12277] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 418.586264][ T6025] sunplus 13-1:195.145: probe with driver sunplus failed with error -71 [ 418.592982][ T6025] usb 13-1: USB disconnect, device number 3 [ 419.798015][T12291] ceph: No mds server is up or the cluster is laggy [ 419.838486][T12294] vxfs: WRONG superblock magic 00000000 at 1 [ 419.841862][T12294] vxfs: WRONG superblock magic 00000000 at 8 [ 419.844524][T12294] vxfs: can't find superblock. [ 420.180848][ T5853] libceph: connect (1)[c::]:6789 error -101 [ 420.211927][ T5853] libceph: mon0 (1)[c::]:6789 connect error [ 420.759832][T12309] netlink: 62 bytes leftover after parsing attributes in process `syz.2.1218'. [ 420.867720][ T87] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 420.871020][ T87] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 420.988483][ T5975] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 420.991964][ T5975] CPU: 2 UID: 0 PID: 5975 Comm: kworker/u33:2 Not tainted syzkaller #0 PREEMPT(full) [ 420.991980][ T5975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 420.991988][ T5975] Workqueue: hci2 hci_rx_work [ 420.992006][ T5975] Call Trace: [ 420.992010][ T5975] [ 420.992015][ T5975] dump_stack_lvl+0x16c/0x1f0 [ 420.992031][ T5975] sysfs_warn_dup+0x7f/0xa0 [ 420.992045][ T5975] sysfs_create_dir_ns+0x24b/0x2b0 [ 420.992059][ T5975] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 420.992071][ T5975] ? kobject_add_internal+0x25b/0x9b0 [ 420.992087][ T5975] ? lock_release+0x201/0x2f0 [ 420.992101][ T5975] ? do_raw_spin_unlock+0x172/0x230 [ 420.992117][ T5975] kobject_add_internal+0x2c4/0x9b0 [ 420.992134][ T5975] kobject_add+0x16e/0x240 [ 420.992151][ T5975] ? __pfx_kobject_add+0x10/0x10 [ 420.992172][ T5975] ? lock_release+0x201/0x2f0 [ 420.992193][ T5975] ? do_raw_spin_unlock+0x172/0x230 [ 420.992219][ T5975] ? kobject_put+0xab/0x5a0 [ 420.992244][ T5975] device_add+0x288/0x1aa0 [ 420.992262][ T5975] ? __pfx_dev_set_name+0x10/0x10 [ 420.992276][ T5975] ? __pfx_device_add+0x10/0x10 [ 420.992286][ T5975] ? mgmt_send_event_skb+0x2fb/0x460 [ 420.992299][ T5975] hci_conn_add_sysfs+0x17e/0x230 [ 420.992313][ T5975] le_conn_complete_evt+0x1075/0x1d70 [ 420.992325][ T5975] ? __pfx___might_resched+0x10/0x10 [ 420.992337][ T5975] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 420.992347][ T5975] ? rcu_is_watching+0x12/0xc0 [ 420.992357][ T5975] ? lock_release+0x201/0x2f0 [ 420.992372][ T5975] hci_le_conn_complete_evt+0x23c/0x370 [ 420.992384][ T5975] hci_le_meta_evt+0x354/0x5e0 [ 420.992395][ T5975] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 420.992407][ T5975] hci_event_packet+0x685/0x11c0 [ 420.992417][ T5975] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 420.992428][ T5975] ? __pfx_hci_event_packet+0x10/0x10 [ 420.992438][ T5975] ? kcov_remote_start+0x36a/0x6d0 [ 420.992453][ T5975] ? rcu_watching_snap_stopped_since+0x100/0x110 [ 420.992464][ T5975] ? rcu_is_watching+0x12/0xc0 [ 420.992477][ T5975] hci_rx_work+0x2c5/0x16b0 [ 420.992488][ T5975] ? rcu_is_watching+0x12/0xc0 [ 420.992499][ T5975] process_one_work+0x9cf/0x1b70 [ 420.992517][ T5975] ? __pfx_rxrpc_peer_keepalive_worker+0x10/0x10 [ 420.992534][ T5975] ? __pfx_process_one_work+0x10/0x10 [ 420.992551][ T5975] ? assign_work+0x1a0/0x250 [ 420.992566][ T5975] worker_thread+0x6c8/0xf10 [ 420.992577][ T5975] ? __pfx_worker_thread+0x10/0x10 [ 420.992586][ T5975] kthread+0x3c5/0x780 [ 420.992601][ T5975] ? __pfx_kthread+0x10/0x10 [ 420.992614][ T5975] ? ret_from_fork+0x25/0x6f0 [ 420.992636][ T5975] ? rcu_is_watching+0x12/0xc0 [ 420.992647][ T5975] ? rcu_is_watching+0x12/0xc0 [ 420.992657][ T5975] ? __pfx_kthread+0x10/0x10 [ 420.992673][ T5975] ret_from_fork+0x5d4/0x6f0 [ 420.992688][ T5975] ? __pfx_kthread+0x10/0x10 [ 420.992704][ T5975] ret_from_fork_asm+0x1a/0x30 [ 420.992721][ T5975] [ 420.992732][ T5975] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 421.101080][ T5975] Bluetooth: hci2: failed to register connection device [ 421.105377][T12299] netlink: 'syz.8.1215': attribute type 4 has an invalid length. [ 421.112971][T12299] netlink: 'syz.8.1215': attribute type 4 has an invalid length. [ 421.711800][ T40] audit: type=1804 audit(1755727476.309:450): pid=12326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.1222" name="/newroot/173/bus/bus" dev="overlay" ino=973 res=1 errno=0 [ 421.722855][ T40] audit: type=1804 audit(1755727476.329:451): pid=12326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.1222" name="/newroot/173/bus/bus" dev="overlay" ino=973 res=1 errno=0 [ 422.267966][T12347] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1225'. [ 423.060714][T12365] could not allocate digest TFM handle sha1-generic [ 423.074185][T12365] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1228'. [ 423.964628][T12384] kvm_intel: kvm [12378]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 424.109023][ T40] audit: type=1326 audit(1755727478.709:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12381 comm="syz.2.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 424.198390][ T40] audit: type=1326 audit(1755727478.709:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12381 comm="syz.2.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 424.206470][ T40] audit: type=1326 audit(1755727478.719:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12381 comm="syz.2.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 424.212863][ T40] audit: type=1326 audit(1755727478.719:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12381 comm="syz.2.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 424.219733][ T40] audit: type=1326 audit(1755727478.719:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12381 comm="syz.2.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 424.227198][ T40] audit: type=1326 audit(1755727478.729:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12381 comm="syz.2.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 424.234148][ T40] audit: type=1326 audit(1755727478.729:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12381 comm="syz.2.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 424.241318][ T40] audit: type=1326 audit(1755727478.729:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12381 comm="syz.2.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 424.446196][ T9] usb 13-1: new high-speed USB device number 4 using dummy_hcd [ 424.665574][ T9] usb 13-1: config 0 has no interfaces? [ 424.671923][ T9] usb 13-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 424.676371][ T9] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 424.680497][ T9] usb 13-1: Product: syz [ 424.684064][ T9] usb 13-1: Manufacturer: syz [ 424.687369][ T9] usb 13-1: SerialNumber: syz [ 424.691932][ T9] usb 13-1: config 0 descriptor?? [ 424.829846][T12395] bridge0: port 3(team0) entered blocking state [ 424.832221][T12395] bridge0: port 3(team0) entered forwarding state [ 424.985690][T12395] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 424.986995][T12402] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1236'. [ 425.002738][T12402] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1236'. [ 425.861981][T12410] kvm_intel: kvm [12405]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 426.610873][T12415] usb usb1: usbfs: process 12415 (syz.7.1242) did not claim interface 42 before use [ 426.786790][T12422] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1243'. [ 426.917569][T12426] vxfs: WRONG superblock magic 00000000 at 1 [ 426.919913][T12426] vxfs: WRONG superblock magic 00000000 at 8 [ 426.921998][T12426] vxfs: can't find superblock. [ 426.946733][T12423] ceph: No mds server is up or the cluster is laggy [ 426.974956][ T5853] libceph: connect (1)[c::]:6789 error -101 [ 426.980463][ T5853] libceph: mon0 (1)[c::]:6789 connect error [ 427.024813][ T6012] usb 13-1: USB disconnect, device number 4 [ 427.760329][T12439] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1247'. [ 428.035573][T12444] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1249'. [ 428.360888][T12453] kvm_intel: kvm [12445]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 429.146926][T12463] fuse: Unknown parameter 'rootmOde' [ 429.476505][T12470] wireguard0: entered promiscuous mode [ 429.482824][T12470] wireguard0: entered allmulticast mode [ 431.342797][ T5853] libceph: connect (1)[c::]:6789 error -101 [ 431.345330][ T5853] libceph: mon0 (1)[c::]:6789 connect error [ 431.395759][T12486] ceph: No mds server is up or the cluster is laggy [ 431.434445][T12486] vxfs: WRONG superblock magic 00000000 at 1 [ 431.437022][T12486] vxfs: WRONG superblock magic 00000000 at 8 [ 431.439094][T12486] vxfs: can't find superblock. [ 431.620796][T12493] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1259'. [ 432.101449][T12498] kvm_intel: kvm [12495]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 432.388960][ T40] kauditd_printk_skb: 23 callbacks suppressed [ 432.388971][ T40] audit: type=1326 audit(1755727486.989:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12499 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 432.406611][ T40] audit: type=1326 audit(1755727486.999:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12499 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 432.420506][ T40] audit: type=1326 audit(1755727486.999:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12499 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 432.428034][ T40] audit: type=1326 audit(1755727486.999:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12499 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 432.434945][ T40] audit: type=1326 audit(1755727486.999:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12499 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 432.442274][ T40] audit: type=1326 audit(1755727486.999:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12499 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 432.726299][ T40] audit: type=1326 audit(1755727486.999:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12499 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 432.734406][ T40] audit: type=1326 audit(1755727486.999:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12499 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 432.742966][ T40] audit: type=1326 audit(1755727486.999:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12499 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 432.751163][ T40] audit: type=1326 audit(1755727486.999:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12499 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 433.317516][T12518] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1274'. [ 435.035681][T12538] nfs: Unknown parameter 'ntext' [ 436.546472][ T5976] Bluetooth: hci2: command 0x0406 tx timeout [ 436.667534][T12556] netlink: 3 bytes leftover after parsing attributes in process `syz.6.1278'. [ 436.673118][T12556] batadv1: entered allmulticast mode [ 436.737005][T12557] input: syz1 as /devices/virtual/input/input8 [ 436.894937][T12561] vxfs: WRONG superblock magic 00000000 at 1 [ 436.897368][T12561] vxfs: WRONG superblock magic 00000000 at 8 [ 436.899599][T12561] vxfs: can't find superblock. [ 436.921380][T12558] ceph: No mds server is up or the cluster is laggy [ 436.962587][ T5853] libceph: connect (1)[c::]:6789 error -101 [ 436.989743][ T5853] libceph: mon0 (1)[c::]:6789 connect error [ 437.711606][T12580] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1277'. [ 437.726683][T12580] batadv_slave_0: entered promiscuous mode [ 438.129063][T12600] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1281'. [ 439.060875][T12635] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1286'. [ 439.536181][T12643] ceph: No mds server is up or the cluster is laggy [ 439.539025][T12639] /dev/nullb0: Can't lookup blockdev [ 439.540307][ T5853] libceph: connect (1)[c::]:6789 error -101 [ 439.543146][ T5853] libceph: mon0 (1)[c::]:6789 connect error [ 439.588106][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.589996][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.937290][T12656] evm: overlay not supported [ 439.966965][ T40] kauditd_printk_skb: 65 callbacks suppressed [ 439.966976][ T40] audit: type=1804 audit(1755727494.569:558): pid=12653 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.1289" name="/newroot/189/bus/bus" dev="overlay" ino=1077 res=1 errno=0 [ 440.007645][ T40] audit: type=1804 audit(1755727494.599:559): pid=12653 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.1289" name="/newroot/189/bus/bus" dev="overlay" ino=1077 res=1 errno=0 [ 440.667602][T12672] kvm_intel: kvm [12666]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 442.319322][T12710] netlink: 62 bytes leftover after parsing attributes in process `syz.8.1299'. [ 442.789849][T12718] syzkaller1: entered promiscuous mode [ 442.792352][T12718] syzkaller1: entered allmulticast mode [ 442.812230][T12718] program syz.6.1301 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 442.859208][T12715] nfs: Unknown parameter 'ntext' [ 443.711152][T12739] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1306'. [ 443.875388][T12743] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1307'. [ 445.433829][T12769] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1321'. [ 445.803556][T12775] wireguard0: entered promiscuous mode [ 445.805325][T12775] wireguard0: entered allmulticast mode [ 445.810469][T12779] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1314'. [ 447.006285][ T6172] usb 12-1: new high-speed USB device number 4 using dummy_hcd [ 447.166323][ T6172] usb 12-1: Using ep0 maxpacket: 8 [ 447.169731][ T6172] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 447.174784][ T6172] usb 12-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 447.178700][ T6172] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 447.185123][ T6172] usb 12-1: config 0 descriptor?? [ 447.517004][ T6172] iowarrior 12-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 447.748791][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 447.751817][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 448.986282][ T6172] usb 13-1: new high-speed USB device number 5 using dummy_hcd [ 449.138249][ T6172] usb 13-1: config 0 has no interfaces? [ 449.141640][ T6172] usb 13-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 449.144614][ T6172] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 449.147625][ T6172] usb 13-1: Product: syz [ 449.148990][ T6172] usb 13-1: Manufacturer: syz [ 449.150492][ T6172] usb 13-1: SerialNumber: syz [ 449.152773][ T6172] usb 13-1: config 0 descriptor?? [ 449.317559][ T5853] usb 12-1: USB disconnect, device number 4 [ 449.576377][T12812] kvm_intel: kvm [12809]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 449.969926][T12816] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1325'. [ 450.428039][T12826] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1327'. [ 450.946042][T12830] overlayfs: failed to resolve './file1': -2 [ 451.106266][T12835] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1329'. [ 451.701184][ T6172] usb 13-1: USB disconnect, device number 5 [ 452.077583][ T40] audit: type=1326 audit(1755727506.679:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12849 comm="syz.2.1333" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 452.093691][ T40] audit: type=1326 audit(1755727506.679:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12849 comm="syz.2.1333" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 452.116250][ T29] usb 13-1: new high-speed USB device number 6 using dummy_hcd [ 452.118799][ T40] audit: type=1326 audit(1755727506.679:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12849 comm="syz.2.1333" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 452.154886][ T40] audit: type=1326 audit(1755727506.679:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12849 comm="syz.2.1333" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 452.163293][ T40] audit: type=1326 audit(1755727506.679:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12849 comm="syz.2.1333" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 452.193933][ T40] audit: type=1326 audit(1755727506.679:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12849 comm="syz.2.1333" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 452.201493][ T40] audit: type=1326 audit(1755727506.679:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12849 comm="syz.2.1333" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 452.208209][ T40] audit: type=1326 audit(1755727506.679:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12849 comm="syz.2.1333" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 452.215446][ T40] audit: type=1326 audit(1755727506.679:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12849 comm="syz.2.1333" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 452.222819][ T40] audit: type=1326 audit(1755727506.679:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12849 comm="syz.2.1333" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 452.399196][ T29] usb 13-1: config 0 has no interfaces? [ 452.408830][ T29] usb 13-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 452.412448][ T29] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 452.415650][ T29] usb 13-1: Product: syz [ 452.418143][ T29] usb 13-1: Manufacturer: syz [ 452.420206][ T29] usb 13-1: SerialNumber: syz [ 452.425327][ T29] usb 13-1: config 0 descriptor?? [ 452.433127][T12857] kvm_intel: kvm [12855]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 452.878590][T12863] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1336'. [ 453.075693][T12865] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1337'. [ 453.585459][T12875] openvswitch: : Dropping previously announced user features [ 454.774041][ T6172] usb 13-1: USB disconnect, device number 6 [ 454.776274][ T6039] usb 11-1: new high-speed USB device number 6 using dummy_hcd [ 454.928721][ T6039] usb 11-1: config 0 has no interfaces? [ 454.932134][ T6039] usb 11-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 454.935012][ T6039] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 454.937934][ T6039] usb 11-1: Product: syz [ 454.939492][ T6039] usb 11-1: Manufacturer: syz [ 454.941560][ T6039] usb 11-1: SerialNumber: syz [ 454.944434][ T6039] usb 11-1: config 0 descriptor?? [ 455.009870][T12896] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1348'. [ 456.361626][T12932] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1354'. [ 456.489895][T12933] tmpfs: Unknown parameter '' [ 457.409231][ T34] usb 11-1: USB disconnect, device number 6 [ 458.775852][T12957] overlayfs: failed to clone upperpath [ 460.847727][T13004] loop6: detected capacity change from 0 to 63 [ 460.857108][ T9964] buffer_io_error: 4148 callbacks suppressed [ 460.857118][ T9964] Buffer I/O error on dev loop6, logical block 0, async page read [ 460.861799][ T9964] Buffer I/O error on dev loop6, logical block 0, async page read [ 460.864694][ T9964] Buffer I/O error on dev loop6, logical block 0, async page read [ 460.868026][ T9964] Buffer I/O error on dev loop6, logical block 0, async page read [ 460.871562][ T9964] Buffer I/O error on dev loop6, logical block 0, async page read [ 460.920656][T13004] Buffer I/O error on dev loop6, logical block 0, async page read [ 460.923541][T13004] Buffer I/O error on dev loop6, logical block 0, async page read [ 460.926300][T13004] Buffer I/O error on dev loop6, logical block 0, async page read [ 460.928720][T13004] Buffer I/O error on dev loop6, logical block 0, async page read [ 460.931341][T13004] Buffer I/O error on dev loop6, logical block 0, async page read [ 461.169001][ T34] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 461.236837][ T34] hid-generic 0000:0000:0000.000A: hidraw1: HID v0.00 Device [syz1] on syz0 [ 461.309199][T13014] fido_id[13014]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 463.283245][T13071] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1384'. [ 463.543764][ T29] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 463.548603][ T29] hid-generic 0000:0000:0000.000B: hidraw1: HID v0.00 Device [syz1] on syz0 [ 464.274006][T13087] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1386'. [ 466.688826][ T40] kauditd_printk_skb: 36 callbacks suppressed [ 466.688862][ T40] audit: type=1804 audit(1755727521.259:606): pid=13132 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.1397" name="/newroot/195/bus/bus" dev="overlay" ino=1118 res=1 errno=0 [ 466.717096][ T40] audit: type=1804 audit(1755727521.279:607): pid=13132 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.1397" name="/newroot/195/bus/bus" dev="overlay" ino=1118 res=1 errno=0 [ 466.738167][ T40] audit: type=1326 audit(1755727521.309:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="syz.2.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 466.756952][ T40] audit: type=1326 audit(1755727521.309:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="syz.2.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 466.779312][ T40] audit: type=1326 audit(1755727521.309:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="syz.2.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 466.785754][ T40] audit: type=1326 audit(1755727521.309:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="syz.2.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 466.846641][ T40] audit: type=1326 audit(1755727521.309:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="syz.2.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 466.914560][ T40] audit: type=1326 audit(1755727521.309:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="syz.2.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=337 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 466.926319][ T40] audit: type=1326 audit(1755727521.309:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="syz.2.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 466.934060][ T40] audit: type=1326 audit(1755727521.309:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="syz.2.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 468.806023][T13152] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 469.039469][T13178] kvm_intel: kvm [13177]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 469.072330][T13180] fuse: Unknown parameter 'use0000000000000000000000000000000000000000' [ 469.323817][T13185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1403'. [ 469.692039][T13188] kvm_intel: kvm [13187]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 470.643693][T13200] kvm_intel: kvm [13199]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 470.903157][T13203] kvm_intel: kvm [13202]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 471.918249][T13217] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1422'. [ 472.110142][T13223] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1414'. [ 472.639482][T13232] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1416'. [ 473.076473][T13239] netlink: 'syz.2.1418': attribute type 1 has an invalid length. [ 473.165661][T13239] 8021q: adding VLAN 0 to HW filter on device bond3 [ 473.179865][T13241] bond3: (slave geneve3): making interface the new active one [ 473.185363][T13241] bond3: (slave geneve3): Enslaving as an active interface with an up link [ 473.228094][ T12] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 6081 - 0 [ 473.230827][ T12] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 6081 - 0 [ 473.234608][ T12] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 6081 - 0 [ 473.237488][ T12] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 6081 - 0 [ 473.580639][T13248] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1420'. [ 474.406250][ T34] usb 11-1: new high-speed USB device number 7 using dummy_hcd [ 474.586545][ T34] usb 11-1: config 0 has no interfaces? [ 474.591777][ T34] usb 11-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 474.595806][ T34] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 474.599332][ T34] usb 11-1: Product: syz [ 474.601281][ T34] usb 11-1: Manufacturer: syz [ 474.603369][ T34] usb 11-1: SerialNumber: syz [ 474.616725][ T34] usb 11-1: config 0 descriptor?? [ 475.491343][T13261] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 476.029564][T13296] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1430'. [ 476.767588][ T87] wlan0: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID [ 476.829041][T13314] tmpfs: Unknown parameter '' [ 477.103304][ T6012] usb 11-1: USB disconnect, device number 7 [ 478.940672][T13343] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1439'. [ 479.209742][T13350] kvm_intel: kvm [13348]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 479.331075][T13357] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1444'. [ 480.294414][T13370] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1449'. [ 480.302744][T13369] binder: BINDER_SET_CONTEXT_MGR already set [ 480.305423][T13369] binder: 13368:13369 ioctl 4018620d 800001c0 returned -16 [ 481.252112][T13391] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input9 [ 481.346185][T13391] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1454'. [ 481.768649][T13394] kvm_intel: kvm [13393]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 483.199463][ T40] kauditd_printk_skb: 180 callbacks suppressed [ 483.199473][ T40] audit: type=1326 audit(1755727537.799:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13418 comm="syz.6.1462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 483.337329][ T40] audit: type=1326 audit(1755727537.799:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13418 comm="syz.6.1462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 483.344219][ T40] audit: type=1326 audit(1755727537.799:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13418 comm="syz.6.1462" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 483.354382][ T40] audit: type=1326 audit(1755727537.799:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13418 comm="syz.6.1462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 483.361853][ T40] audit: type=1326 audit(1755727537.799:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13418 comm="syz.6.1462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 483.368616][ T40] audit: type=1326 audit(1755727537.799:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13418 comm="syz.6.1462" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 483.375275][ T40] audit: type=1326 audit(1755727537.799:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13418 comm="syz.6.1462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 483.382125][ T40] audit: type=1326 audit(1755727537.799:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13418 comm="syz.6.1462" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 483.388968][ T40] audit: type=1326 audit(1755727537.799:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13418 comm="syz.6.1462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 483.401546][ T40] audit: type=1326 audit(1755727537.799:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13418 comm="syz.6.1462" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 485.670658][ T60] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 485.720030][ T60] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 485.810193][ T60] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 485.872839][ T60] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 486.259316][ T60] bond0 (unregistering): Released all slaves [ 486.291771][ T60] bond1 (unregistering): (slave veth3): Releasing backup interface [ 486.295249][ T60] bond1 (unregistering): Released all slaves [ 486.408542][ T60] : left promiscuous mode [ 486.848393][ T60] hsr_slave_0: left promiscuous mode [ 486.856236][ T60] hsr_slave_1: left promiscuous mode [ 487.199943][ T1166] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 487.203637][ T1166] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 487.474126][T13506] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(5) [ 487.476292][T13506] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 487.551140][T13506] vhci_hcd vhci_hcd.0: Device attached [ 487.629733][ T60] IPVS: stop unused estimator thread 0... [ 487.826186][ T29] usb 52-1: SetAddress Request (2) to port 0 [ 487.828467][ T29] usb 52-1: new SuperSpeed USB device number 2 using vhci_hcd [ 488.384889][T13507] vhci_hcd: connection reset by peer [ 488.386919][ T1149] vhci_hcd: stop threads [ 488.388761][ T1149] vhci_hcd: release socket [ 488.396240][ T1149] vhci_hcd: disconnect device [ 488.520104][ T40] kauditd_printk_skb: 26 callbacks suppressed [ 488.520115][ T40] audit: type=1326 audit(1755727543.119:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13518 comm="syz.2.1477" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 488.533669][ T40] audit: type=1326 audit(1755727543.129:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13518 comm="syz.2.1477" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 488.594028][T13522] pim6reg: entered allmulticast mode [ 488.613031][ T40] audit: type=1326 audit(1755727543.129:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13518 comm="syz.2.1477" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 488.692450][ T40] audit: type=1326 audit(1755727543.129:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13518 comm="syz.2.1477" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 488.700514][ T40] audit: type=1326 audit(1755727543.129:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13518 comm="syz.2.1477" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 488.708303][ T40] audit: type=1326 audit(1755727543.129:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13518 comm="syz.2.1477" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 488.715829][ T40] audit: type=1326 audit(1755727543.129:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13518 comm="syz.2.1477" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 488.724208][ T40] audit: type=1326 audit(1755727543.129:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13518 comm="syz.2.1477" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 488.736000][ T40] audit: type=1326 audit(1755727543.129:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13518 comm="syz.2.1477" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 488.743184][ T40] audit: type=1326 audit(1755727543.129:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13518 comm="syz.2.1477" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 490.930080][T13545] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1482'. [ 492.244443][T13568] kvm_intel: kvm [13563]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 492.866441][ T29] usb 52-1: device descriptor read/8, error -110 [ 493.336255][ T29] usb usb52-port1: attempt power cycle [ 494.036722][ T29] usb usb52-port1: unable to enumerate USB device [ 494.084749][T13588] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1491'. [ 494.418710][T13594] overlayfs: failed to clone upperpath [ 494.478671][ T40] kauditd_printk_skb: 30 callbacks suppressed [ 494.478687][ T40] audit: type=1804 audit(1755727549.079:872): pid=13594 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1493" name="bus" dev="tmpfs" ino=2253 res=1 errno=0 [ 494.914174][T13595] uprobe: syz.8.1494:13595 failed to unregister, leaking uprobe [ 495.233762][T13606] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1498'. [ 495.642707][T13615] netlink: 3 bytes leftover after parsing attributes in process `syz.7.1500'. [ 495.653540][T13615] batadv2: entered allmulticast mode [ 495.707707][T13616] input: syz1 as /devices/virtual/input/input10 [ 496.108699][T13618] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1501'. [ 496.628023][ T40] audit: type=1326 audit(1755727551.229:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13623 comm="syz.6.1510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 496.634644][ T40] audit: type=1326 audit(1755727551.229:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13623 comm="syz.6.1510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 496.641444][ T40] audit: type=1326 audit(1755727551.229:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13623 comm="syz.6.1510" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 496.666384][ T40] audit: type=1326 audit(1755727551.229:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13623 comm="syz.6.1510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 496.675599][ T40] audit: type=1326 audit(1755727551.229:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13623 comm="syz.6.1510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 496.699456][ T40] audit: type=1326 audit(1755727551.229:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13623 comm="syz.6.1510" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 496.713360][ T40] audit: type=1326 audit(1755727551.229:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13623 comm="syz.6.1510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 496.723447][ T40] audit: type=1326 audit(1755727551.229:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13623 comm="syz.6.1510" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 496.734283][ T40] audit: type=1326 audit(1755727551.229:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13623 comm="syz.6.1510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 496.750093][T13633] netlink: 'syz.8.1503': attribute type 1 has an invalid length. [ 496.753424][T13633] netlink: 236 bytes leftover after parsing attributes in process `syz.8.1503'. [ 497.091569][T13632] pim6reg: entered allmulticast mode [ 497.436443][T13623] pim6reg: left allmulticast mode [ 497.445207][T13646] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1505'. [ 499.931476][T13698] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1514'. [ 500.103833][T13703] netlink: 3 bytes leftover after parsing attributes in process `syz.8.1513'. [ 500.115396][T13703] batadv1: entered allmulticast mode [ 500.165796][T13704] input: syz1 as /devices/virtual/input/input11 [ 500.437361][T13707] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1517'. [ 501.028610][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.031664][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.550909][T13745] 8021q: adding VLAN 0 to HW filter on device bond0 [ 502.556610][T13745] bond0: (slave rose0): Enslaving as an active interface with an up link [ 503.537784][T13774] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1528'. [ 503.853161][T13783] kvm_intel: kvm [13773]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 504.136956][T13788] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1531'. [ 504.148135][T13788] batadv2: entered allmulticast mode [ 505.809653][T13815] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1536'. [ 505.817084][T13815] ip_vti0: entered promiscuous mode [ 505.824624][T13815] ip_vti0: entered allmulticast mode [ 506.383240][T13820] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1537'. [ 508.097301][T13846] lo speed is unknown, defaulting to 1000 [ 508.099956][T13846] lo speed is unknown, defaulting to 1000 [ 508.103735][T13846] lo speed is unknown, defaulting to 1000 [ 508.111955][T13846] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 508.123064][T13846] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 508.145579][T13846] lo speed is unknown, defaulting to 1000 [ 508.149356][T13846] lo speed is unknown, defaulting to 1000 [ 508.152650][T13846] lo speed is unknown, defaulting to 1000 [ 508.156278][T13846] lo speed is unknown, defaulting to 1000 [ 510.129861][T13866] uprobe: syz.2.1548:13866 failed to unregister, leaking uprobe [ 510.466377][ T5976] Bluetooth: hci3: command 0x0405 tx timeout [ 511.526290][T13523] usb 11-1: new high-speed USB device number 8 using dummy_hcd [ 511.676818][T13523] usb 11-1: Using ep0 maxpacket: 8 [ 511.680758][T13523] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 511.685545][T13523] usb 11-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 511.690916][T13523] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 511.700506][T13523] usb 11-1: config 0 descriptor?? [ 511.969843][T13523] iowarrior 11-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 512.459140][T13887] lo speed is unknown, defaulting to 1000 [ 513.336940][ T9031] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 513.337495][T13920] 9pnet_fd: Insufficient options for proto=fd [ 513.376915][T13920] tmpfs: Bad value for 'mpol' [ 514.416086][ T29] usb 11-1: USB disconnect, device number 8 [ 514.416282][ C2] iowarrior 11-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19 [ 523.877782][T13984] input: syz1 as /devices/virtual/input/input12 [ 523.941428][T13990] netlink: 48 bytes leftover after parsing attributes in process `syz.7.1573'. [ 526.596200][ T6131] usb 13-1: new high-speed USB device number 7 using dummy_hcd [ 526.766249][ T6131] usb 13-1: Using ep0 maxpacket: 8 [ 526.770038][ T6131] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 526.774516][ T6131] usb 13-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 526.778690][ T6131] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 526.783512][ T6131] usb 13-1: config 0 descriptor?? [ 527.065718][ T6131] iowarrior 13-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 528.251507][T14037] lo speed is unknown, defaulting to 1000 [ 529.382297][ T6131] usb 13-1: USB disconnect, device number 7 [ 529.382350][ C1] iowarrior 13-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19 [ 530.141860][T14075] nvme_fabrics: missing parameter 'transport=%s' [ 530.144584][T14075] nvme_fabrics: missing parameter 'nqn=%s' [ 530.147000][T14076] kvm_intel: kvm [14070]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 532.506035][T14106] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1596'. [ 532.858320][T14117] syz.6.1598: attempt to access beyond end of device [ 532.858320][T14117] loop6: rw=2048, sector=2, nr_sectors = 1 limit=0 [ 532.862911][T14117] hfsplus: unable to find HFS+ superblock [ 533.643019][T14129] kvm_intel: kvm [14123]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 533.721756][ T40] kauditd_printk_skb: 33 callbacks suppressed [ 533.721767][ T40] audit: type=1326 audit(1755727588.319:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14126 comm="syz.6.1601" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 533.731154][ T40] audit: type=1326 audit(1755727588.319:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14126 comm="syz.6.1601" exe="/syz-executor" sig=0 arch=40000003 syscall=293 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 533.738488][ T40] audit: type=1326 audit(1755727588.319:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14126 comm="syz.6.1601" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 533.745320][ T40] audit: type=1326 audit(1755727588.319:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14126 comm="syz.6.1601" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 533.752621][ T40] audit: type=1326 audit(1755727588.319:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14126 comm="syz.6.1601" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 533.762639][ T40] audit: type=1326 audit(1755727588.319:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14126 comm="syz.6.1601" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 533.773422][ T40] audit: type=1326 audit(1755727588.319:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14126 comm="syz.6.1601" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 533.783894][ T40] audit: type=1326 audit(1755727588.319:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14126 comm="syz.6.1601" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 533.796338][ T40] audit: type=1326 audit(1755727588.319:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14126 comm="syz.6.1601" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 533.808182][ T40] audit: type=1326 audit(1755727588.319:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14126 comm="syz.6.1601" exe="/syz-executor" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 534.201119][T14135] fuse: Unknown parameter 'group_id00000000000000000000' [ 534.940365][T14150] kvm_intel: kvm [14141]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 536.037173][T14166] kvm_intel: kvm [14156]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 536.214265][T14170] netlink: 72 bytes leftover after parsing attributes in process `syz.7.1609'. [ 536.237131][T14167] pim6reg: entered allmulticast mode [ 536.759802][T14163] pim6reg: left allmulticast mode [ 537.131959][T14187] kvm_intel: kvm [14179]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 538.005213][T14201] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 539.452529][T14219] lo speed is unknown, defaulting to 1000 [ 539.658056][T14231] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1622'. [ 539.680592][T14231] lo speed is unknown, defaulting to 1000 [ 540.332725][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 540.393941][ T5975] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 540.396965][ T5975] CPU: 1 UID: 0 PID: 5975 Comm: kworker/u33:2 Not tainted syzkaller #0 PREEMPT(full) [ 540.396981][ T5975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 540.396988][ T5975] Workqueue: hci3 hci_rx_work [ 540.397006][ T5975] Call Trace: [ 540.397010][ T5975] [ 540.397014][ T5975] dump_stack_lvl+0x16c/0x1f0 [ 540.397029][ T5975] sysfs_warn_dup+0x7f/0xa0 [ 540.397043][ T5975] sysfs_create_dir_ns+0x24b/0x2b0 [ 540.397056][ T5975] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 540.397069][ T5975] ? kobject_add_internal+0x25b/0x9b0 [ 540.397085][ T5975] ? lock_release+0x201/0x2f0 [ 540.397099][ T5975] ? do_raw_spin_unlock+0x172/0x230 [ 540.397115][ T5975] kobject_add_internal+0x2c4/0x9b0 [ 540.397132][ T5975] kobject_add+0x16e/0x240 [ 540.397146][ T5975] ? __pfx_kobject_add+0x10/0x10 [ 540.397160][ T5975] ? lock_release+0x201/0x2f0 [ 540.397173][ T5975] ? do_raw_spin_unlock+0x172/0x230 [ 540.397188][ T5975] ? kobject_put+0xab/0x5a0 [ 540.397203][ T5975] device_add+0x288/0x1aa0 [ 540.397213][ T5975] ? __pfx_dev_set_name+0x10/0x10 [ 540.397224][ T5975] ? __pfx_device_add+0x10/0x10 [ 540.397232][ T5975] ? mgmt_send_event_skb+0x2fb/0x460 [ 540.397245][ T5975] hci_conn_add_sysfs+0x17e/0x230 [ 540.397258][ T5975] le_conn_complete_evt+0x1075/0x1d70 [ 540.397268][ T5975] ? __pfx___might_resched+0x10/0x10 [ 540.397280][ T5975] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 540.397290][ T5975] ? rcu_is_watching+0x12/0xc0 [ 540.397301][ T5975] ? lock_release+0x201/0x2f0 [ 540.397315][ T5975] hci_le_conn_complete_evt+0x23c/0x370 [ 540.397327][ T5975] hci_le_meta_evt+0x354/0x5e0 [ 540.397338][ T5975] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 540.397350][ T5975] hci_event_packet+0x685/0x11c0 [ 540.397360][ T5975] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 540.397372][ T5975] ? __pfx_hci_event_packet+0x10/0x10 [ 540.397381][ T5975] ? kcov_remote_start+0x36a/0x6d0 [ 540.397395][ T5975] ? rcu_watching_snap_stopped_since+0x100/0x110 [ 540.397407][ T5975] ? rcu_is_watching+0x12/0xc0 [ 540.397419][ T5975] hci_rx_work+0x2c5/0x16b0 [ 540.397431][ T5975] ? rcu_is_watching+0x12/0xc0 [ 540.397442][ T5975] process_one_work+0x9cf/0x1b70 [ 540.397460][ T5975] ? __pfx_rxrpc_service_connection_reaper+0x10/0x10 [ 540.397472][ T5975] ? __pfx_process_one_work+0x10/0x10 [ 540.397490][ T5975] ? assign_work+0x1a0/0x250 [ 540.397505][ T5975] worker_thread+0x6c8/0xf10 [ 540.397516][ T5975] ? __pfx_worker_thread+0x10/0x10 [ 540.397525][ T5975] kthread+0x3c5/0x780 [ 540.397539][ T5975] ? __pfx_kthread+0x10/0x10 [ 540.397553][ T5975] ? ret_from_fork+0x25/0x6f0 [ 540.397568][ T5975] ? rcu_is_watching+0x12/0xc0 [ 540.397579][ T5975] ? rcu_is_watching+0x12/0xc0 [ 540.397588][ T5975] ? __pfx_kthread+0x10/0x10 [ 540.397603][ T5975] ret_from_fork+0x5d4/0x6f0 [ 540.397618][ T5975] ? __pfx_kthread+0x10/0x10 [ 540.397632][ T5975] ret_from_fork_asm+0x1a/0x30 [ 540.397648][ T5975] [ 540.397658][ T5975] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 540.461222][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 540.462848][ T5975] Bluetooth: hci3: failed to register connection device [ 540.501934][ T5975] Bluetooth: hci3: link tx timeout [ 540.503595][ T5975] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa [ 540.506005][ T5975] Bluetooth: hci3: link tx timeout [ 540.507685][ T5975] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 540.560234][T14249] lo speed is unknown, defaulting to 1000 [ 541.636267][ T34] usb 11-1: new high-speed USB device number 9 using dummy_hcd [ 541.899040][ T34] usb 11-1: config 0 has no interfaces? [ 541.957542][ T34] usb 11-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 541.960239][ T34] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 541.962800][ T34] usb 11-1: Product: syz [ 541.964112][ T34] usb 11-1: Manufacturer: syz [ 541.965548][ T34] usb 11-1: SerialNumber: syz [ 541.968328][ T34] usb 11-1: config 0 descriptor?? [ 542.626325][T11668] Bluetooth: hci3: command 0x0405 tx timeout [ 543.303684][T14289] netlink: 72 bytes leftover after parsing attributes in process `syz.7.1637'. [ 543.613194][T14295] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1646'. [ 543.820879][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 543.824076][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 543.852337][ T5975] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 544.306907][ T6039] usb 11-1: USB disconnect, device number 9 [ 544.509205][T14310] kvm_intel: kvm [14307]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 544.706489][T11668] Bluetooth: hci3: command 0x0405 tx timeout [ 545.445547][T14327] netlink: 72 bytes leftover after parsing attributes in process `syz.6.1647'. [ 545.894388][T14334] kvm_intel: kvm [14329]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 546.001370][T14338] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1649'. [ 546.009678][ T40] kauditd_printk_skb: 122 callbacks suppressed [ 546.009690][ T40] audit: type=1326 audit(1755727600.589:1047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.2.1649" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 546.021780][ T40] audit: type=1326 audit(1755727600.589:1048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.2.1649" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 546.036983][ T40] audit: type=1326 audit(1755727600.589:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.2.1649" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 546.054688][ T40] audit: type=1326 audit(1755727600.589:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.2.1649" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 546.066248][ T40] audit: type=1326 audit(1755727600.589:1051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.2.1649" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 546.078253][ T40] audit: type=1326 audit(1755727600.589:1052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.2.1649" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 546.093337][ T40] audit: type=1326 audit(1755727600.589:1053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.2.1649" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 546.100671][ T40] audit: type=1326 audit(1755727600.599:1054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.2.1649" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 546.109735][ T40] audit: type=1326 audit(1755727600.599:1055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.2.1649" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 546.198617][ T40] audit: type=1326 audit(1755727600.599:1056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.2.1649" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 548.100578][T11668] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 548.766175][T14369] netlink: 72 bytes leftover after parsing attributes in process `syz.7.1655'. [ 549.400166][T14379] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1660'. [ 549.961619][T14387] kvm_intel: kvm [14381]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 551.266742][T14409] netlink: 3 bytes leftover after parsing attributes in process `syz.8.1667'. [ 551.274958][T14409] batadv1: entered allmulticast mode [ 551.376243][T14410] input: syz1 as /devices/virtual/input/input13 [ 551.831860][T14416] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1670'. [ 551.840505][T14417] netlink: 72 bytes leftover after parsing attributes in process `syz.6.1669'. [ 552.336232][ T40] kauditd_printk_skb: 37 callbacks suppressed [ 552.336245][ T40] audit: type=1326 audit(1755727606.929:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14422 comm="syz.6.1672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 552.345779][ T40] audit: type=1326 audit(1755727606.929:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14422 comm="syz.6.1672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 552.388719][ T40] audit: type=1326 audit(1755727606.929:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14422 comm="syz.6.1672" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 552.398955][ T40] audit: type=1326 audit(1755727606.929:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14422 comm="syz.6.1672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 552.412700][ T40] audit: type=1326 audit(1755727606.929:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14422 comm="syz.6.1672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 552.419586][ T40] audit: type=1326 audit(1755727606.929:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14422 comm="syz.6.1672" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 552.426480][ T40] audit: type=1326 audit(1755727606.929:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14422 comm="syz.6.1672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 552.436307][ T40] audit: type=1326 audit(1755727606.929:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14422 comm="syz.6.1672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 552.444647][ T40] audit: type=1326 audit(1755727606.929:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14422 comm="syz.6.1672" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 552.463851][T14425] pim6reg: entered allmulticast mode [ 552.466943][ T40] audit: type=1326 audit(1755727606.929:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14422 comm="syz.6.1672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 552.796716][ T61] usb 11-1: new high-speed USB device number 10 using dummy_hcd [ 552.959118][ T61] usb 11-1: config 0 has no interfaces? [ 552.965018][ T61] usb 11-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 552.971211][ T61] usb 11-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 552.974363][ T61] usb 11-1: Product: syz [ 552.975941][ T61] usb 11-1: Manufacturer: syz [ 552.982317][ T61] usb 11-1: config 0 descriptor?? [ 554.251681][T14461] kvm_intel: kvm [14454]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 555.039280][T14472] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1680'. [ 555.256251][ T61] usb 11-1: USB disconnect, device number 10 [ 555.631893][T14495] siw: device registration error -23 [ 555.926285][ T6039] usb 13-1: new high-speed USB device number 8 using dummy_hcd [ 555.988703][T14500] netlink: 'syz.2.1685': attribute type 12 has an invalid length. [ 556.078176][ T6039] usb 13-1: config 0 has no interfaces? [ 556.083216][ T6039] usb 13-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 556.086034][ T6039] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 556.088477][ T6039] usb 13-1: Product: syz [ 556.089804][ T6039] usb 13-1: Manufacturer: syz [ 556.091304][ T6039] usb 13-1: SerialNumber: syz [ 556.093445][ T6039] usb 13-1: config 0 descriptor?? [ 556.800330][T14515] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1688'. [ 558.451931][ T24] usb 13-1: USB disconnect, device number 8 [ 558.617926][ T40] kauditd_printk_skb: 61 callbacks suppressed [ 558.617945][ T40] audit: type=1326 audit(1755727613.189:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.7.1692" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 558.643353][ T40] audit: type=1326 audit(1755727613.189:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.7.1692" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 558.682518][ T40] audit: type=1326 audit(1755727613.189:1167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.7.1692" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 558.713560][ T40] audit: type=1326 audit(1755727613.189:1168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.7.1692" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 558.722533][ T40] audit: type=1326 audit(1755727613.189:1169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.7.1692" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 558.731467][ T40] audit: type=1326 audit(1755727613.189:1170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.7.1692" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 558.739967][ T40] audit: type=1326 audit(1755727613.189:1171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.7.1692" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 558.750258][ T40] audit: type=1326 audit(1755727613.189:1172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.7.1692" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 558.759050][ T40] audit: type=1326 audit(1755727613.189:1173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.7.1692" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 558.762385][T14535] pim6reg: entered allmulticast mode [ 558.767915][ T40] audit: type=1326 audit(1755727613.189:1174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.7.1692" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 558.946265][ T34] usb 11-1: new high-speed USB device number 11 using dummy_hcd [ 559.100098][ T34] usb 11-1: config 0 has no interfaces? [ 559.106526][ T34] usb 11-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 559.111772][ T34] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 559.124961][ T34] usb 11-1: Product: syz [ 559.128774][ T34] usb 11-1: Manufacturer: syz [ 559.132020][ T34] usb 11-1: SerialNumber: syz [ 559.142709][ T34] usb 11-1: config 0 descriptor?? [ 559.276188][ T6131] usb 12-1: new high-speed USB device number 5 using dummy_hcd [ 559.428459][ T6131] usb 12-1: config 0 has no interfaces? [ 559.433178][ T6131] usb 12-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 559.436061][ T6131] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 559.438674][ T6131] usb 12-1: Product: syz [ 559.440135][ T6131] usb 12-1: Manufacturer: syz [ 559.442693][ T6131] usb 12-1: config 0 descriptor?? [ 560.549510][T14567] netlink: 72 bytes leftover after parsing attributes in process `syz.8.1698'. [ 560.912545][T14571] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(5) [ 560.914663][T14571] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 560.917407][T14571] vhci_hcd vhci_hcd.0: Device attached [ 561.084599][T14571] fuse: Unknown parameter 'group_id00000000000000000000' [ 561.206290][ T6131] usb 54-1: SetAddress Request (2) to port 0 [ 561.210783][ T6131] usb 54-1: new SuperSpeed USB device number 2 using vhci_hcd [ 561.510452][ T34] usb 11-1: USB disconnect, device number 11 [ 561.526620][ T9] usb 12-1: USB disconnect, device number 5 [ 561.642411][T14586] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1701'. [ 561.653573][T14572] vhci_hcd: connection reset by peer [ 561.655046][T14586] lo speed is unknown, defaulting to 1000 [ 561.657274][ T5033] vhci_hcd: stop threads [ 561.658738][ T5033] vhci_hcd: release socket [ 561.661118][ T5033] vhci_hcd: disconnect device [ 562.478494][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.486232][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.819954][T14611] 9pnet_virtio: no channels available for device syz [ 563.382525][T14615] 9pnet_virtio: no channels available for device syz [ 563.742968][T14623] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1708'. [ 564.546943][T11674] usb 13-1: new high-speed USB device number 9 using dummy_hcd [ 564.697661][T11674] usb 13-1: config 0 has no interfaces? [ 564.712480][T11674] usb 13-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 564.715379][T11674] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 564.732598][T11674] usb 13-1: Product: syz [ 564.736328][T11674] usb 13-1: Manufacturer: syz [ 564.737872][T11674] usb 13-1: SerialNumber: syz [ 564.745799][T11674] usb 13-1: config 0 descriptor?? [ 564.766283][ T34] usb 12-1: new high-speed USB device number 6 using dummy_hcd [ 564.927807][ T34] usb 12-1: config 0 has no interfaces? [ 564.931999][ T34] usb 12-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 564.935410][ T34] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 564.939118][ T34] usb 12-1: Product: syz [ 564.940975][ T34] usb 12-1: Manufacturer: syz [ 564.943037][ T34] usb 12-1: SerialNumber: syz [ 564.948671][ T34] usb 12-1: config 0 descriptor?? [ 566.306282][ T6131] usb 54-1: device descriptor read/8, error -110 [ 566.696775][ T6131] usb usb54-port1: attempt power cycle [ 566.868464][T14662] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1718'. [ 567.092107][ T6172] usb 13-1: USB disconnect, device number 9 [ 567.256592][ T6131] usb usb54-port1: unable to enumerate USB device [ 567.425079][ T6039] usb 12-1: USB disconnect, device number 6 [ 568.517881][T14694] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1727'. [ 568.711692][T14697] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1728'. [ 569.577923][ T6172] usb 12-1: new high-speed USB device number 7 using dummy_hcd [ 569.730163][T14714] lo speed is unknown, defaulting to 1000 [ 569.737797][ T6172] usb 12-1: config 0 has no interfaces? [ 569.745716][ T6172] usb 12-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 569.748932][ T6172] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 569.792386][ T6172] usb 12-1: Product: syz [ 569.793829][ T6172] usb 12-1: Manufacturer: syz [ 569.795479][ T6172] usb 12-1: SerialNumber: syz [ 569.797548][ T40] kauditd_printk_skb: 61 callbacks suppressed [ 569.797558][ T40] audit: type=1326 audit(1755727624.399:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14712 comm="syz.8.1733" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 569.798401][ T6172] usb 12-1: config 0 descriptor?? [ 569.801202][ T40] audit: type=1326 audit(1755727624.399:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14712 comm="syz.8.1733" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 569.817671][ T40] audit: type=1326 audit(1755727624.409:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14712 comm="syz.8.1733" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 569.824576][ T40] audit: type=1326 audit(1755727624.409:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14712 comm="syz.8.1733" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 569.831489][ T40] audit: type=1326 audit(1755727624.409:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14712 comm="syz.8.1733" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 569.838470][ T40] audit: type=1326 audit(1755727624.409:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14712 comm="syz.8.1733" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 569.845157][ T40] audit: type=1326 audit(1755727624.419:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14712 comm="syz.8.1733" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 569.852046][ T40] audit: type=1326 audit(1755727624.419:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14712 comm="syz.8.1733" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 569.858898][ T40] audit: type=1326 audit(1755727624.419:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14712 comm="syz.8.1733" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 569.865608][ T40] audit: type=1326 audit(1755727624.419:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14712 comm="syz.8.1733" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 570.031436][T14715] pim6reg: entered allmulticast mode [ 570.539714][T14712] pim6reg: left allmulticast mode [ 570.826366][T14733] kvm_intel: kvm [14729]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 571.687668][T14742] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1740'. [ 572.216980][T11674] usb 12-1: USB disconnect, device number 7 [ 572.295263][T14753] netlink: 72 bytes leftover after parsing attributes in process `syz.8.1742'. [ 572.319018][T14752] lo speed is unknown, defaulting to 1000 [ 572.832971][T14767] kvm_intel: kvm [14760]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 573.767574][T14781] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1750'. [ 573.963080][T14786] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1752'. [ 574.083860][T14790] netlink: 72 bytes leftover after parsing attributes in process `syz.8.1753'. [ 574.177822][ T6131] usb 11-1: new high-speed USB device number 12 using dummy_hcd [ 574.346520][ T6131] usb 11-1: config 0 has no interfaces? [ 574.356342][ T6131] usb 11-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 574.359470][ T6131] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 574.362109][ T6131] usb 11-1: Product: syz [ 574.363617][ T6131] usb 11-1: Manufacturer: syz [ 574.365307][ T6131] usb 11-1: SerialNumber: syz [ 574.372086][ T6131] usb 11-1: config 0 descriptor?? [ 574.787562][T14801] netlink: 'syz.7.1756': attribute type 10 has an invalid length. [ 574.790310][T14801] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 574.793460][T14801] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 574.797422][T14801] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 575.558145][T14817] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1761'. [ 575.809214][T14821] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1762'. [ 575.864722][T14823] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1763'. [ 576.646936][T14836] siw: device registration error -23 [ 576.781927][ T6172] usb 11-1: USB disconnect, device number 12 [ 577.212037][T14847] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1769'. [ 577.215881][T14847] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1769'. [ 577.522106][T14850] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1770'. [ 578.474276][T14857] : entered promiscuous mode [ 578.976868][T14873] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5) [ 578.979635][T14873] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 578.984000][T14873] vhci_hcd vhci_hcd.0: Device attached [ 579.224088][T14884] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1776'. [ 579.234489][T14884] netlink: 48 bytes leftover after parsing attributes in process `syz.7.1776'. [ 579.245305][T14884] geneve3: entered promiscuous mode [ 579.248104][T14884] geneve3: entered allmulticast mode [ 579.252724][ T1141] netdevsim netdevsim7 eth0: set [1, 1] type 2 family 0 port 6081 - 0 [ 579.257537][ T1141] netdevsim netdevsim7 eth1: set [1, 1] type 2 family 0 port 6081 - 0 [ 579.261512][ T1141] netdevsim netdevsim7 eth2: set [1, 1] type 2 family 0 port 6081 - 0 [ 579.265252][ T1141] netdevsim netdevsim7 eth3: set [1, 1] type 2 family 0 port 6081 - 0 [ 579.308468][T14873] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1775'. [ 580.176270][ T6131] usb 50-1: SetAddress Request (2) to port 0 [ 580.178226][ T6131] usb 50-1: new SuperSpeed USB device number 2 using vhci_hcd [ 580.211275][T14874] vhci_hcd: connection reset by peer [ 580.213186][ T12] vhci_hcd: stop threads [ 580.214827][ T12] vhci_hcd: release socket [ 580.216765][ T12] vhci_hcd: disconnect device [ 580.310246][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 580.310260][ T40] audit: type=1326 audit(1755727634.909:1260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.7.1780" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 580.319856][ T40] audit: type=1326 audit(1755727634.929:1261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.7.1780" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 580.327626][ T40] audit: type=1326 audit(1755727634.929:1262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.7.1780" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 580.334751][ T40] audit: type=1326 audit(1755727634.929:1263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.7.1780" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 580.341695][ T40] audit: type=1326 audit(1755727634.929:1264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.7.1780" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 580.349663][ T40] audit: type=1326 audit(1755727634.929:1265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.7.1780" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 580.359187][ T40] audit: type=1326 audit(1755727634.929:1266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.7.1780" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 580.368498][ T40] audit: type=1326 audit(1755727634.929:1267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.7.1780" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 580.376474][ T40] audit: type=1326 audit(1755727634.929:1268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.7.1780" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 580.384965][ T40] audit: type=1326 audit(1755727634.929:1269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.7.1780" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 580.968016][T14903] loop6: detected capacity change from 0 to 524287999 [ 580.980644][T14903] netlink: 'syz.6.1782': attribute type 12 has an invalid length. [ 581.205282][T14909] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 581.208425][T14909] netdevsim netdevsim2 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 581.287838][T14909] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 581.291104][T14909] netdevsim netdevsim2 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 581.549153][T14909] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 581.552229][T14909] netdevsim netdevsim2 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 581.695227][T14909] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 581.702408][T14909] netdevsim netdevsim2 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 581.787871][ T1141] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 581.791280][ T1141] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 256 - 0 [ 581.801493][ T1141] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 581.805099][ T1141] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 256 - 0 [ 581.807863][ T1141] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 581.812686][ T1141] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 256 - 0 [ 581.817709][ T1141] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 581.822312][ T1141] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 256 - 0 [ 582.101648][T14922] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1787'. [ 582.820016][T14932] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1797'. [ 582.957763][T14937] siw: device registration error -23 [ 583.108602][T14936] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1791'. [ 583.357706][T14939] binder: BINDER_SET_CONTEXT_MGR already set [ 583.359654][T14939] binder: 14938:14939 ioctl 4018620d 800001c0 returned -16 [ 583.779792][T14951] kvm_intel: kvm [14948]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 584.784850][T14952] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 584.797296][T14967] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1800'. [ 585.276199][ T6131] usb 50-1: device descriptor read/8, error -110 [ 585.372671][T14974] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1803'. [ 585.484470][T14977] binder: BINDER_SET_CONTEXT_MGR already set [ 585.486512][T14977] binder: 14976:14977 ioctl 4018620d 800001c0 returned -16 [ 585.579674][T14981] kvm_intel: kvm [14971]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 585.687726][ T6131] usb usb50-port1: attempt power cycle [ 585.867171][T14988] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1807'. [ 586.289117][ T6131] usb usb50-port1: unable to enumerate USB device [ 586.645324][T15001] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1810'. [ 586.653921][T15001] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1810'. [ 587.503336][T15012] random: crng reseeded on system resumption [ 587.573758][T15015] binder: 15014:15015 ioctl c0306201 0 returned -14 [ 587.653104][T15018] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 587.692493][T15018] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 587.966973][T15026] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1817'. [ 588.036074][T15025] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 588.038349][T15025] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 588.043987][T15028] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 588.049160][T15028] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 588.057559][T15025] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 588.066915][T15025] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 588.072843][T15025] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 588.074961][T15025] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 588.680533][T15035] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1818'. [ 588.716213][ T6039] usb 11-1: new high-speed USB device number 13 using dummy_hcd [ 588.870822][ T6039] usb 11-1: config 0 has no interfaces? [ 588.876536][ T6039] usb 11-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 588.879859][ T6039] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 588.886302][ T6039] usb 11-1: Product: syz [ 588.889854][ T6039] usb 11-1: Manufacturer: syz [ 588.893608][ T6039] usb 11-1: SerialNumber: syz [ 588.899536][ T6039] usb 11-1: config 0 descriptor?? [ 589.489989][T15051] x_tables: ip_tables: HMARK.0 target: invalid size 64 (kernel) != (user) 72 [ 589.836067][T15058] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1824'. [ 590.115737][T15062] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1825'. [ 590.431929][T15068] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1827'. [ 590.503750][T15067] lo speed is unknown, defaulting to 1000 [ 590.856447][ T40] kauditd_printk_skb: 37 callbacks suppressed [ 590.856460][ T40] audit: type=1326 audit(1755727645.459:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15078 comm="syz.7.1831" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x0 [ 590.922265][T15082] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1828'. [ 590.970227][ T40] audit: type=1326 audit(1755727645.569:1308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15078 comm="syz.7.1831" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e598 code=0x7ffc0000 [ 590.980014][ T40] audit: type=1326 audit(1755727645.579:1309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15078 comm="syz.7.1831" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e598 code=0x7ffc0000 [ 590.987370][ T40] audit: type=1326 audit(1755727645.579:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15078 comm="syz.7.1831" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 590.996212][ T40] audit: type=1326 audit(1755727645.579:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15078 comm="syz.7.1831" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 591.004392][ T40] audit: type=1326 audit(1755727645.579:1312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15078 comm="syz.7.1831" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e598 code=0x7ffc0000 [ 591.015170][ T40] audit: type=1326 audit(1755727645.579:1313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15078 comm="syz.7.1831" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e598 code=0x7ffc0000 [ 591.023872][ T40] audit: type=1326 audit(1755727645.579:1314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15078 comm="syz.7.1831" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e598 code=0x7ffc0000 [ 591.032480][ T40] audit: type=1326 audit(1755727645.579:1315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15078 comm="syz.7.1831" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 591.041237][ T40] audit: type=1326 audit(1755727645.579:1316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15078 comm="syz.7.1831" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e598 code=0x7ffc0000 [ 591.450713][T11674] usb 11-1: USB disconnect, device number 13 [ 591.765323][T15092] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1834'. [ 593.093337][ T6172] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 593.127250][T15116] lo speed is unknown, defaulting to 1000 [ 594.830806][T15143] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1843'. [ 596.682616][T15175] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(5) [ 596.685334][T15175] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 596.688848][T15175] vhci_hcd vhci_hcd.0: Device attached [ 596.993066][T15182] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1847'. [ 597.284413][T15176] vhci_hcd: connection closed [ 597.284656][ T60] vhci_hcd: stop threads [ 597.288437][ T60] vhci_hcd: release socket [ 597.290316][ T60] vhci_hcd: disconnect device [ 597.524714][T15168] lo speed is unknown, defaulting to 1000 [ 598.359620][T15197] batadv_slave_1: entered promiscuous mode [ 598.670810][T15210] syz.7.1855: attempt to access beyond end of device [ 598.670810][T15210] nbd7: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 598.680702][T15210] XFS (nbd7): SB validate failed with error -5. [ 599.581780][T15196] batadv_slave_1: left promiscuous mode [ 600.436218][T15242] usb 11-1: new high-speed USB device number 14 using dummy_hcd [ 600.596162][T15242] usb 11-1: Using ep0 maxpacket: 8 [ 600.600282][T15242] usb 11-1: unable to get BOS descriptor or descriptor too short [ 600.603875][T15242] usb 11-1: config 1 has too many interfaces: 234, using maximum allowed: 32 [ 600.607385][T15242] usb 11-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 600.610647][T15242] usb 11-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 600.613997][T15242] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 234 [ 600.618911][T15242] usb 11-1: New USB device found, idVendor=1d6b, idProduct=0118, bcdDevice= 0.40 [ 600.622011][T15242] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 600.624675][T15242] usb 11-1: Product: syz [ 600.626591][T15242] usb 11-1: Manufacturer: syz [ 600.628148][T15242] usb 11-1: SerialNumber: syz [ 600.845615][T15242] usb 11-1: 0:2 : does not exist [ 600.860284][T15242] usb 11-1: USB disconnect, device number 14 [ 600.888849][T14045] udevd[14045]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb11/11-1/11-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 600.908522][T15266] lo speed is unknown, defaulting to 1000 [ 601.613927][T15297] tipc: Started in network mode [ 601.615678][T15297] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 601.618636][T15297] tipc: Enabled bearer , priority 0 [ 601.921835][T15304] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1867'. [ 602.756257][ T5853] tipc: Node number set to 11578026 [ 603.741276][T15334] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(5) [ 603.743945][T15334] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 603.747486][T15334] vhci_hcd vhci_hcd.0: Device attached [ 603.877734][T15339] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1872'. [ 604.056244][ T5853] usb 52-1: SetAddress Request (6) to port 0 [ 604.058343][ T5853] usb 52-1: new SuperSpeed USB device number 6 using vhci_hcd [ 604.406763][T15335] vhci_hcd: connection reset by peer [ 604.408582][ T1141] vhci_hcd: stop threads [ 604.410486][ T1141] vhci_hcd: release socket [ 604.412539][ T1141] vhci_hcd: disconnect device [ 604.815934][T15351] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1876'. [ 605.105092][T15352] lo speed is unknown, defaulting to 1000 [ 605.652503][T15372] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1879'. [ 607.822238][T15404] lo speed is unknown, defaulting to 1000 [ 607.840255][T15419] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1892'. [ 608.146262][ T9031] usb 13-1: new high-speed USB device number 10 using dummy_hcd [ 608.336623][ T9031] usb 13-1: Using ep0 maxpacket: 8 [ 608.349417][ T9031] usb 13-1: unable to get BOS descriptor or descriptor too short [ 608.358011][ T9031] usb 13-1: config 1 has too many interfaces: 234, using maximum allowed: 32 [ 608.360786][ T9031] usb 13-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 608.363435][ T9031] usb 13-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 608.369425][ T9031] usb 13-1: config 1 has 1 interface, different from the descriptor's value: 234 [ 608.374741][ T9031] usb 13-1: New USB device found, idVendor=1d6b, idProduct=0118, bcdDevice= 0.40 [ 608.377804][ T9031] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 608.380959][ T9031] usb 13-1: Product: syz [ 608.382541][ T9031] usb 13-1: Manufacturer: syz [ 608.384237][ T9031] usb 13-1: SerialNumber: syz [ 608.657927][ T9031] usb 13-1: 0:2 : does not exist [ 608.679534][ T9031] usb 13-1: USB disconnect, device number 10 [ 608.724100][T14045] udevd[14045]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb13/13-1/13-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 609.002488][T15434] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1896'. [ 609.111964][ T5853] usb 52-1: device descriptor read/8, error -110 [ 609.775541][ T5853] usb usb52-port1: attempt power cycle [ 609.781641][T15443] kvm_intel: kvm [15441]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 610.336435][ T5853] usb usb52-port1: unable to enumerate USB device [ 610.543351][T15462] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1903'. [ 611.348165][T15473] lo speed is unknown, defaulting to 1000 [ 611.460822][T15485] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1907'. [ 611.691159][T15494] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1909'. [ 612.436254][ T9031] usb 12-1: new high-speed USB device number 8 using dummy_hcd [ 612.588119][ T9031] usb 12-1: config 0 has no interfaces? [ 612.593302][ T9031] usb 12-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 612.597302][ T9031] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 612.600635][ T9031] usb 12-1: Product: syz [ 612.602446][ T9031] usb 12-1: Manufacturer: syz [ 612.604482][ T9031] usb 12-1: SerialNumber: syz [ 612.607894][ T9031] usb 12-1: config 0 descriptor?? [ 613.384053][T15522] lo speed is unknown, defaulting to 1000 [ 613.582023][T15527] netlink: 72 bytes leftover after parsing attributes in process `syz.6.1916'. [ 614.088672][T15530] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1917'. [ 614.119368][T15532] ptrace attach of ""[15533] was attempted by "/syz-executor exec"[15532] [ 614.963525][ T34] usb 12-1: USB disconnect, device number 8 [ 615.054454][T15548] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1922'. [ 615.204455][T15554] kvm_intel: kvm [15549]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 615.949519][T15566] netlink: 72 bytes leftover after parsing attributes in process `syz.8.1926'. [ 615.978097][T15568] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1927'. [ 616.316715][ T9031] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 616.917333][T15597] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1930'. [ 617.327459][T15612] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1934'. [ 617.359987][T15613] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1933'. [ 623.908620][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 623.910792][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 626.887892][T15638] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1938'. [ 627.044295][T15641] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(9) [ 627.046806][T15641] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 627.049322][T15641] vhci_hcd vhci_hcd.0: Device attached [ 627.327318][T13523] usb 53-1: new high-speed USB device number 2 using vhci_hcd [ 627.714920][T15644] vhci_hcd: connection reset by peer [ 627.717402][ T1141] vhci_hcd: stop threads [ 627.719064][ T1141] vhci_hcd: release socket [ 627.721020][ T1141] vhci_hcd: disconnect device [ 627.812437][T15652] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1941'. [ 628.153111][T15663] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1944'. [ 628.899349][T15673] wg2: entered allmulticast mode [ 629.153891][T15683] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1951'. [ 630.161313][T15696] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(9) [ 630.164097][T15696] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 630.168178][T15696] vhci_hcd vhci_hcd.0: Device attached [ 630.576274][ T6057] usb 49-1: new high-speed USB device number 3 using vhci_hcd [ 630.886181][T11674] usb 12-1: new high-speed USB device number 9 using dummy_hcd [ 630.907939][T15697] vhci_hcd: connection reset by peer [ 630.910147][ T5033] vhci_hcd: stop threads [ 630.911945][ T5033] vhci_hcd: release socket [ 630.913882][ T5033] vhci_hcd: disconnect device [ 631.037779][T11674] usb 12-1: config 0 has no interfaces? [ 631.041097][T11674] usb 12-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 631.044085][T11674] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 631.046860][T11674] usb 12-1: Product: syz [ 631.048265][T11674] usb 12-1: Manufacturer: syz [ 631.049997][T11674] usb 12-1: SerialNumber: syz [ 631.052213][T11674] usb 12-1: config 0 descriptor?? [ 631.540105][T15713] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1958'. [ 631.857688][ T6172] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 632.466251][T13523] vhci_hcd: vhci_device speed not set [ 633.672196][T13523] usb 12-1: USB disconnect, device number 9 [ 635.666233][ T6057] vhci_hcd: vhci_device speed not set [ 639.236190][T13523] usb 12-1: new high-speed USB device number 10 using dummy_hcd [ 639.407741][T13523] usb 12-1: config 0 has no interfaces? [ 639.411315][T13523] usb 12-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 639.414228][T13523] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 639.417044][T13523] usb 12-1: Product: syz [ 639.418914][T13523] usb 12-1: Manufacturer: syz [ 639.420711][T13523] usb 12-1: SerialNumber: syz [ 639.423016][T13523] usb 12-1: config 0 descriptor?? [ 642.090148][ T6039] usb 12-1: USB disconnect, device number 10 [ 642.272471][T15854] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1980'. [ 643.386326][T15867] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1985'. [ 643.568803][T15871] kvm_intel: kvm [15864]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 645.268723][T15902] lo speed is unknown, defaulting to 1000 [ 645.966957][T15918] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(7) [ 645.969091][T15918] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 645.974646][T15918] vhci_hcd vhci_hcd.0: Device attached [ 646.236218][ T5334] usb 54-1: SetAddress Request (6) to port 0 [ 646.239907][ T5334] usb 54-1: new SuperSpeed USB device number 6 using vhci_hcd [ 646.613409][T15919] vhci_hcd: connection reset by peer [ 646.616146][ T1142] vhci_hcd: stop threads [ 646.617862][ T1142] vhci_hcd: release socket [ 646.619414][ T1142] vhci_hcd: disconnect device [ 646.850903][T15933] batadv_slave_1: entered promiscuous mode [ 647.175439][T15940] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 647.178731][T15940] netdevsim netdevsim2 eth3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 647.256326][T13523] usb 11-1: new high-speed USB device number 15 using dummy_hcd [ 647.270145][T15940] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 647.273522][T15940] netdevsim netdevsim2 eth2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 647.385572][T15940] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 647.388958][T15940] netdevsim netdevsim2 eth1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 647.407571][T13523] usb 11-1: config 0 has no interfaces? [ 647.414850][T13523] usb 11-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 647.418095][T13523] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 647.421178][T13523] usb 11-1: Product: syz [ 647.422624][T13523] usb 11-1: Manufacturer: syz [ 647.424223][T13523] usb 11-1: SerialNumber: syz [ 647.429474][T13523] usb 11-1: config 0 descriptor?? [ 647.472423][T15940] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 647.475684][T15940] netdevsim netdevsim2 eth0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 647.569359][ T12] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 647.572291][ T12] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 256 - 0 [ 647.583688][ T12] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 647.611587][ T12] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 256 - 0 [ 647.615865][ T1142] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 647.618580][ T1142] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 256 - 0 [ 647.621355][ T1142] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 647.624057][ T1142] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 256 - 0 [ 647.871195][T15932] batadv_slave_1: left promiscuous mode [ 648.958652][T15958] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 649.059576][T15962] binder: 15961:15962 ioctl c0306201 0 returned -14 [ 649.560267][T15972] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2013'. [ 649.563211][T15972] veth0_to_team: left allmulticast mode [ 649.564977][T15972] veth0_to_team: left promiscuous mode [ 649.566955][T15972] bridge0: port 2(veth0_to_team) entered disabled state [ 649.571175][T15972] team0: left allmulticast mode [ 649.572804][T15972] team0: left promiscuous mode [ 649.574431][T15972] bridge0: port 1(team0) entered disabled state [ 649.840214][ T6172] usb 11-1: USB disconnect, device number 15 [ 650.300964][T15985] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 650.304645][T15985] netdevsim netdevsim7 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 650.370163][T15985] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 650.373261][T15985] netdevsim netdevsim7 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 650.420987][T15984] ubi0: attaching mtd0 [ 650.423416][T15984] ubi0: scanning is finished [ 650.425244][T15984] ubi0: empty MTD device detected [ 650.429234][T15985] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 650.432927][T15985] netdevsim netdevsim7 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 650.503308][T15984] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 650.503496][T15985] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 650.505770][T15984] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 650.509726][T15985] netdevsim netdevsim7 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 650.515437][T15984] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 650.518453][T15984] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 650.526693][T15984] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 650.529222][T15984] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 650.531733][T15984] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 446599537 [ 650.534774][T15984] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 650.538329][T15987] ubi0: background thread "ubi_bgt0d" started, PID 15987 [ 650.538350][T15986] ubi0: detaching mtd0 [ 650.542898][T15986] ubi0: mtd0 is detached [ 650.593178][ T87] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 650.596315][ T87] netdevsim netdevsim7 eth0: set [1, 1] type 2 family 0 port 256 - 0 [ 650.608834][ T87] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 650.612115][ T87] netdevsim netdevsim7 eth1: set [1, 1] type 2 family 0 port 256 - 0 [ 650.621052][ T87] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 650.624353][ T87] netdevsim netdevsim7 eth2: set [1, 1] type 2 family 0 port 256 - 0 [ 650.631191][ T87] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 650.634460][ T87] netdevsim netdevsim7 eth3: set [1, 1] type 2 family 0 port 256 - 0 [ 651.175128][T16009] ip6gre1: entered promiscuous mode [ 651.177386][T16009] ip6gre1: entered allmulticast mode [ 651.267815][ T5334] usb 54-1: device descriptor read/8, error -110 [ 651.698205][ T5334] usb usb54-port1: attempt power cycle [ 652.304655][T16034] kvm_intel: kvm [16022]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6 [ 652.367238][ T5334] usb usb54-port1: unable to enumerate USB device [ 653.136187][T15242] usb 11-1: new high-speed USB device number 16 using dummy_hcd [ 653.306924][T15242] usb 11-1: config 0 has no interfaces? [ 653.313663][T15242] usb 11-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 653.316991][T15242] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 653.319678][T15242] usb 11-1: Product: syz [ 653.321158][T15242] usb 11-1: Manufacturer: syz [ 653.322852][T15242] usb 11-1: SerialNumber: syz [ 653.327140][T15242] usb 11-1: config 0 descriptor?? [ 653.985282][T16073] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(7) [ 653.987388][T16073] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 653.990742][T16073] vhci_hcd vhci_hcd.0: Device attached [ 654.286253][ T5853] usb 52-1: SetAddress Request (10) to port 0 [ 654.288322][ T5853] usb 52-1: new SuperSpeed USB device number 10 using vhci_hcd [ 654.656813][T16074] vhci_hcd: connection reset by peer [ 654.659174][ T12] vhci_hcd: stop threads [ 654.660643][ T12] vhci_hcd: release socket [ 654.663114][ T12] vhci_hcd: disconnect device [ 654.834771][T16084] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2037'. [ 655.758162][T16096] tipc: Started in network mode [ 655.764598][ T6172] usb 11-1: USB disconnect, device number 16 [ 655.866488][T16096] tipc: Node identity ac1414aa, cluster identity 4711 [ 655.869184][T16096] tipc: Enabled bearer , priority 10 [ 656.006297][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 656.146278][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 656.286284][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 656.426201][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 656.576242][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 656.716320][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 656.846002][T16110] random: crng reseeded on system resumption [ 656.856247][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 656.996201][ T6172] tipc: Node number set to 2886997162 [ 657.146231][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 657.416229][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 657.852530][ T40] kauditd_printk_skb: 2965 callbacks suppressed [ 657.852546][ T40] audit: type=1326 audit(1755727712.449:4282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16124 comm="syz.8.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 657.864505][ T40] audit: type=1326 audit(1755727712.449:4283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16124 comm="syz.8.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 657.874537][ T40] audit: type=1326 audit(1755727712.449:4284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16124 comm="syz.8.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 657.882619][ T40] audit: type=1326 audit(1755727712.459:4285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16124 comm="syz.8.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 657.893172][ T40] audit: type=1326 audit(1755727712.459:4286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16126 comm="syz.8.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 657.900502][ T40] audit: type=1326 audit(1755727712.459:4287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16124 comm="syz.8.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 658.011407][ T40] audit: type=1326 audit(1755727712.609:4288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16126 comm="syz.8.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=1 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 658.034020][ T40] audit: type=1326 audit(1755727712.629:4289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16124 comm="syz.8.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 658.085884][ T40] audit: type=1326 audit(1755727712.679:4290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16124 comm="syz.8.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702e598 code=0x7ffc0000 [ 658.097946][ T40] audit: type=1326 audit(1755727712.689:4291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16124 comm="syz.8.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 658.240177][T16127] /dev/sr0: Can't open blockdev [ 659.036218][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 659.086261][ T6172] usb 13-1: new high-speed USB device number 11 using dummy_hcd [ 659.237816][ T6172] usb 13-1: config 0 has no interfaces? [ 659.240900][ T6172] usb 13-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 659.243900][ T6172] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 659.246699][ T6172] usb 13-1: Product: syz [ 659.248093][ T6172] usb 13-1: Manufacturer: syz [ 659.249576][ T6172] usb 13-1: SerialNumber: syz [ 659.254288][ T6172] usb 13-1: config 0 descriptor?? [ 659.393315][ T5853] usb 52-1: device descriptor read/8, error -110 [ 659.778685][ T5853] usb usb52-port1: attempt power cycle [ 660.347759][ T5853] usb usb52-port1: unable to enumerate USB device [ 660.817849][ T6172] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 661.106230][ C2] net_ratelimit: 1 callbacks suppressed [ 661.106243][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 661.515053][T16189] sock: sock_set_timeout: `syz.6.2062' (pid 16189) tries to set negative timeout [ 661.603042][ T6172] usb 13-1: USB disconnect, device number 11 [ 662.146218][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 663.186217][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 664.226230][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 665.108615][T16226] BUG: sleeping function called from invalid context at mm/vmalloc.c:3409 [ 665.111306][T16226] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 16226, name: dhcpcd [ 665.115300][T16226] preempt_count: 1, expected: 0 [ 665.117852][T16226] RCU nest depth: 0, expected: 0 [ 665.119419][T16226] INFO: lockdep is turned off. [ 665.121069][T16226] Preemption disabled at: [ 665.121074][T16226] [] schedule+0xe0/0x3a0 [ 665.124562][T16226] CPU: 3 UID: 0 PID: 16226 Comm: dhcpcd Not tainted syzkaller #0 PREEMPT(full) [ 665.124577][T16226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 665.124583][T16226] Call Trace: [ 665.124588][T16226] [ 665.124593][T16226] dump_stack_lvl+0x16c/0x1f0 [ 665.124610][T16226] __might_resched+0x3c0/0x5e0 [ 665.124621][T16226] ? __pfx___might_resched+0x10/0x10 [ 665.124631][T16226] ? pcpu_block_update+0x562/0x660 [ 665.124646][T16226] ? pcpu_chunk_relocate+0x126/0x190 [ 665.124658][T16226] vfree+0x75/0xb50 [ 665.124676][T16226] ? rcu_is_watching+0x12/0xc0 [ 665.124687][T16226] ? kfree+0x24f/0x4d0 [ 665.124696][T16226] ? free_percpu+0x6db/0x13c0 [ 665.124707][T16226] futex_hash_free+0x98/0xc0 [ 665.124721][T16226] __mmdrop+0x33f/0x580 [ 665.124732][T16226] ? rcu_is_watching+0x12/0xc0 [ 665.124742][T16226] finish_task_switch.isra.0+0x7a4/0xc10 [ 665.124752][T16226] ? __switch_to+0x7a5/0x11a0 [ 665.124765][T16226] __schedule+0x1198/0x5de0 [ 665.124777][T16226] ? iocb_bio_iopoll+0x1d1/0x1f0 [ 665.124791][T16226] ? __pfx___schedule+0x10/0x10 [ 665.124803][T16226] ? schedule+0x2d7/0x3a0 [ 665.124813][T16226] ? rcu_is_watching+0x12/0xc0 [ 665.124823][T16226] ? lock_release+0x201/0x2f0 [ 665.124836][T16226] schedule+0xe7/0x3a0 [ 665.124847][T16226] io_schedule+0xbf/0x130 [ 665.124857][T16226] bit_wait_io+0x15/0xe0 [ 665.124868][T16226] __wait_on_bit+0x65/0x180 [ 665.124880][T16226] ? __pfx_bit_wait_io+0x10/0x10 [ 665.124892][T16226] out_of_line_wait_on_bit+0xd9/0x110 [ 665.124904][T16226] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 665.124917][T16226] ? __pfx_wake_bit_function+0x10/0x10 [ 665.124930][T16226] ? __pfx___might_resched+0x10/0x10 [ 665.124940][T16226] ? ext4_bread_batch+0x151/0x510 [ 665.124952][T16226] __wait_on_buffer+0x64/0x70 [ 665.124965][T16226] __ext4_find_entry+0x97b/0x11c0 [ 665.124981][T16226] ? __pfx___ext4_find_entry+0x10/0x10 [ 665.124996][T16226] ? __pfx_ext4_fname_prepare_lookup+0x10/0x10 [ 665.125014][T16226] ? d_alloc_parallel+0x828/0x1480 [ 665.125030][T16226] ext4_lookup+0x53d/0x730 [ 665.125045][T16226] ? __pfx_ext4_lookup+0x10/0x10 [ 665.125059][T16226] ? rcu_is_watching+0x12/0xc0 [ 665.125072][T16226] ? __pfx_ext4_lookup+0x10/0x10 [ 665.125086][T16226] lookup_open.isra.0+0x4d7/0x1580 [ 665.125097][T16226] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 665.125111][T16226] ? lookup_fast+0x156/0x610 [ 665.125122][T16226] path_openat+0x893/0x2cb0 [ 665.125134][T16226] ? stack_trace_save+0x8e/0xc0 [ 665.125146][T16226] ? __pfx_path_openat+0x10/0x10 [ 665.125157][T16226] ? stack_depot_save_flags+0x29/0x9c0 [ 665.125172][T16226] ? lock_release+0x201/0x2f0 [ 665.125185][T16226] do_filp_open+0x20b/0x470 [ 665.125196][T16226] ? kasan_save_track+0x14/0x30 [ 665.125207][T16226] ? __pfx_do_filp_open+0x10/0x10 [ 665.125240][T16226] ? __x64_sys_execve+0x74/0xb0 [ 665.125257][T16226] ? do_syscall_64+0xcd/0x490 [ 665.125269][T16226] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 665.125287][T16226] do_open_execat+0xf9/0x3a0 [ 665.125297][T16226] ? __pfx_do_open_execat+0x10/0x10 [ 665.125307][T16226] ? rcu_is_watching+0x12/0xc0 [ 665.125319][T16226] alloc_bprm+0x2d/0x710 [ 665.125330][T16226] do_execveat_common.isra.0+0x1ce/0x610 [ 665.125342][T16226] __x64_sys_execve+0x8e/0xb0 [ 665.125354][T16226] do_syscall_64+0xcd/0x490 [ 665.125367][T16226] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 665.125377][T16226] RIP: 0033:0x7f47630cd107 [ 665.125386][T16226] Code: 0f 00 64 c7 00 07 00 00 00 b8 ff ff ff ff c9 c3 0f 1f 00 48 8b 05 a9 ee 0f 00 48 8b 10 e9 01 00 00 00 90 b8 3b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d c1 ec 0f 00 f7 d8 64 89 01 48 [ 665.125397][T16226] RSP: 002b:00007f4762f36e68 EFLAGS: 00000202 ORIG_RAX: 000000000000003b [ 665.125407][T16226] RAX: ffffffffffffffda RBX: 00007ffde79b33e0 RCX: 00007f47630cd107 [ 665.125413][T16226] RDX: 00005603c84a6ff0 RSI: 00007ffde79b35d0 RDI: 00005603a71af6bd [ 665.125423][T16226] RBP: 00007f4762f36ff0 R08: 0000000000000000 R09: 0000000000000000 [ 665.125429][T16226] R10: 0000000000000008 R11: 0000000000000202 R12: 0000000000000001 [ 665.125435][T16226] R13: 00007ffde79b30c0 R14: 00007f4762f36f20 R15: 0000000000000040 [ 665.125444][T16226] [ 665.276226][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 666.306387][ C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 667.346291][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 668.619863][ T1141] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 668.623953][ T1141] netdevsim netdevsim7 eth3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 668.729859][ T1141] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 668.733922][ T1141] netdevsim netdevsim7 eth2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 668.799846][ T1141] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 668.803167][ T1141] netdevsim netdevsim7 eth1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 668.878176][ T1141] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 668.881532][ T1141] netdevsim netdevsim7 eth0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 668.976694][ T1141] team0: left allmulticast mode [ 668.978300][ T1141] team_slave_0: left allmulticast mode [ 668.979874][ T1141] team_slave_1: left allmulticast mode [ 668.981394][ T1141] bond0: left allmulticast mode [ 668.982787][ T1141] bond_slave_0: left allmulticast mode [ 668.984366][ T1141] bond_slave_1: left allmulticast mode [ 668.985957][ T1141] team0: left promiscuous mode [ 668.987493][ T1141] team_slave_0: left promiscuous mode [ 668.989126][ T1141] team_slave_1: left promiscuous mode [ 668.990745][ T1141] bond0: left promiscuous mode [ 668.992116][ T1141] bond_slave_0: left promiscuous mode [ 668.993921][ T1141] bond_slave_1: left promiscuous mode [ 668.995703][ T1141] bridge0: port 3(team0) entered disabled state [ 668.998500][ T1141] bridge_slave_1: left allmulticast mode [ 669.000218][ T1141] bridge_slave_1: left promiscuous mode [ 669.001938][ T1141] bridge0: port 2(bridge_slave_1) entered disabled state [ 669.004479][ T1141] bridge_slave_0: left allmulticast mode [ 669.006093][ T1141] bridge_slave_0: left promiscuous mode [ 669.007786][ T1141] bridge0: port 1(bridge_slave_0) entered disabled state [ 669.199241][ T1141] team0: Port device bond0 removed [ 669.201824][ T1141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 669.205001][ T1141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 669.208078][ T1141] bond0 (unregistering): Released all slaves [ 669.212778][ T1141] bond1 (unregistering): Released all slaves [ 669.282838][ T1141] : left promiscuous mode [ 669.426251][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 669.582078][ T1141] hsr_slave_0: left promiscuous mode [ 669.584820][ T1141] hsr_slave_1: left promiscuous mode [ 669.594041][ T1141] pim6reg (unregistering): left allmulticast mode [ 669.641275][ T1141] team0 (unregistering): Port device team_slave_1 removed [ 669.651130][ T1141] team0 (unregistering): Port device team_slave_0 removed [ 670.026599][ T1141] IPVS: stop unused estimator thread 0... [ 670.466312][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 671.506336][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 672.546456][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 673.586335][ C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 674.626272][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available VM DIAGNOSIS: 22:08:39 Registers: info registers vcpu 0 CPU#0 RAX=0000000001725654 RBX=0000000000000000 RCX=ffffffff8b908bf9 RDX=ffffed1005646656 RSI=ffffffff8c162c80 RDI=ffffffff8190cca1 RBP=fffffbfff1c52ef8 RSP=ffffffff8e207e08 R8 =0000000000000000 R9 =ffffed1005646655 R10=ffff88802b2332ab R11=0000000000000001 R12=0000000000000000 R13=ffffffff8e2977c0 R14=ffffffff90ab7690 R15=0000000000000000 RIP=ffffffff8b90775f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880974c4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005603c84a7000 CR3=000000004d66a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=000000000000002b Opmask01=0000000000000001 Opmask02=00000000bfffbfff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffde79b33b0 00007ffde79c3720 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005603c84ac364 00005603c84ac310 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffde79b33c8 00007ffde79c3720 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f476303aef0 0000000000003f61 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000003f61 00007ffde79b33c8 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000003 ffffffffffffff88 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6d6f726620796c64 657463657078656e 7520646574697865 2073257325732500 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 484a5743055c4941 40514640555d404b 50054140514c5d40 0556005600560000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000300030008 0000316d69737665 6474656e0002000f 0000006d69737665 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8041000400000003 000300080000316d 697376656474656e 0002000f0000006d ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 697376656474656e 0001000e803e002c 0000006d69737665 6474656e0039000e ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000316d69737665 6474656e0038000f 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000e002400000000 0008000500000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 35320a2032320a20 32320a343232005f 65665f5f20706520 2069622020323200 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbff52532232d20 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000002112c4c RBX=0000000000000001 RCX=ffffffff8b908bf9 RDX=ffffed1005666656 RSI=ffffffff8c162c80 RDI=ffffffff8190cca1 RBP=ffffed1003bdf488 RSP=ffffc9000046fdf8 R8 =0000000000000000 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000001 R12=0000000000000001 R13=ffff88801defa440 R14=ffffffff90ab7690 R15=0000000000000000 RIP=ffffffff8b90775f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880975c4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005603c84f113c CR3=000000000e380000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1fa88c5080b08010 4dbd9cb1c0b9cf7d ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 647d399c75d1b0c5 982b3312d138d258 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d39886fb0b367361 3be4bf1e7209d1dc ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2ee74a4ee84b7906 6900af66f89fa9d9 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001640 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 043e6300eede0e00 0001926b00000007 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e5ed9200d8bc6c00 67271700c4144c00 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f8ba740000000014 0001926b00000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000192b7000192c0 0aac2e0000019258 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c4ade244936a74a1 938176395bd1ccda ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7206461b158b2e3d 751b1336ad0f8a33 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000000083b8d4 RBX=0000000000000002 RCX=ffffffff8b908bf9 RDX=ffffed1005686656 RSI=ffffffff8c162c80 RDI=ffffffff8190cca1 RBP=ffffed1003bdf910 RSP=ffffc9000047fdf8 R8 =0000000000000000 R9 =ffffed1005686655 R10=ffff88802b4332ab R11=0000000000000001 R12=0000000000000002 R13=ffff88801defc880 R14=ffffffff90ab7690 R15=0000000000000000 RIP=ffffffff8b90775f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880976c4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f4762f36ff8 CR3=000000004d66a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=000000000000002b Opmask01=0000000000000001 Opmask02=00000000bfffbfff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6d6f726620796c64 657463657078656e 7520646574697865 2073257325732500 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 484a5743055c4941 40514640555d404b 50054140514c5d40 0556005600560000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000300030008 0000316d69737665 6474656e0002000f 0000006d69737665 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8041000400000003 000300080000316d 697376656474656e 0002000f0000006d ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 697376656474656e 0001000e803e002c 0000006d69737665 6474656e0039000e ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000316d69737665 6474656e0038000f 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000e002400000000 0008000500000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 35320a2032320a20 32320a343232005f 65665f5f20706520 2069622020323200 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbff52532232d20 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000054 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85616b45 RDI=ffffffff9b0f8680 RBP=ffffffff9b0f8640 RSP=ffffc90002dc6ce8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=5f74706d65657270 R12=0000000000000000 R13=0000000000000054 R14=ffffffff9b0f8640 R15=ffffffff85616ae0 RIP=ffffffff85616b6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f4762ff8740 ffffffff 00c00000 GS =0000 ffff8880977c4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ffde79d3810 CR3=000000004d66a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7c259b853b76d7f2 8413547a97801c2f ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f3b44abd3c9b266 52d6d97e554a4ec3 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d790bfb20302feb3 f2bf9adb80c35981 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b0d9ebf50dadd8c2 d8978e6b4a063fcc ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001740 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 72492b00fde29c00 000193d810bbb000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ad8c060080010000 800100001ba9da00 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7b27bd0000000004 000193d800000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 80010000000193d9 000193d9000193d8 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 52786da298c04309 b57afc9801f16421 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 dfb9a7e32d550671 9446b1c584994864 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000