Warning: Permanently added '[localhost]:61235' (ECDSA) to the list of known hosts. 2022/10/06 10:58:30 fuzzer started 2022/10/06 10:58:30 dialing manager at localhost:46199 [ 59.594746][ T3679] cgroup: Unknown subsys name 'net' [ 59.774456][ T3679] cgroup: Unknown subsys name 'rlimit' 2022/10/06 10:58:35 syscalls: 3774 2022/10/06 10:58:35 code coverage: enabled 2022/10/06 10:58:35 comparison tracing: enabled 2022/10/06 10:58:35 extra coverage: enabled 2022/10/06 10:58:35 delay kcov mmap: enabled 2022/10/06 10:58:35 setuid sandbox: enabled 2022/10/06 10:58:35 namespace sandbox: enabled 2022/10/06 10:58:35 Android sandbox: /sys/fs/selinux/policy does not exist 2022/10/06 10:58:35 fault injection: enabled 2022/10/06 10:58:35 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2022/10/06 10:58:35 net packet injection: enabled 2022/10/06 10:58:35 net device setup: enabled 2022/10/06 10:58:35 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/06 10:58:35 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/06 10:58:35 NIC VF setup: PCI device 0000:00:11.0 is not available 2022/10/06 10:58:35 USB emulation: enabled 2022/10/06 10:58:35 hci packet injection: enabled 2022/10/06 10:58:35 wifi device emulation: failed to parse kernel version (6.0.0-syzkaller-05118-g833477fce7a1) 2022/10/06 10:58:35 802.15.4 emulation: enabled 2022/10/06 10:58:35 fetching corpus: 0, signal 0/2000 (executing program) 2022/10/06 10:58:35 fetching corpus: 50, signal 36688/40305 (executing program) 2022/10/06 10:58:35 fetching corpus: 100, signal 62114/67162 (executing program) 2022/10/06 10:58:36 fetching corpus: 150, signal 71892/78428 (executing program) 2022/10/06 10:58:36 fetching corpus: 200, signal 82020/89970 (executing program) 2022/10/06 10:58:36 fetching corpus: 250, signal 88394/97752 (executing program) 2022/10/06 10:58:37 fetching corpus: 300, signal 100045/110566 (executing program) 2022/10/06 10:58:37 fetching corpus: 350, signal 108144/119825 (executing program) 2022/10/06 10:58:37 fetching corpus: 400, signal 119260/131888 (executing program) 2022/10/06 10:58:37 fetching corpus: 449, signal 125257/139024 (executing program) 2022/10/06 10:58:37 fetching corpus: 498, signal 128904/143876 (executing program) 2022/10/06 10:58:38 fetching corpus: 547, signal 135606/151567 (executing program) 2022/10/06 10:58:38 fetching corpus: 596, signal 140551/157507 (executing program) 2022/10/06 10:58:38 fetching corpus: 646, signal 145579/163495 (executing program) 2022/10/06 10:58:38 fetching corpus: 696, signal 149144/168074 (executing program) 2022/10/06 10:58:39 fetching corpus: 746, signal 155073/174747 (executing program) 2022/10/06 10:58:39 fetching corpus: 796, signal 158418/179060 (executing program) 2022/10/06 10:58:39 fetching corpus: 843, signal 162088/183670 (executing program) 2022/10/06 10:58:39 fetching corpus: 891, signal 166175/188515 (executing program) 2022/10/06 10:58:40 fetching corpus: 940, signal 170589/193602 (executing program) 2022/10/06 10:58:40 fetching corpus: 990, signal 173693/197519 (executing program) 2022/10/06 10:58:40 fetching corpus: 1040, signal 179049/203433 (executing program) 2022/10/06 10:58:40 fetching corpus: 1089, signal 181920/207076 (executing program) 2022/10/06 10:58:41 fetching corpus: 1139, signal 185261/211140 (executing program) 2022/10/06 10:58:41 fetching corpus: 1189, signal 188092/214721 (executing program) 2022/10/06 10:58:41 fetching corpus: 1239, signal 190566/217932 (executing program) 2022/10/06 10:58:42 fetching corpus: 1289, signal 193406/221476 (executing program) 2022/10/06 10:58:42 fetching corpus: 1339, signal 195055/223882 (executing program) 2022/10/06 10:58:42 fetching corpus: 1389, signal 197217/226745 (executing program) 2022/10/06 10:58:42 fetching corpus: 1439, signal 199595/229779 (executing program) 2022/10/06 10:58:43 fetching corpus: 1489, signal 200899/231869 (executing program) 2022/10/06 10:58:43 fetching corpus: 1539, signal 203461/234994 (executing program) 2022/10/06 10:58:43 fetching corpus: 1589, signal 205396/237535 (executing program) 2022/10/06 10:58:43 fetching corpus: 1639, signal 207816/240572 (executing program) 2022/10/06 10:58:44 fetching corpus: 1688, signal 210318/243634 (executing program) 2022/10/06 10:58:44 fetching corpus: 1738, signal 213826/247490 (executing program) 2022/10/06 10:58:44 fetching corpus: 1787, signal 216238/250337 (executing program) 2022/10/06 10:58:44 fetching corpus: 1837, signal 218588/253156 (executing program) 2022/10/06 10:58:45 fetching corpus: 1887, signal 220458/255543 (executing program) 2022/10/06 10:58:45 fetching corpus: 1937, signal 222713/258206 (executing program) 2022/10/06 10:58:45 fetching corpus: 1986, signal 224865/260786 (executing program) 2022/10/06 10:58:46 fetching corpus: 2036, signal 226922/263270 (executing program) 2022/10/06 10:58:46 fetching corpus: 2086, signal 228493/265303 (executing program) 2022/10/06 10:58:46 fetching corpus: 2134, signal 230094/267433 (executing program) 2022/10/06 10:58:47 fetching corpus: 2184, signal 232477/270122 (executing program) 2022/10/06 10:58:47 fetching corpus: 2230, signal 234074/272224 (executing program) 2022/10/06 10:58:47 fetching corpus: 2280, signal 235812/274379 (executing program) 2022/10/06 10:58:47 fetching corpus: 2330, signal 237467/276476 (executing program) 2022/10/06 10:58:48 fetching corpus: 2376, signal 238811/278286 (executing program) 2022/10/06 10:58:48 fetching corpus: 2423, signal 240398/280256 (executing program) 2022/10/06 10:58:48 fetching corpus: 2471, signal 242714/282817 (executing program) 2022/10/06 10:58:48 fetching corpus: 2521, signal 243987/284535 (executing program) 2022/10/06 10:58:49 fetching corpus: 2569, signal 246215/286954 (executing program) 2022/10/06 10:58:49 fetching corpus: 2617, signal 247491/288645 (executing program) 2022/10/06 10:58:49 fetching corpus: 2667, signal 249541/290910 (executing program) 2022/10/06 10:58:49 fetching corpus: 2717, signal 250908/292646 (executing program) 2022/10/06 10:58:49 fetching corpus: 2764, signal 252375/294429 (executing program) 2022/10/06 10:58:49 fetching corpus: 2811, signal 254254/296528 (executing program) 2022/10/06 10:58:50 fetching corpus: 2861, signal 255756/298324 (executing program) 2022/10/06 10:58:50 fetching corpus: 2911, signal 256681/299672 (executing program) 2022/10/06 10:58:50 fetching corpus: 2960, signal 258259/301489 (executing program) 2022/10/06 10:58:51 fetching corpus: 3009, signal 260346/303607 (executing program) 2022/10/06 10:58:51 fetching corpus: 3058, signal 261453/305111 (executing program) 2022/10/06 10:58:51 fetching corpus: 3107, signal 262800/306695 (executing program) 2022/10/06 10:58:52 fetching corpus: 3157, signal 264614/308586 (executing program) 2022/10/06 10:58:52 fetching corpus: 3206, signal 265834/310094 (executing program) 2022/10/06 10:58:52 fetching corpus: 3255, signal 267115/311574 (executing program) 2022/10/06 10:58:52 fetching corpus: 3305, signal 268041/312864 (executing program) [ 77.676656][ T1351] ieee802154 phy0 wpan0: encryption failed: -22 [ 77.683653][ T1351] ieee802154 phy1 wpan1: encryption failed: -22 2022/10/06 10:58:53 fetching corpus: 3355, signal 269062/314196 (executing program) 2022/10/06 10:58:53 fetching corpus: 3403, signal 271220/316272 (executing program) 2022/10/06 10:58:53 fetching corpus: 3453, signal 272941/318033 (executing program) 2022/10/06 10:58:54 fetching corpus: 3503, signal 274268/319486 (executing program) 2022/10/06 10:58:54 fetching corpus: 3553, signal 276014/321236 (executing program) 2022/10/06 10:58:54 fetching corpus: 3600, signal 276862/322440 (executing program) 2022/10/06 10:58:54 fetching corpus: 3650, signal 278250/323930 (executing program) 2022/10/06 10:58:55 fetching corpus: 3699, signal 279287/325122 (executing program) 2022/10/06 10:58:55 fetching corpus: 3746, signal 280404/326443 (executing program) 2022/10/06 10:58:56 fetching corpus: 3796, signal 281327/327596 (executing program) 2022/10/06 10:58:56 fetching corpus: 3846, signal 282470/328947 (executing program) 2022/10/06 10:58:56 fetching corpus: 3893, signal 283533/330188 (executing program) 2022/10/06 10:58:56 fetching corpus: 3941, signal 284767/331519 (executing program) 2022/10/06 10:58:57 fetching corpus: 3990, signal 285855/332703 (executing program) 2022/10/06 10:58:57 fetching corpus: 4038, signal 286870/333881 (executing program) 2022/10/06 10:58:57 fetching corpus: 4086, signal 287994/335089 (executing program) 2022/10/06 10:58:57 fetching corpus: 4135, signal 288995/336205 (executing program) 2022/10/06 10:58:57 fetching corpus: 4184, signal 289878/337230 (executing program) 2022/10/06 10:58:58 fetching corpus: 4233, signal 291043/338464 (executing program) 2022/10/06 10:58:58 fetching corpus: 4283, signal 291969/339546 (executing program) 2022/10/06 10:58:58 fetching corpus: 4333, signal 293018/340625 (executing program) 2022/10/06 10:58:58 fetching corpus: 4381, signal 293768/341573 (executing program) 2022/10/06 10:58:58 fetching corpus: 4431, signal 294720/342619 (executing program) 2022/10/06 10:58:59 fetching corpus: 4481, signal 295946/343863 (executing program) 2022/10/06 10:58:59 fetching corpus: 4530, signal 296680/344747 (executing program) 2022/10/06 10:58:59 fetching corpus: 4579, signal 297868/345901 (executing program) 2022/10/06 10:58:59 fetching corpus: 4629, signal 298736/346857 (executing program) 2022/10/06 10:59:00 fetching corpus: 4679, signal 299622/347856 (executing program) 2022/10/06 10:59:00 fetching corpus: 4729, signal 300894/349053 (executing program) 2022/10/06 10:59:00 fetching corpus: 4779, signal 301876/350094 (executing program) 2022/10/06 10:59:00 fetching corpus: 4829, signal 303054/351129 (executing program) 2022/10/06 10:59:01 fetching corpus: 4879, signal 303923/352046 (executing program) 2022/10/06 10:59:01 fetching corpus: 4927, signal 305077/353113 (executing program) 2022/10/06 10:59:01 fetching corpus: 4977, signal 306070/354077 (executing program) 2022/10/06 10:59:02 fetching corpus: 5025, signal 307937/355467 (executing program) 2022/10/06 10:59:02 fetching corpus: 5074, signal 309204/356530 (executing program) 2022/10/06 10:59:02 fetching corpus: 5123, signal 310053/357448 (executing program) 2022/10/06 10:59:02 fetching corpus: 5173, signal 311143/358411 (executing program) 2022/10/06 10:59:03 fetching corpus: 5223, signal 312106/359301 (executing program) 2022/10/06 10:59:03 fetching corpus: 5273, signal 313127/360186 (executing program) 2022/10/06 10:59:03 fetching corpus: 5323, signal 313979/361019 (executing program) 2022/10/06 10:59:03 fetching corpus: 5371, signal 314834/361799 (executing program) 2022/10/06 10:59:04 fetching corpus: 5420, signal 315970/362741 (executing program) 2022/10/06 10:59:04 fetching corpus: 5470, signal 316895/363547 (executing program) 2022/10/06 10:59:04 fetching corpus: 5520, signal 318122/364492 (executing program) 2022/10/06 10:59:05 fetching corpus: 5570, signal 319066/365317 (executing program) 2022/10/06 10:59:05 fetching corpus: 5620, signal 321375/366704 (executing program) 2022/10/06 10:59:05 fetching corpus: 5669, signal 322099/367423 (executing program) 2022/10/06 10:59:05 fetching corpus: 5719, signal 323096/368236 (executing program) 2022/10/06 10:59:06 fetching corpus: 5768, signal 324248/369087 (executing program) 2022/10/06 10:59:06 fetching corpus: 5818, signal 325118/369788 (executing program) 2022/10/06 10:59:06 fetching corpus: 5868, signal 326031/370471 (executing program) 2022/10/06 10:59:06 fetching corpus: 5918, signal 326716/371111 (executing program) 2022/10/06 10:59:07 fetching corpus: 5968, signal 327671/371834 (executing program) 2022/10/06 10:59:07 fetching corpus: 6018, signal 328607/372556 (executing program) 2022/10/06 10:59:07 fetching corpus: 6067, signal 329907/373380 (executing program) 2022/10/06 10:59:07 fetching corpus: 6115, signal 331088/374199 (executing program) 2022/10/06 10:59:07 fetching corpus: 6164, signal 332027/374897 (executing program) 2022/10/06 10:59:08 fetching corpus: 6214, signal 332909/375557 (executing program) 2022/10/06 10:59:08 fetching corpus: 6264, signal 333758/376194 (executing program) [ 93.038100][ T16] cfg80211: failed to load regulatory.db 2022/10/06 10:59:08 fetching corpus: 6313, signal 335466/377151 (executing program) 2022/10/06 10:59:09 fetching corpus: 6363, signal 336542/377869 (executing program) 2022/10/06 10:59:09 fetching corpus: 6413, signal 337181/378408 (executing program) 2022/10/06 10:59:09 fetching corpus: 6461, signal 337809/378910 (executing program) 2022/10/06 10:59:09 fetching corpus: 6511, signal 338462/379425 (executing program) 2022/10/06 10:59:09 fetching corpus: 6561, signal 339345/380009 (executing program) 2022/10/06 10:59:10 fetching corpus: 6611, signal 340134/380561 (executing program) 2022/10/06 10:59:10 fetching corpus: 6661, signal 340643/381000 (executing program) 2022/10/06 10:59:10 fetching corpus: 6710, signal 341568/381601 (executing program) 2022/10/06 10:59:10 fetching corpus: 6760, signal 342312/382078 (executing program) 2022/10/06 10:59:11 fetching corpus: 6810, signal 342966/382597 (executing program) 2022/10/06 10:59:11 fetching corpus: 6858, signal 343738/383153 (executing program) 2022/10/06 10:59:11 fetching corpus: 6907, signal 344617/383717 (executing program) 2022/10/06 10:59:12 fetching corpus: 6957, signal 345346/384169 (executing program) 2022/10/06 10:59:12 fetching corpus: 7005, signal 346080/384669 (executing program) 2022/10/06 10:59:12 fetching corpus: 7054, signal 346916/385156 (executing program) 2022/10/06 10:59:12 fetching corpus: 7104, signal 347799/385642 (executing program) 2022/10/06 10:59:13 fetching corpus: 7152, signal 348540/386124 (executing program) 2022/10/06 10:59:13 fetching corpus: 7199, signal 349385/386597 (executing program) 2022/10/06 10:59:13 fetching corpus: 7248, signal 350178/387046 (executing program) 2022/10/06 10:59:13 fetching corpus: 7297, signal 350718/387439 (executing program) 2022/10/06 10:59:14 fetching corpus: 7346, signal 351480/387884 (executing program) 2022/10/06 10:59:14 fetching corpus: 7395, signal 352338/388354 (executing program) 2022/10/06 10:59:14 fetching corpus: 7445, signal 353114/388780 (executing program) 2022/10/06 10:59:15 fetching corpus: 7494, signal 353752/389155 (executing program) 2022/10/06 10:59:15 fetching corpus: 7544, signal 354517/389602 (executing program) 2022/10/06 10:59:15 fetching corpus: 7594, signal 355047/389942 (executing program) 2022/10/06 10:59:15 fetching corpus: 7644, signal 355517/390250 (executing program) 2022/10/06 10:59:15 fetching corpus: 7693, signal 356157/390633 (executing program) 2022/10/06 10:59:16 fetching corpus: 7743, signal 356909/390986 (executing program) 2022/10/06 10:59:16 fetching corpus: 7793, signal 357716/391396 (executing program) 2022/10/06 10:59:16 fetching corpus: 7843, signal 358392/391728 (executing program) 2022/10/06 10:59:16 fetching corpus: 7891, signal 359018/392043 (executing program) 2022/10/06 10:59:17 fetching corpus: 7941, signal 359686/392368 (executing program) 2022/10/06 10:59:17 fetching corpus: 7991, signal 360579/392746 (executing program) 2022/10/06 10:59:17 fetching corpus: 8039, signal 361051/393015 (executing program) 2022/10/06 10:59:17 fetching corpus: 8089, signal 361767/393344 (executing program) 2022/10/06 10:59:18 fetching corpus: 8137, signal 362592/393680 (executing program) 2022/10/06 10:59:18 fetching corpus: 8185, signal 363186/393971 (executing program) 2022/10/06 10:59:18 fetching corpus: 8234, signal 363774/394285 (executing program) 2022/10/06 10:59:18 fetching corpus: 8284, signal 364840/394640 (executing program) 2022/10/06 10:59:18 fetching corpus: 8334, signal 365578/394937 (executing program) 2022/10/06 10:59:18 fetching corpus: 8382, signal 366331/395328 (executing program) 2022/10/06 10:59:19 fetching corpus: 8432, signal 367300/395633 (executing program) 2022/10/06 10:59:19 fetching corpus: 8482, signal 367874/395885 (executing program) 2022/10/06 10:59:19 fetching corpus: 8532, signal 368294/396107 (executing program) 2022/10/06 10:59:19 fetching corpus: 8582, signal 368873/396351 (executing program) 2022/10/06 10:59:20 fetching corpus: 8632, signal 369619/396613 (executing program) 2022/10/06 10:59:20 fetching corpus: 8682, signal 370101/396806 (executing program) 2022/10/06 10:59:20 fetching corpus: 8732, signal 370569/397025 (executing program) 2022/10/06 10:59:21 fetching corpus: 8782, signal 371156/397260 (executing program) 2022/10/06 10:59:21 fetching corpus: 8831, signal 372091/397526 (executing program) 2022/10/06 10:59:21 fetching corpus: 8879, signal 372753/397730 (executing program) 2022/10/06 10:59:22 fetching corpus: 8929, signal 374035/398005 (executing program) 2022/10/06 10:59:22 fetching corpus: 8979, signal 374671/398190 (executing program) 2022/10/06 10:59:22 fetching corpus: 9026, signal 375128/398349 (executing program) 2022/10/06 10:59:23 fetching corpus: 9072, signal 375733/398529 (executing program) 2022/10/06 10:59:23 fetching corpus: 9122, signal 376261/398709 (executing program) 2022/10/06 10:59:23 fetching corpus: 9172, signal 376792/398888 (executing program) 2022/10/06 10:59:24 fetching corpus: 9222, signal 377292/399032 (executing program) 2022/10/06 10:59:24 fetching corpus: 9272, signal 377772/399174 (executing program) 2022/10/06 10:59:24 fetching corpus: 9320, signal 378676/399399 (executing program) 2022/10/06 10:59:24 fetching corpus: 9370, signal 379572/399557 (executing program) 2022/10/06 10:59:25 fetching corpus: 9420, signal 380251/399688 (executing program) 2022/10/06 10:59:25 fetching corpus: 9470, signal 380738/399812 (executing program) 2022/10/06 10:59:25 fetching corpus: 9520, signal 381250/399927 (executing program) 2022/10/06 10:59:25 fetching corpus: 9570, signal 381842/400068 (executing program) 2022/10/06 10:59:26 fetching corpus: 9620, signal 382809/400186 (executing program) 2022/10/06 10:59:26 fetching corpus: 9670, signal 383295/400273 (executing program) 2022/10/06 10:59:26 fetching corpus: 9718, signal 383863/400425 (executing program) 2022/10/06 10:59:26 fetching corpus: 9767, signal 384522/400514 (executing program) 2022/10/06 10:59:27 fetching corpus: 9816, signal 384997/400606 (executing program) 2022/10/06 10:59:27 fetching corpus: 9865, signal 385651/400641 (executing program) 2022/10/06 10:59:27 fetching corpus: 9911, signal 386282/400691 (executing program) 2022/10/06 10:59:27 fetching corpus: 9959, signal 386717/400711 (executing program) 2022/10/06 10:59:28 fetching corpus: 10008, signal 387296/400725 (executing program) 2022/10/06 10:59:28 fetching corpus: 10058, signal 388026/400725 (executing program) 2022/10/06 10:59:28 fetching corpus: 10108, signal 388568/400770 (executing program) 2022/10/06 10:59:28 fetching corpus: 10158, signal 388974/400796 (executing program) 2022/10/06 10:59:29 fetching corpus: 10208, signal 389430/400799 (executing program) 2022/10/06 10:59:29 fetching corpus: 10258, signal 389943/400817 (executing program) 2022/10/06 10:59:29 fetching corpus: 10307, signal 390379/400840 (executing program) 2022/10/06 10:59:29 fetching corpus: 10357, signal 391166/400840 (executing program) 2022/10/06 10:59:30 fetching corpus: 10406, signal 391573/400840 (executing program) 2022/10/06 10:59:30 fetching corpus: 10456, signal 392108/400843 (executing program) 2022/10/06 10:59:30 fetching corpus: 10506, signal 392769/400843 (executing program) 2022/10/06 10:59:30 fetching corpus: 10556, signal 393325/400846 (executing program) 2022/10/06 10:59:30 fetching corpus: 10606, signal 393948/400846 (executing program) 2022/10/06 10:59:31 fetching corpus: 10656, signal 394658/400846 (executing program) 2022/10/06 10:59:31 fetching corpus: 10704, signal 395034/400855 (executing program) 2022/10/06 10:59:31 fetching corpus: 10754, signal 395561/400878 (executing program) 2022/10/06 10:59:31 fetching corpus: 10803, signal 396114/400885 (executing program) 2022/10/06 10:59:31 fetching corpus: 10834, signal 396377/400924 (executing program) 2022/10/06 10:59:31 fetching corpus: 10835, signal 396387/400934 (executing program) 2022/10/06 10:59:31 fetching corpus: 10835, signal 396387/400934 (executing program) 2022/10/06 10:59:35 starting 4 fuzzer processes 10:59:35 executing program 0: unshare(0x6c060000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c00000024000bc6ccba90000000000000000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffff0000000008000100647272"], 0x2c}}, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x10}}, [@filter_kind_options=@f_bpf={{0x8}, {0xfffffffffffffede, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4, 0x5, [{}, {}, {}]}}, @TCA_BPF_FD={0x8}]}}]}, 0x44}, 0x1, 0x100000000000000}, 0x0) 10:59:35 executing program 1: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f00000000c0)="6736360f23ef640fc76ea4660f7fab0c00b807018ec0660f21de0f01c50f01c8640f009901000f01c5baa000b82471ef", 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:59:35 executing program 3: r0 = getpid() pidfd_open(r0, 0x0) r1 = syz_io_uring_setup(0x254, &(0x7f0000000340), &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0) openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) io_uring_enter(r1, 0x4bac, 0x0, 0x0, 0x0, 0x0) 10:59:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0xc0000102}]}) [ 121.665517][ T3710] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 121.666098][ T3711] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 121.684983][ T3713] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 121.685249][ T3711] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 121.695137][ T3715] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 121.696553][ T3713] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 121.697480][ T3713] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 121.698037][ T3713] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 121.698480][ T3713] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 121.701445][ T3711] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 121.701710][ T3704] Bluetooth: hci0: HCI_REQ-0x0c1a [ 121.701934][ T3716] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 121.704861][ T3716] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 121.705814][ T3716] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 121.706809][ T3716] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 121.714500][ T3711] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 121.718257][ T3713] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 121.718813][ T3716] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 121.718999][ T3716] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 121.720523][ T3706] Bluetooth: hci3: HCI_REQ-0x0c1a [ 121.726653][ T3711] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 121.734795][ T3713] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 121.739219][ T3711] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 121.745783][ T3713] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 121.751291][ T3703] Bluetooth: hci1: HCI_REQ-0x0c1a [ 121.775003][ T3718] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 121.834482][ T3718] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 121.842285][ T3705] Bluetooth: hci2: HCI_REQ-0x0c1a [ 122.106055][ T3704] chnl_net:caif_netlink_parms(): no params data found [ 122.179380][ T3706] chnl_net:caif_netlink_parms(): no params data found [ 122.391147][ T3704] bridge0: port 1(bridge_slave_0) entered blocking state [ 122.396919][ T3704] bridge0: port 1(bridge_slave_0) entered disabled state [ 122.406948][ T3704] device bridge_slave_0 entered promiscuous mode [ 122.417517][ T3704] bridge0: port 2(bridge_slave_1) entered blocking state [ 122.424290][ T3704] bridge0: port 2(bridge_slave_1) entered disabled state [ 122.432410][ T3704] device bridge_slave_1 entered promiscuous mode [ 122.547913][ T3706] bridge0: port 1(bridge_slave_0) entered blocking state [ 122.555021][ T3706] bridge0: port 1(bridge_slave_0) entered disabled state [ 122.561396][ T3706] device bridge_slave_0 entered promiscuous mode [ 122.585397][ T3703] chnl_net:caif_netlink_parms(): no params data found [ 122.600982][ T3705] chnl_net:caif_netlink_parms(): no params data found [ 122.613312][ T3706] bridge0: port 2(bridge_slave_1) entered blocking state [ 122.619692][ T3706] bridge0: port 2(bridge_slave_1) entered disabled state [ 122.626446][ T3706] device bridge_slave_1 entered promiscuous mode [ 122.635644][ T3704] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 122.736523][ T3704] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 122.889514][ T3706] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 122.907421][ T3704] team0: Port device team_slave_0 added [ 122.912271][ T3703] bridge0: port 1(bridge_slave_0) entered blocking state [ 122.917088][ T3703] bridge0: port 1(bridge_slave_0) entered disabled state [ 122.925055][ T3703] device bridge_slave_0 entered promiscuous mode [ 122.934201][ T3706] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 122.975871][ T3704] team0: Port device team_slave_1 added [ 122.982807][ T3703] bridge0: port 2(bridge_slave_1) entered blocking state [ 122.988703][ T3703] bridge0: port 2(bridge_slave_1) entered disabled state [ 122.996770][ T3703] device bridge_slave_1 entered promiscuous mode [ 123.192702][ T3706] team0: Port device team_slave_0 added [ 123.199193][ T3705] bridge0: port 1(bridge_slave_0) entered blocking state [ 123.208189][ T3705] bridge0: port 1(bridge_slave_0) entered disabled state [ 123.214917][ T3705] device bridge_slave_0 entered promiscuous mode [ 123.228523][ T3704] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 123.234975][ T3704] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 123.258486][ T3704] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 123.294558][ T3706] team0: Port device team_slave_1 added [ 123.320935][ T3705] bridge0: port 2(bridge_slave_1) entered blocking state [ 123.327615][ T3705] bridge0: port 2(bridge_slave_1) entered disabled state [ 123.334566][ T3705] device bridge_slave_1 entered promiscuous mode [ 123.341916][ T3704] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 123.347709][ T3704] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 123.371421][ T3704] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 123.384244][ T3703] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 123.450549][ T3703] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 123.481226][ T3706] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 123.486989][ T3706] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 123.509804][ T3706] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 123.547957][ T3705] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 123.580296][ T3706] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 123.587598][ T3706] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 123.614317][ T3706] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 123.631873][ T3705] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 123.666618][ T3703] team0: Port device team_slave_0 added [ 123.677017][ T3703] team0: Port device team_slave_1 added [ 123.722905][ T3704] device hsr_slave_0 entered promiscuous mode [ 123.729612][ T3704] device hsr_slave_1 entered promiscuous mode [ 123.752312][ T3718] Bluetooth: hci0: command 0x0409 tx timeout [ 123.752342][ T3712] Bluetooth: hci3: command 0x0409 tx timeout [ 123.832690][ T3718] Bluetooth: hci1: command 0x0409 tx timeout [ 123.852695][ T3705] team0: Port device team_slave_0 added [ 123.858916][ T3703] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 123.865746][ T3703] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 123.885889][ T3703] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 123.911384][ T3712] Bluetooth: hci2: command 0x0409 tx timeout [ 123.953486][ T3705] team0: Port device team_slave_1 added [ 123.959312][ T3703] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 123.966169][ T3703] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 123.986331][ T3703] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 124.010667][ T3706] device hsr_slave_0 entered promiscuous mode [ 124.017423][ T3706] device hsr_slave_1 entered promiscuous mode [ 124.023816][ T3706] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 124.031556][ T3706] Cannot create hsr debugfs directory [ 124.122545][ T3705] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 124.129091][ T3705] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 124.152652][ T3705] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 124.215481][ T3705] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 124.222988][ T3705] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 124.243290][ T3705] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 124.260727][ T3703] device hsr_slave_0 entered promiscuous mode [ 124.266341][ T3703] device hsr_slave_1 entered promiscuous mode [ 124.272714][ T3703] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 124.277954][ T3703] Cannot create hsr debugfs directory [ 124.461123][ T3705] device hsr_slave_0 entered promiscuous mode [ 124.467769][ T3705] device hsr_slave_1 entered promiscuous mode [ 124.474934][ T3705] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 124.481608][ T3705] Cannot create hsr debugfs directory [ 124.872264][ T3704] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 124.886267][ T3704] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 124.910229][ T3704] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 124.917178][ T3704] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 125.003668][ T3706] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 125.015523][ T3706] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 125.030276][ T3706] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 125.049638][ T3706] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 125.112013][ T3705] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 125.129770][ T3705] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 125.144648][ T3705] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 125.181880][ T3705] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 125.246560][ T3704] 8021q: adding VLAN 0 to HW filter on device bond0 [ 125.260646][ T3703] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 125.275536][ T3703] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 125.322313][ T3703] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 125.331326][ T3703] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 125.373923][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 125.385241][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 125.413741][ T3704] 8021q: adding VLAN 0 to HW filter on device team0 [ 125.451925][ T3706] 8021q: adding VLAN 0 to HW filter on device bond0 [ 125.477591][ T1938] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 125.487468][ T1938] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 125.497750][ T1938] bridge0: port 1(bridge_slave_0) entered blocking state [ 125.504647][ T1938] bridge0: port 1(bridge_slave_0) entered forwarding state [ 125.553072][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 125.561263][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 125.574740][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 125.581556][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 125.586708][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 125.592272][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 125.620926][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 125.628946][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 125.637019][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 125.647586][ T3706] 8021q: adding VLAN 0 to HW filter on device team0 [ 125.681976][ T3744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 125.693682][ T3744] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 125.701638][ T3744] bridge0: port 1(bridge_slave_0) entered blocking state [ 125.706909][ T3744] bridge0: port 1(bridge_slave_0) entered forwarding state [ 125.716457][ T3744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 125.725117][ T3744] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 125.735438][ T3744] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 125.741327][ T3744] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 125.781117][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 125.789658][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 125.798134][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 125.806430][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 125.815623][ T3745] bridge0: port 2(bridge_slave_1) entered blocking state [ 125.822925][ T3745] bridge0: port 2(bridge_slave_1) entered forwarding state [ 125.828804][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 125.831121][ T3718] Bluetooth: hci3: command 0x041b tx timeout [ 125.835494][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 125.839270][ T3718] Bluetooth: hci0: command 0x041b tx timeout [ 125.859383][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 125.882831][ T3705] 8021q: adding VLAN 0 to HW filter on device bond0 [ 125.892117][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 125.901004][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 125.906837][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 125.916811][ T3704] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 125.922098][ T3718] Bluetooth: hci1: command 0x041b tx timeout [ 125.931067][ T3703] 8021q: adding VLAN 0 to HW filter on device bond0 [ 125.944390][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 125.953276][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 125.961465][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 125.985871][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 125.991229][ T3718] Bluetooth: hci2: command 0x041b tx timeout [ 125.993624][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 126.005262][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 126.012519][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 126.025942][ T3705] 8021q: adding VLAN 0 to HW filter on device team0 [ 126.038955][ T3744] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 126.046559][ T3744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 126.058049][ T3744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 126.066225][ T3744] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 126.080142][ T3703] 8021q: adding VLAN 0 to HW filter on device team0 [ 126.097354][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 126.109692][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 126.118041][ T3745] bridge0: port 1(bridge_slave_0) entered blocking state [ 126.125257][ T3745] bridge0: port 1(bridge_slave_0) entered forwarding state [ 126.132242][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 126.140246][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 126.150683][ T3745] bridge0: port 1(bridge_slave_0) entered blocking state [ 126.157299][ T3745] bridge0: port 1(bridge_slave_0) entered forwarding state [ 126.169421][ T3706] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 126.181391][ T3706] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 126.197165][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 126.205520][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 126.213151][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 126.222384][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 126.230512][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 126.238067][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 126.245645][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 126.251274][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 126.257670][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 126.285360][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 126.298862][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 126.307652][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 126.325391][ T40] bridge0: port 2(bridge_slave_1) entered blocking state [ 126.330759][ T40] bridge0: port 2(bridge_slave_1) entered forwarding state [ 126.337720][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 126.365268][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 126.374725][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 126.382774][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 126.389348][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 126.413094][ T3705] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 126.423598][ T3705] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 126.443403][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 126.449523][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 126.457604][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 126.466835][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 126.474999][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 126.483268][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 126.490415][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 126.497170][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 126.506401][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 126.527507][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 126.537813][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 126.545757][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 126.554306][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 126.562077][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 126.578019][ T3704] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 126.612872][ T3706] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 126.619891][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 126.627687][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 126.640982][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 126.648974][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 126.676244][ T3703] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 126.688385][ T3703] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 126.701065][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 126.709670][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 126.752437][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 126.764307][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 126.772991][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 126.779039][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 126.806780][ T3705] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 126.822249][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 126.829395][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 126.855226][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 126.863833][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 126.872752][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 126.880670][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 126.891039][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 126.899249][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 126.907361][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 126.914822][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 126.932943][ T3704] device veth0_vlan entered promiscuous mode [ 126.944479][ T3706] device veth0_vlan entered promiscuous mode [ 126.978205][ T3704] device veth1_vlan entered promiscuous mode [ 126.999302][ T3706] device veth1_vlan entered promiscuous mode [ 127.015864][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 127.029277][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 127.044542][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 127.053934][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 127.067313][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 127.092957][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 127.099201][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 127.134470][ T3703] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 127.142991][ T3744] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 127.151461][ T3744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 127.161439][ T3704] device veth0_macvtap entered promiscuous mode [ 127.176885][ T3705] device veth0_vlan entered promiscuous mode [ 127.194745][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 127.204506][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 127.211858][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 127.220455][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 127.228265][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 127.236252][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 127.246748][ T3705] device veth1_vlan entered promiscuous mode [ 127.263194][ T3704] device veth1_macvtap entered promiscuous mode [ 127.284772][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 127.293433][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 127.301087][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 127.308690][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 127.317072][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 127.358647][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 127.366799][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 127.375265][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 127.382957][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 127.395395][ T3704] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 127.408371][ T3703] device veth0_vlan entered promiscuous mode [ 127.421024][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 127.429255][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 127.438327][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 127.446320][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 127.461432][ T3704] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 127.470690][ T3706] device veth0_macvtap entered promiscuous mode [ 127.502728][ T3744] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 127.513614][ T3744] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 127.522265][ T3744] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 127.531772][ T3744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 127.547024][ T3703] device veth1_vlan entered promiscuous mode [ 127.561751][ T3706] device veth1_macvtap entered promiscuous mode [ 127.585183][ T3704] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.594594][ T3704] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.603107][ T3704] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.614358][ T3704] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.636634][ T3705] device veth0_macvtap entered promiscuous mode [ 127.656966][ T3705] device veth1_macvtap entered promiscuous mode [ 127.694642][ T3706] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 127.706994][ T3706] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.715860][ T3706] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 127.728641][ T3706] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 127.736872][ T3706] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.745894][ T3706] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 127.754015][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 127.762435][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 127.769294][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 127.775225][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 127.783023][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 127.800624][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 127.820553][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 127.829085][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 127.872391][ T3706] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.882545][ T3706] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.890609][ T3706] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.898198][ T3706] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.911014][ T3712] Bluetooth: hci0: command 0x040f tx timeout [ 127.920282][ T3718] Bluetooth: hci3: command 0x040f tx timeout [ 127.922514][ T3703] device veth0_macvtap entered promiscuous mode [ 127.938394][ T3703] device veth1_macvtap entered promiscuous mode [ 127.949603][ T3705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 127.960090][ T3705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.968762][ T3705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 127.977754][ T3705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.987172][ T3705] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 127.990811][ T3718] Bluetooth: hci1: command 0x040f tx timeout [ 128.004005][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 128.011192][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 128.019118][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 128.027273][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 128.052983][ T3705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 128.063426][ T3705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.075775][ T3705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 128.076089][ T3718] Bluetooth: hci2: command 0x040f tx timeout [ 128.085522][ T3705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.104857][ T3705] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 128.130719][ T3770] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 128.133529][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 128.151344][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 128.165618][ T3705] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.174187][ T3705] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.182120][ T3705] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.190812][ T3705] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.230837][ T3703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 128.239735][ T3703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.250154][ T3703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 128.262891][ T3703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.294041][ T3703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 128.305919][ T3703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.323707][ T3703] batman_adv: batadv0: Interface activated: batadv_slave_0 10:59:43 executing program 3: r0 = getpid() pidfd_open(r0, 0x0) r1 = syz_io_uring_setup(0x254, &(0x7f0000000340), &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0) openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) io_uring_enter(r1, 0x4bac, 0x0, 0x0, 0x0, 0x0) [ 128.339271][ T3703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 128.348803][ T3703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.357821][ T3703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 128.368402][ T3703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.376908][ T3703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 10:59:43 executing program 3: r0 = getpid() pidfd_open(r0, 0x0) r1 = syz_io_uring_setup(0x254, &(0x7f0000000340), &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0) openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) io_uring_enter(r1, 0x4bac, 0x0, 0x0, 0x0, 0x0) [ 128.395898][ T3703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.410689][ T3703] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 128.425957][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 128.436433][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready 10:59:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0xc0000102}]}) 10:59:43 executing program 3: r0 = getpid() pidfd_open(r0, 0x0) r1 = syz_io_uring_setup(0x254, &(0x7f0000000340), &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0) openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) io_uring_enter(r1, 0x4bac, 0x0, 0x0, 0x0, 0x0) [ 128.445651][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 128.456257][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 128.515937][ T3703] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.530753][ T3703] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.540440][ T3703] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.548410][ T3703] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.139612][ T3792] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 10:59:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0xc0000102}]}) 10:59:45 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0xc0000102}]}) 10:59:45 executing program 0: unshare(0x6c060000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c00000024000bc6ccba90000000000000000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffff0000000008000100647272"], 0x2c}}, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x10}}, [@filter_kind_options=@f_bpf={{0x8}, {0xfffffffffffffede, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4, 0x5, [{}, {}, {}]}}, @TCA_BPF_FD={0x8}]}}]}, 0x44}, 0x1, 0x100000000000000}, 0x0) 10:59:45 executing program 1: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f00000000c0)="6736360f23ef640fc76ea4660f7fab0c00b807018ec0660f21de0f01c50f01c8640f009901000f01c5baa000b82471ef", 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:59:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0xc0000102}]}) 10:59:45 executing program 2: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f00000000c0)="6736360f23ef640fc76ea4660f7fab0c00b807018ec0660f21de0f01c50f01c8640f009901000f01c5baa000b82471ef", 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:59:45 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0xc0000102}]}) [ 129.990400][ T3718] Bluetooth: hci3: command 0x0419 tx timeout [ 130.000369][ T3712] Bluetooth: hci0: command 0x0419 tx timeout [ 130.070730][ T3712] Bluetooth: hci1: command 0x0419 tx timeout [ 130.093113][ T3809] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 10:59:45 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0xc0000102}]}) 10:59:45 executing program 1: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f00000000c0)="6736360f23ef640fc76ea4660f7fab0c00b807018ec0660f21de0f01c50f01c8640f009901000f01c5baa000b82471ef", 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 130.160384][ T3712] Bluetooth: hci2: command 0x0419 tx timeout 10:59:45 executing program 2: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f00000000c0)="6736360f23ef640fc76ea4660f7fab0c00b807018ec0660f21de0f01c50f01c8640f009901000f01c5baa000b82471ef", 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:59:45 executing program 0: unshare(0x6c060000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c00000024000bc6ccba90000000000000000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffff0000000008000100647272"], 0x2c}}, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x10}}, [@filter_kind_options=@f_bpf={{0x8}, {0xfffffffffffffede, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4, 0x5, [{}, {}, {}]}}, @TCA_BPF_FD={0x8}]}}]}, 0x44}, 0x1, 0x100000000000000}, 0x0) 10:59:45 executing program 3: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f00000000c0)="6736360f23ef640fc76ea4660f7fab0c00b807018ec0660f21de0f01c50f01c8640f009901000f01c5baa000b82471ef", 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 130.750672][ T3839] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 10:59:46 executing program 3: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f00000000c0)="6736360f23ef640fc76ea4660f7fab0c00b807018ec0660f21de0f01c50f01c8640f009901000f01c5baa000b82471ef", 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:59:46 executing program 0: unshare(0x6c060000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c00000024000bc6ccba90000000000000000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffff0000000008000100647272"], 0x2c}}, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x10}}, [@filter_kind_options=@f_bpf={{0x8}, {0xfffffffffffffede, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4, 0x5, [{}, {}, {}]}}, @TCA_BPF_FD={0x8}]}}]}, 0x44}, 0x1, 0x100000000000000}, 0x0) 10:59:46 executing program 1: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f00000000c0)="6736360f23ef640fc76ea4660f7fab0c00b807018ec0660f21de0f01c50f01c8640f009901000f01c5baa000b82471ef", 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:59:46 executing program 2: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f00000000c0)="6736360f23ef640fc76ea4660f7fab0c00b807018ec0660f21de0f01c50f01c8640f009901000f01c5baa000b82471ef", 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 131.556938][ T3857] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 10:59:47 executing program 3: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f00000000c0)="6736360f23ef640fc76ea4660f7fab0c00b807018ec0660f21de0f01c50f01c8640f009901000f01c5baa000b82471ef", 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:59:47 executing program 0: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f00000000c0)="6736360f23ef640fc76ea4660f7fab0c00b807018ec0660f21de0f01c50f01c8640f009901000f01c5baa000b82471ef", 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:59:47 executing program 2: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f00000000c0)="6736360f23ef640fc76ea4660f7fab0c00b807018ec0660f21de0f01c50f01c8640f009901000f01c5baa000b82471ef", 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:59:47 executing program 1: unshare(0x6c060000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c00000024000bc6ccba90000000000000000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffff0000000008000100647272"], 0x2c}}, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x10}}, [@filter_kind_options=@f_bpf={{0x8}, {0xfffffffffffffede, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4, 0x5, [{}, {}, {}]}}, @TCA_BPF_FD={0x8}]}}]}, 0x44}, 0x1, 0x100000000000000}, 0x0) 10:59:47 executing program 3: unshare(0x6c060000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c00000024000bc6ccba90000000000000000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffff0000000008000100647272"], 0x2c}}, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x10}}, [@filter_kind_options=@f_bpf={{0x8}, {0xfffffffffffffede, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4, 0x5, [{}, {}, {}]}}, @TCA_BPF_FD={0x8}]}}]}, 0x44}, 0x1, 0x100000000000000}, 0x0) 10:59:48 executing program 0: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f00000000c0)="6736360f23ef640fc76ea4660f7fab0c00b807018ec0660f21de0f01c50f01c8640f009901000f01c5baa000b82471ef", 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 132.845238][ T3884] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 10:59:48 executing program 0: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f00000000c0)="6736360f23ef640fc76ea4660f7fab0c00b807018ec0660f21de0f01c50f01c8640f009901000f01c5baa000b82471ef", 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:59:48 executing program 3: unshare(0x6c060000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c00000024000bc6ccba90000000000000000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffff0000000008000100647272"], 0x2c}}, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x10}}, [@filter_kind_options=@f_bpf={{0x8}, {0xfffffffffffffede, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4, 0x5, [{}, {}, {}]}}, @TCA_BPF_FD={0x8}]}}]}, 0x44}, 0x1, 0x100000000000000}, 0x0) [ 133.426425][ T3882] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 10:59:48 executing program 1: unshare(0x6c060000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c00000024000bc6ccba90000000000000000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffff0000000008000100647272"], 0x2c}}, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x10}}, [@filter_kind_options=@f_bpf={{0x8}, {0xfffffffffffffede, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4, 0x5, [{}, {}, {}]}}, @TCA_BPF_FD={0x8}]}}]}, 0x44}, 0x1, 0x100000000000000}, 0x0) 10:59:49 executing program 2: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f00000000c0)="6736360f23ef640fc76ea4660f7fab0c00b807018ec0660f21de0f01c50f01c8640f009901000f01c5baa000b82471ef", 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 134.000929][ T3903] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 10:59:49 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x0, 0x2) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x1dd00) [ 134.146060][ T3900] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 10:59:49 executing program 1: unshare(0x6c060000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c00000024000bc6ccba90000000000000000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffff0000000008000100647272"], 0x2c}}, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x10}}, [@filter_kind_options=@f_bpf={{0x8}, {0xfffffffffffffede, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4, 0x5, [{}, {}, {}]}}, @TCA_BPF_FD={0x8}]}}]}, 0x44}, 0x1, 0x100000000000000}, 0x0) [ 134.216003][ T41] audit: type=1804 audit(1665053989.647:2): pid=3915 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/syzkaller-testdir2286585366/syzkaller.GkyXrP/7/bus" dev="sda1" ino=1164 res=1 errno=0 [ 134.253647][ T41] audit: type=1800 audit(1665053989.647:3): pid=3915 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1164 res=0 errno=0 10:59:49 executing program 3: unshare(0x6c060000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c00000024000bc6ccba90000000000000000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffff0000000008000100647272"], 0x2c}}, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x10}}, [@filter_kind_options=@f_bpf={{0x8}, {0xfffffffffffffede, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4, 0x5, [{}, {}, {}]}}, @TCA_BPF_FD={0x8}]}}]}, 0x44}, 0x1, 0x100000000000000}, 0x0) [ 134.588201][ T3914] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 10:59:50 executing program 2: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f00000000c0)="6736360f23ef640fc76ea4660f7fab0c00b807018ec0660f21de0f01c50f01c8640f009901000f01c5baa000b82471ef", 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:59:50 executing program 1: r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x5, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r0, 0x0, 0x29, 0x1000000}, 0x10) 10:59:50 executing program 1: r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x5, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r0, 0x0, 0x29, 0x1000000}, 0x10) 10:59:50 executing program 1: r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x5, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r0, 0x0, 0x29, 0x1000000}, 0x10) 10:59:50 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x0, 0x2) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x1dd00) 10:59:50 executing program 1: r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x5, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r0, 0x0, 0x29, 0x1000000}, 0x10) [ 135.112360][ T3918] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 10:59:50 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x0, 0x2) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x1dd00) [ 135.217222][ T41] audit: type=1804 audit(1665053990.647:4): pid=3936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/syzkaller-testdir2286585366/syzkaller.GkyXrP/8/bus" dev="sda1" ino=1155 res=1 errno=0 [ 135.245921][ T41] audit: type=1800 audit(1665053990.647:5): pid=3936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1155 res=0 errno=0 [ 135.371483][ T41] audit: type=1804 audit(1665053990.807:6): pid=3939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/syzkaller-testdir3049042998/syzkaller.YosfDT/11/bus" dev="sda1" ino=1165 res=1 errno=0 [ 135.392033][ T41] audit: type=1800 audit(1665053990.807:7): pid=3939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1165 res=0 errno=0 10:59:50 executing program 3: r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x5, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r0, 0x0, 0x29, 0x1000000}, 0x10) 10:59:51 executing program 3: r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x5, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r0, 0x0, 0x29, 0x1000000}, 0x10) 10:59:51 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$fb(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x6, 0x12, r0, 0x0) 10:59:51 executing program 3: r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x5, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r0, 0x0, 0x29, 0x1000000}, 0x10) 10:59:51 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$fb(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x6, 0x12, r0, 0x0) 10:59:51 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001080)={&(0x7f0000001280)={{0xeb9f, 0x1, 0x0, 0x18, 0x1700, 0x0, 0x0, 0x2}}, &(0x7f0000000040)=""/4096, 0x1a, 0x1000, 0x1}, 0x20) 10:59:51 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$fb(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x6, 0x12, r0, 0x0) 10:59:51 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x0, 0x2) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x1dd00) 10:59:51 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x0, 0x2) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x1dd00) 10:59:51 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$fb(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x6, 0x12, r0, 0x0) 10:59:51 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001080)={&(0x7f0000001280)={{0xeb9f, 0x1, 0x0, 0x18, 0x1700, 0x0, 0x0, 0x2}}, &(0x7f0000000040)=""/4096, 0x1a, 0x1000, 0x1}, 0x20) 10:59:51 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001080)={&(0x7f0000001280)={{0xeb9f, 0x1, 0x0, 0x18, 0x1700, 0x0, 0x0, 0x2}}, &(0x7f0000000040)=""/4096, 0x1a, 0x1000, 0x1}, 0x20) 10:59:51 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_GSO_MAX_SIZE={0x8}, @IFLA_IFNAME={0x14, 0x3, 'erspan0\x00'}]}, 0x3c}}, 0x0) 10:59:51 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001080)={&(0x7f0000001280)={{0xeb9f, 0x1, 0x0, 0x18, 0x1700, 0x0, 0x0, 0x2}}, &(0x7f0000000040)=""/4096, 0x1a, 0x1000, 0x1}, 0x20) 10:59:51 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_GSO_MAX_SIZE={0x8}, @IFLA_IFNAME={0x14, 0x3, 'erspan0\x00'}]}, 0x3c}}, 0x0) [ 136.162125][ T41] audit: type=1804 audit(1665053991.597:8): pid=3970 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/syzkaller-testdir2286585366/syzkaller.GkyXrP/9/bus" dev="sda1" ino=1147 res=1 errno=0 [ 136.182125][ T41] audit: type=1800 audit(1665053991.607:9): pid=3970 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1147 res=0 errno=0 [ 136.200878][ T41] audit: type=1804 audit(1665053991.617:10): pid=3973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/syzkaller-testdir3049042998/syzkaller.YosfDT/12/bus" dev="sda1" ino=1152 res=1 errno=0 [ 136.225247][ T41] audit: type=1800 audit(1665053991.617:11): pid=3973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1152 res=0 errno=0 10:59:52 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x0, 0x2) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x1dd00) 10:59:52 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) lseek(r3, 0x0, 0x2) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r3, r4, 0x0, 0x1dd00) 10:59:52 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, 0x0, &(0x7f0000000180)) 10:59:52 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_GSO_MAX_SIZE={0x8}, @IFLA_IFNAME={0x14, 0x3, 'erspan0\x00'}]}, 0x3c}}, 0x0) 10:59:52 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, 0x0, &(0x7f0000000180)) 10:59:52 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_GSO_MAX_SIZE={0x8}, @IFLA_IFNAME={0x14, 0x3, 'erspan0\x00'}]}, 0x3c}}, 0x0) 10:59:52 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, 0x0, &(0x7f0000000180)) 10:59:52 executing program 2: ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000000)) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000020000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) quotactl(0x40000080000100, 0x0, 0x0, 0x0) 10:59:53 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, 0x0, &(0x7f0000000180)) 10:59:53 executing program 2: ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000000)) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000020000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) quotactl(0x40000080000100, 0x0, 0x0, 0x0) 10:59:53 executing program 0: ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000000)) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000020000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) quotactl(0x40000080000100, 0x0, 0x0, 0x0) 10:59:53 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x0, @rand_addr=0x64010101}], 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x0, @rand_addr=0x64010101}], 0x10) 10:59:53 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0xc08c5335, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue0\x00'}) 10:59:53 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0xc08c5335, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue0\x00'}) 10:59:53 executing program 0: ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000000)) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000020000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) quotactl(0x40000080000100, 0x0, 0x0, 0x0) 10:59:53 executing program 2: ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000000)) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000020000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) quotactl(0x40000080000100, 0x0, 0x0, 0x0) 10:59:53 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0xc08c5335, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue0\x00'}) 10:59:53 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0xc08c5335, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue0\x00'}) 10:59:53 executing program 0: ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000000)) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000020000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) quotactl(0x40000080000100, 0x0, 0x0, 0x0) 10:59:54 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x0, @rand_addr=0x64010101}], 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x0, @rand_addr=0x64010101}], 0x10) 10:59:54 executing program 2: ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000000)) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000020000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) quotactl(0x40000080000100, 0x0, 0x0, 0x0) 10:59:54 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x28}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000000000060000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0xa000000, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB='8\x00\x00\x00,\x00\'\r\x00'/20, @ANYRES32=r4, @ANYBLOB="00000000000000000c00000008000100753332000c0002000800020000400080"], 0x38}}, 0x0) 10:59:54 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x5c, r1, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @broadcast}}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @remote}]}, 0x5c}}, 0x0) [ 138.826081][ T4021] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 10:59:54 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x28}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000000000060000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0xa000000, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB='8\x00\x00\x00,\x00\'\r\x00'/20, @ANYRES32=r4, @ANYBLOB="00000000000000000c00000008000100753332000c0002000800020000400080"], 0x38}}, 0x0) 10:59:54 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x5c, r1, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @broadcast}}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @remote}]}, 0x5c}}, 0x0) 10:59:54 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x5c, r1, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @broadcast}}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @remote}]}, 0x5c}}, 0x0) 10:59:54 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x28}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000000000060000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0xa000000, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB='8\x00\x00\x00,\x00\'\r\x00'/20, @ANYRES32=r4, @ANYBLOB="00000000000000000c00000008000100753332000c0002000800020000400080"], 0x38}}, 0x0) [ 138.935024][ T4027] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 138.951312][ T4031] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 139.116152][ T1351] ieee802154 phy0 wpan0: encryption failed: -22 [ 139.123065][ T1351] ieee802154 phy1 wpan1: encryption failed: -22 10:59:55 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x0, @rand_addr=0x64010101}], 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x0, @rand_addr=0x64010101}], 0x10) 10:59:55 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x5c, r1, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @broadcast}}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @remote}]}, 0x5c}}, 0x0) 10:59:55 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x28}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000000000060000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0xa000000, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB='8\x00\x00\x00,\x00\'\r\x00'/20, @ANYRES32=r4, @ANYBLOB="00000000000000000c00000008000100753332000c0002000800020000400080"], 0x38}}, 0x0) 10:59:55 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x28}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000000000060000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0xa000000, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB='8\x00\x00\x00,\x00\'\r\x00'/20, @ANYRES32=r4, @ANYBLOB="00000000000000000c00000008000100753332000c0002000800020000400080"], 0x38}}, 0x0) [ 139.692249][ T4035] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 139.703642][ T4036] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 10:59:55 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x0, @rand_addr=0x64010101}], 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x0, @rand_addr=0x64010101}], 0x10) 10:59:55 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x28}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000000000060000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0xa000000, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB='8\x00\x00\x00,\x00\'\r\x00'/20, @ANYRES32=r4, @ANYBLOB="00000000000000000c00000008000100753332000c0002000800020000400080"], 0x38}}, 0x0) 10:59:55 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x28}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000000000060000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0xa000000, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB='8\x00\x00\x00,\x00\'\r\x00'/20, @ANYRES32=r4, @ANYBLOB="00000000000000000c00000008000100753332000c0002000800020000400080"], 0x38}}, 0x0) [ 139.765278][ T4045] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 139.774486][ T4046] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 10:59:55 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_buf(r0, 0x29, 0x4a, 0x0, 0x0) 10:59:55 executing program 1: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x28482, 0x0) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0) ioctl$SNDCTL_SEQ_RESET(r0, 0x5100) 10:59:55 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x0, @rand_addr=0x64010101}], 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x0, @rand_addr=0x64010101}], 0x10) 10:59:55 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_buf(r0, 0x29, 0x4a, 0x0, 0x0) 10:59:56 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_buf(r0, 0x29, 0x4a, 0x0, 0x0) 10:59:56 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x0, @rand_addr=0x64010101}], 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x0, @rand_addr=0x64010101}], 0x10) 10:59:56 executing program 1: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x28482, 0x0) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0) ioctl$SNDCTL_SEQ_RESET(r0, 0x5100) 10:59:56 executing program 1: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x28482, 0x0) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0) ioctl$SNDCTL_SEQ_RESET(r0, 0x5100) 10:59:56 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_buf(r0, 0x29, 0x4a, 0x0, 0x0) 10:59:56 executing program 2: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x28482, 0x0) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0) ioctl$SNDCTL_SEQ_RESET(r0, 0x5100) 10:59:56 executing program 2: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x28482, 0x0) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0) ioctl$SNDCTL_SEQ_RESET(r0, 0x5100) 10:59:56 executing program 1: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x28482, 0x0) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0) ioctl$SNDCTL_SEQ_RESET(r0, 0x5100) 10:59:56 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x7d, 0x0, &(0x7f0000000200)) 10:59:56 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x0, @rand_addr=0x64010101}], 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x0, @rand_addr=0x64010101}], 0x10) 10:59:56 executing program 2: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x28482, 0x0) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0) ioctl$SNDCTL_SEQ_RESET(r0, 0x5100) 10:59:56 executing program 1: fanotify_init(0x0, 0x48003) 10:59:56 executing program 1: fanotify_init(0x0, 0x48003) 10:59:56 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x7d, 0x0, &(0x7f0000000200)) 10:59:56 executing program 1: fanotify_init(0x0, 0x48003) 10:59:56 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x7d, 0x0, &(0x7f0000000200)) 10:59:56 executing program 2: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000100)=@raw={'raw\x00', 0x3c1, 0x3, 0x50c, 0x2fc, 0x59000000, 0x294, 0x0, 0x294, 0x444, 0x378, 0x378, 0x444, 0x378, 0x3, 0x0, {[{{@uncond, 0x0, 0x2b4, 0x2fc, 0x52020000, {}, [@common=@inet=@hashlimit2={{0x150}, {'veth1\x00', {0xe2, 0x0, 0x62, 0x0, 0x0, 0x1, 0x3fe}}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "796268880ccc1ead08db713078a9af4f9b88574f7f1bf77d65420c28387d342331a24364f67cdd5531e34b768a6af25a06020a619a8153fb71779c857f8a000f42a2770770960471510115cbbdcf01572fb35d1e47674b41b6c4a3dfe224559d8763d5f9bc9fbae3ee50f987a1ab15581079624c1d69074c91660b783b95127a", 0x76}}]}, @unspec=@CT0={0x48}}, {{@uncond, 0x0, 0xdc, 0x148, 0x0, {}, [@common=@unspec=@connbytes={{0x38}, {[], 0x3}}]}, @common=@unspec=@NFLOG={0x6c, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "5bb368e6765f2920f48ab47ebad633554775471aae6a679ab65eade7501118c68982c360d8fc323fd77e75c44425eb4e13e6957f640228a91451c3815e451700"}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x568) 10:59:57 executing program 2: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000100)=@raw={'raw\x00', 0x3c1, 0x3, 0x50c, 0x2fc, 0x59000000, 0x294, 0x0, 0x294, 0x444, 0x378, 0x378, 0x444, 0x378, 0x3, 0x0, {[{{@uncond, 0x0, 0x2b4, 0x2fc, 0x52020000, {}, [@common=@inet=@hashlimit2={{0x150}, {'veth1\x00', {0xe2, 0x0, 0x62, 0x0, 0x0, 0x1, 0x3fe}}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "796268880ccc1ead08db713078a9af4f9b88574f7f1bf77d65420c28387d342331a24364f67cdd5531e34b768a6af25a06020a619a8153fb71779c857f8a000f42a2770770960471510115cbbdcf01572fb35d1e47674b41b6c4a3dfe224559d8763d5f9bc9fbae3ee50f987a1ab15581079624c1d69074c91660b783b95127a", 0x76}}]}, @unspec=@CT0={0x48}}, {{@uncond, 0x0, 0xdc, 0x148, 0x0, {}, [@common=@unspec=@connbytes={{0x38}, {[], 0x3}}]}, @common=@unspec=@NFLOG={0x6c, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "5bb368e6765f2920f48ab47ebad633554775471aae6a679ab65eade7501118c68982c360d8fc323fd77e75c44425eb4e13e6957f640228a91451c3815e451700"}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x568) 10:59:57 executing program 1: fanotify_init(0x0, 0x48003) 10:59:57 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x7d, 0x0, &(0x7f0000000200)) 10:59:57 executing program 0: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x24, 0x14, 0x1, 0x0, 0x0, {0x11, 0xc4}, [@INET_DIAG_REQ_BYTECODE={0xd, 0x1, "be7cd8903e5d6f05f5"}]}, 0x24}}, 0x0) 10:59:57 executing program 2: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000100)=@raw={'raw\x00', 0x3c1, 0x3, 0x50c, 0x2fc, 0x59000000, 0x294, 0x0, 0x294, 0x444, 0x378, 0x378, 0x444, 0x378, 0x3, 0x0, {[{{@uncond, 0x0, 0x2b4, 0x2fc, 0x52020000, {}, [@common=@inet=@hashlimit2={{0x150}, {'veth1\x00', {0xe2, 0x0, 0x62, 0x0, 0x0, 0x1, 0x3fe}}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "796268880ccc1ead08db713078a9af4f9b88574f7f1bf77d65420c28387d342331a24364f67cdd5531e34b768a6af25a06020a619a8153fb71779c857f8a000f42a2770770960471510115cbbdcf01572fb35d1e47674b41b6c4a3dfe224559d8763d5f9bc9fbae3ee50f987a1ab15581079624c1d69074c91660b783b95127a", 0x76}}]}, @unspec=@CT0={0x48}}, {{@uncond, 0x0, 0xdc, 0x148, 0x0, {}, [@common=@unspec=@connbytes={{0x38}, {[], 0x3}}]}, @common=@unspec=@NFLOG={0x6c, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "5bb368e6765f2920f48ab47ebad633554775471aae6a679ab65eade7501118c68982c360d8fc323fd77e75c44425eb4e13e6957f640228a91451c3815e451700"}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x568) 10:59:57 executing program 3: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) llistxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) 10:59:57 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_NOOP(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r1, 0x1}, 0x14}}, 0x0) 10:59:57 executing program 0: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x24, 0x14, 0x1, 0x0, 0x0, {0x11, 0xc4}, [@INET_DIAG_REQ_BYTECODE={0xd, 0x1, "be7cd8903e5d6f05f5"}]}, 0x24}}, 0x0) 10:59:57 executing program 0: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x24, 0x14, 0x1, 0x0, 0x0, {0x11, 0xc4}, [@INET_DIAG_REQ_BYTECODE={0xd, 0x1, "be7cd8903e5d6f05f5"}]}, 0x24}}, 0x0) 10:59:57 executing program 3: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) llistxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) 10:59:57 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_NOOP(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r1, 0x1}, 0x14}}, 0x0) 10:59:57 executing program 2: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000100)=@raw={'raw\x00', 0x3c1, 0x3, 0x50c, 0x2fc, 0x59000000, 0x294, 0x0, 0x294, 0x444, 0x378, 0x378, 0x444, 0x378, 0x3, 0x0, {[{{@uncond, 0x0, 0x2b4, 0x2fc, 0x52020000, {}, [@common=@inet=@hashlimit2={{0x150}, {'veth1\x00', {0xe2, 0x0, 0x62, 0x0, 0x0, 0x1, 0x3fe}}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "796268880ccc1ead08db713078a9af4f9b88574f7f1bf77d65420c28387d342331a24364f67cdd5531e34b768a6af25a06020a619a8153fb71779c857f8a000f42a2770770960471510115cbbdcf01572fb35d1e47674b41b6c4a3dfe224559d8763d5f9bc9fbae3ee50f987a1ab15581079624c1d69074c91660b783b95127a", 0x76}}]}, @unspec=@CT0={0x48}}, {{@uncond, 0x0, 0xdc, 0x148, 0x0, {}, [@common=@unspec=@connbytes={{0x38}, {[], 0x3}}]}, @common=@unspec=@NFLOG={0x6c, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "5bb368e6765f2920f48ab47ebad633554775471aae6a679ab65eade7501118c68982c360d8fc323fd77e75c44425eb4e13e6957f640228a91451c3815e451700"}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x568) 10:59:57 executing program 0: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x24, 0x14, 0x1, 0x0, 0x0, {0x11, 0xc4}, [@INET_DIAG_REQ_BYTECODE={0xd, 0x1, "be7cd8903e5d6f05f5"}]}, 0x24}}, 0x0) 10:59:57 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_NOOP(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r1, 0x1}, 0x14}}, 0x0) 10:59:57 executing program 3: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) llistxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) 10:59:57 executing program 0: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) llistxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) 10:59:57 executing program 2: rt_sigaction(0x0, 0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)) 10:59:57 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_NOOP(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r1, 0x1}, 0x14}}, 0x0) 10:59:58 executing program 2: rt_sigaction(0x0, 0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)) 10:59:58 executing program 2: rt_sigaction(0x0, 0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)) 10:59:58 executing program 1: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) write$damon_attrs(r0, &(0x7f0000000280)={{' ', 0x7fff}, {' ', 0x100000000}, {' ', 0x6}, {' ', 0x87f7}, {' ', 0x8000000000000000}}, 0x69) 10:59:58 executing program 0: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) llistxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) 10:59:58 executing program 3: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) llistxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) 10:59:58 executing program 2: rt_sigaction(0x0, 0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)) 10:59:58 executing program 1: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) write$damon_attrs(r0, &(0x7f0000000280)={{' ', 0x7fff}, {' ', 0x100000000}, {' ', 0x6}, {' ', 0x87f7}, {' ', 0x8000000000000000}}, 0x69) 10:59:58 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x7}, 0x4) setsockopt$packet_buf(r0, 0x107, 0x16, 0x0, 0x4) 10:59:58 executing program 1: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) write$damon_attrs(r0, &(0x7f0000000280)={{' ', 0x7fff}, {' ', 0x100000000}, {' ', 0x6}, {' ', 0x87f7}, {' ', 0x8000000000000000}}, 0x69) 10:59:58 executing program 0: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) llistxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) 10:59:58 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x7}, 0x4) setsockopt$packet_buf(r0, 0x107, 0x16, 0x0, 0x4) 10:59:58 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x7}, 0x4) setsockopt$packet_buf(r0, 0x107, 0x16, 0x0, 0x4) 10:59:58 executing program 1: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) write$damon_attrs(r0, &(0x7f0000000280)={{' ', 0x7fff}, {' ', 0x100000000}, {' ', 0x6}, {' ', 0x87f7}, {' ', 0x8000000000000000}}, 0x69) 10:59:58 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net\x00') r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/softnet_stat\x00') dup3(r0, r1, 0x0) mknodat$null(r1, &(0x7f0000000540)='./file0\x00', 0x0, 0x103) 10:59:58 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x7}, 0x4) setsockopt$packet_buf(r0, 0x107, 0x16, 0x0, 0x4) 10:59:58 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) sendto(r0, &(0x7f0000000240)="1a", 0x1, 0x0, &(0x7f0000000340)=@isdn={0x22, 0x8, 0x0, 0x8}, 0x80) [ 142.847777][ T4152] ================================================================== [ 142.857038][ T4152] BUG: KASAN: use-after-free in __kernfs_remove+0xa09/0xb50 [ 142.865525][ T4152] Read of size 2 at addr ffff8880674bc268 by task syz-executor.0/4152 [ 142.876868][ T4152] [ 142.879265][ T4152] CPU: 1 PID: 4152 Comm: syz-executor.0 Not tainted 6.0.0-syzkaller-05118-g833477fce7a1 #0 [ 142.891164][ T4152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 142.898971][ T4152] Call Trace: 10:59:58 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net\x00') r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/softnet_stat\x00') dup3(r0, r1, 0x0) mknodat$null(r1, &(0x7f0000000540)='./file0\x00', 0x0, 0x103) [ 142.902934][ T4152] [ 142.905802][ T4152] dump_stack_lvl+0xcd/0x134 [ 142.909828][ T4152] print_report.cold+0x2ba/0x719 [ 142.914578][ T4152] ? __kernfs_remove+0xa09/0xb50 [ 142.919124][ T4152] kasan_report+0xb1/0x1e0 [ 142.922783][ T4152] ? __kernfs_remove+0xa09/0xb50 [ 142.926805][ T4152] __kernfs_remove+0xa09/0xb50 [ 142.931171][ T4152] ? kernfs_next_descendant_post+0x2f0/0x2f0 [ 142.935758][ T4152] ? kernfs_name_hash+0xf1/0x120 [ 142.939837][ T4152] kernfs_remove_by_name_ns+0xa8/0x110 [ 142.944257][ T4152] sysfs_slab_add+0x14b/0x200 [ 142.948026][ T4152] __kmem_cache_create+0x514/0x690 [ 142.951860][ T4152] kmem_cache_create_usercopy+0x1f9/0x300 [ 142.956152][ T4152] p9_client_create+0xca5/0x1070 [ 142.959984][ T4152] ? p9_client_rpc+0xce0/0xce0 [ 142.963976][ T4152] ? lockdep_init_map_type+0x21a/0x7f0 [ 142.968321][ T4152] ? rcu_read_lock_sched_held+0x3a/0x70 [ 142.972303][ T4152] ? __raw_spin_lock_init+0x36/0x110 [ 142.976252][ T4152] v9fs_session_init+0x1e2/0x1810 [ 142.980370][ T4152] ? find_held_lock+0x2d/0x110 [ 142.984436][ T4152] ? v9fs_show_options+0x780/0x780 [ 142.989000][ T4152] ? rcu_read_lock_sched_held+0x3a/0x70 [ 142.994407][ T4152] ? trace_kmalloc+0x32/0x100 [ 142.998527][ T4152] v9fs_mount+0xba/0xc90 [ 143.002144][ T4152] ? v9fs_statfs+0x4d0/0x4d0 [ 143.006364][ T4152] ? apparmor_capable+0x1d8/0x460 [ 143.010555][ T4152] ? v9fs_statfs+0x4d0/0x4d0 [ 143.014129][ T4152] legacy_get_tree+0x105/0x220 [ 143.017770][ T4152] vfs_get_tree+0x89/0x2f0 [ 143.021101][ T4152] path_mount+0x1326/0x1e20 [ 143.024785][ T4152] ? kmem_cache_free+0xeb/0x5b0 [ 143.028650][ T4152] ? finish_automount+0x960/0x960 [ 143.032799][ T4152] ? putname+0xfe/0x140 [ 143.036211][ T4152] __ia32_sys_mount+0x27e/0x300 [ 143.039909][ T4152] ? __x64_sys_mount+0x300/0x300 [ 143.043918][ T4152] ? syscall_enter_from_user_mode_prepare+0x19/0x80 [ 143.049029][ T4152] ? syscall_enter_from_user_mode_prepare+0x19/0x80 [ 143.053684][ T4152] __do_fast_syscall_32+0x65/0xf0 [ 143.057690][ T4152] do_fast_syscall_32+0x2f/0x70 [ 143.061572][ T4152] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 143.066835][ T4152] RIP: 0023:0xf7f6e549 [ 143.070054][ T4152] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 143.086888][ T4152] RSP: 002b:00000000f7f695cc EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 143.093579][ T4152] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000200 [ 143.099663][ T4152] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000020000580 [ 143.106125][ T4152] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 143.112898][ T4152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 143.119050][ T4152] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 143.125279][ T4152] [ 143.127801][ T4152] [ 143.129689][ T4152] Allocated by task 4146: [ 143.133078][ T4152] kasan_save_stack+0x1e/0x40 [ 143.136624][ T4152] __kasan_slab_alloc+0x90/0xc0 [ 143.140566][ T4152] kmem_cache_alloc+0x267/0x3b0 [ 143.144234][ T4152] __kernfs_new_node+0xd4/0x8b0 [ 143.147963][ T4152] kernfs_create_dir_ns+0x9c/0x220 [ 143.152169][ T4152] sysfs_create_dir_ns+0x127/0x290 [ 143.156210][ T4152] kobject_add_internal+0x2c9/0x8f0 [ 143.160731][ T4152] kobject_init_and_add+0x101/0x160 [ 143.165127][ T4152] sysfs_slab_add+0x16e/0x200 [ 143.168724][ T4152] __kmem_cache_create+0x514/0x690 [ 143.172582][ T4152] kmem_cache_create_usercopy+0x1f9/0x300 [ 143.176934][ T4152] p9_client_create+0xca5/0x1070 [ 143.180659][ T4152] v9fs_session_init+0x1e2/0x1810 [ 143.184743][ T4152] v9fs_mount+0xba/0xc90 [ 143.188090][ T4152] legacy_get_tree+0x105/0x220 [ 143.192025][ T4152] vfs_get_tree+0x89/0x2f0 [ 143.195649][ T4152] path_mount+0x1326/0x1e20 [ 143.199474][ T4152] __ia32_sys_mount+0x27e/0x300 [ 143.203257][ T4152] __do_fast_syscall_32+0x65/0xf0 [ 143.207206][ T4152] do_fast_syscall_32+0x2f/0x70 [ 143.211346][ T4152] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 143.216935][ T4152] [ 143.219019][ T4152] Freed by task 4152: [ 143.222171][ T4152] kasan_save_stack+0x1e/0x40 [ 143.225426][ T4152] kasan_set_track+0x21/0x30 [ 143.230291][ T4152] kasan_set_free_info+0x20/0x30 [ 143.234310][ T4152] ____kasan_slab_free+0x166/0x1c0 [ 143.238533][ T4152] slab_free_freelist_hook+0x8b/0x1c0 [ 143.242817][ T4152] kmem_cache_free+0xeb/0x5b0 [ 143.247956][ T4152] kernfs_put.part.0+0x2c4/0x540 [ 143.252216][ T4152] kernfs_put+0x42/0x50 [ 143.255562][ T4152] __kernfs_remove+0x7a6/0xb50 [ 143.259426][ T4152] kernfs_remove_by_name_ns+0xa8/0x110 [ 143.263771][ T4152] sysfs_slab_add+0x14b/0x200 [ 143.267457][ T4152] __kmem_cache_create+0x514/0x690 [ 143.271075][ T4152] kmem_cache_create_usercopy+0x1f9/0x300 [ 143.274927][ T4152] p9_client_create+0xca5/0x1070 [ 143.279019][ T4152] v9fs_session_init+0x1e2/0x1810 [ 143.282945][ T4152] v9fs_mount+0xba/0xc90 [ 143.286178][ T4152] legacy_get_tree+0x105/0x220 [ 143.290458][ T4152] vfs_get_tree+0x89/0x2f0 [ 143.294784][ T4152] path_mount+0x1326/0x1e20 [ 143.298996][ T4152] __ia32_sys_mount+0x27e/0x300 [ 143.302985][ T4152] __do_fast_syscall_32+0x65/0xf0 [ 143.306236][ T4152] do_fast_syscall_32+0x2f/0x70 [ 143.309231][ T4152] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 143.313764][ T4152] [ 143.315354][ T4152] The buggy address belongs to the object at ffff8880674bc1d0 [ 143.315354][ T4152] which belongs to the cache kernfs_node_cache of size 168 [ 143.324912][ T4152] The buggy address is located 152 bytes inside of [ 143.324912][ T4152] 168-byte region [ffff8880674bc1d0, ffff8880674bc278) [ 143.336599][ T4152] [ 143.338010][ T4152] The buggy address belongs to the physical page: [ 143.343146][ T4152] page:ffffea00019d2f00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x674bc [ 143.351426][ T4152] flags: 0x4fff00000000200(slab|node=1|zone=1|lastcpupid=0x7ff) [ 143.357444][ T4152] raw: 04fff00000000200 0000000000000000 dead000000000122 ffff888040043680 [ 143.364284][ T4152] raw: 0000000000000000 0000000000110011 00000001ffffffff 0000000000000000 [ 143.371697][ T4152] page dumped because: kasan: bad access detected [ 143.376129][ T4152] page_owner tracks the page as allocated [ 143.379871][ T4152] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 3900, tgid 3899 (syz-executor.3), ts 133578337793, free_ts 130820464732 [ 143.392309][ T4152] get_page_from_freelist+0x109b/0x2ce0 [ 143.395560][ T4152] __alloc_pages+0x1c7/0x510 [ 143.398189][ T4152] alloc_pages+0x1a6/0x270 [ 143.400914][ T4152] allocate_slab+0x27e/0x3d0 [ 143.404297][ T4152] ___slab_alloc+0x84f/0xe80 [ 143.407777][ T4152] __slab_alloc.constprop.0+0x4d/0xa0 [ 143.412030][ T4152] kmem_cache_alloc+0x38c/0x3b0 [ 143.415929][ T4152] __kernfs_new_node+0xd4/0x8b0 [ 143.419753][ T4152] kernfs_new_node+0x93/0x120 [ 143.423523][ T4152] __kernfs_create_file+0x51/0x350 [ 143.428096][ T4152] sysfs_add_file_mode_ns+0x20f/0x3f0 [ 143.432362][ T4152] internal_create_group+0x322/0xb10 [ 143.436139][ T4152] netdev_queue_update_kobjects+0x3aa/0x4e0 [ 143.440450][ T4152] netdev_register_kobject+0x330/0x400 [ 143.444433][ T4152] register_netdevice+0xd95/0x1670 [ 143.448400][ T4152] __ip_tunnel_create+0x398/0x570 [ 143.452926][ T4152] page last free stack trace: [ 143.456566][ T4152] free_pcp_prepare+0x5e4/0xd20 [ 143.460439][ T4152] free_unref_page+0x19/0x4d0 [ 143.464280][ T4152] __folio_put+0xc1/0x130 [ 143.467847][ T4152] free_page_and_swap_cache+0x253/0x2c0 [ 143.473622][ T4152] tlb_remove_table_rcu+0x85/0xe0 [ 143.477162][ T4152] rcu_core+0x7b5/0x1890 [ 143.479847][ T4152] __do_softirq+0x1d0/0x9c8 [ 143.482603][ T4152] [ 143.484586][ T4152] Memory state around the buggy address: [ 143.489053][ T4152] ffff8880674bc100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 143.495324][ T4152] ffff8880674bc180: fb fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb [ 143.501369][ T4152] >ffff8880674bc200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc [ 143.507457][ T4152] ^ [ 143.512839][ T4152] ffff8880674bc280: fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb fb [ 143.519072][ T4152] ffff8880674bc300: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 143.524845][ T4152] ================================================================== [ 143.537948][ T4152] Kernel panic - not syncing: panic_on_warn set ... [ 143.543209][ T4152] CPU: 1 PID: 4152 Comm: syz-executor.0 Not tainted 6.0.0-syzkaller-05118-g833477fce7a1 #0 [ 143.549873][ T4152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 143.556460][ T4152] Call Trace: [ 143.558667][ T4152] [ 143.561037][ T4152] dump_stack_lvl+0xcd/0x134 [ 143.564518][ T4152] panic+0x2c8/0x627 [ 143.567109][ T4152] ? panic_print_sys_info.part.0+0x10b/0x10b [ 143.571402][ T4152] ? preempt_schedule_common+0x59/0xc0 [ 143.575451][ T4152] ? preempt_schedule_thunk+0x16/0x18 [ 143.579758][ T4152] ? __kernfs_remove+0xa09/0xb50 [ 143.583531][ T4152] end_report.part.0+0x3f/0x7c [ 143.587146][ T4152] kasan_report.cold+0xa/0xf [ 143.589815][ T4152] ? __kernfs_remove+0xa09/0xb50 [ 143.593928][ T4152] __kernfs_remove+0xa09/0xb50 [ 143.598175][ T4152] ? kernfs_next_descendant_post+0x2f0/0x2f0 [ 143.602755][ T4152] ? kernfs_name_hash+0xf1/0x120 [ 143.606676][ T4152] kernfs_remove_by_name_ns+0xa8/0x110 [ 143.610304][ T4152] sysfs_slab_add+0x14b/0x200 [ 143.612988][ T4152] __kmem_cache_create+0x514/0x690 [ 143.616591][ T4152] kmem_cache_create_usercopy+0x1f9/0x300 [ 143.621647][ T4152] p9_client_create+0xca5/0x1070 [ 143.625648][ T4152] ? p9_client_rpc+0xce0/0xce0 [ 143.628907][ T4152] ? lockdep_init_map_type+0x21a/0x7f0 [ 143.632280][ T4152] ? rcu_read_lock_sched_held+0x3a/0x70 [ 143.635800][ T4152] ? __raw_spin_lock_init+0x36/0x110 [ 143.639327][ T4152] v9fs_session_init+0x1e2/0x1810 [ 143.643227][ T4152] ? find_held_lock+0x2d/0x110 [ 143.646332][ T4152] ? v9fs_show_options+0x780/0x780 [ 143.650109][ T4152] ? rcu_read_lock_sched_held+0x3a/0x70 [ 143.654569][ T4152] ? trace_kmalloc+0x32/0x100 [ 143.658083][ T4152] v9fs_mount+0xba/0xc90 [ 143.661507][ T4152] ? v9fs_statfs+0x4d0/0x4d0 [ 143.665392][ T4152] ? apparmor_capable+0x1d8/0x460 [ 143.668924][ T4152] ? v9fs_statfs+0x4d0/0x4d0 [ 143.672098][ T4152] legacy_get_tree+0x105/0x220 [ 143.675223][ T4152] vfs_get_tree+0x89/0x2f0 [ 143.678955][ T4152] path_mount+0x1326/0x1e20 [ 143.682580][ T4152] ? kmem_cache_free+0xeb/0x5b0 [ 143.685964][ T4152] ? finish_automount+0x960/0x960 [ 143.689305][ T4152] ? putname+0xfe/0x140 [ 143.701757][ T4152] __ia32_sys_mount+0x27e/0x300 [ 143.706091][ T4152] ? __x64_sys_mount+0x300/0x300 [ 143.710444][ T4152] ? syscall_enter_from_user_mode_prepare+0x19/0x80 [ 143.714724][ T4152] ? syscall_enter_from_user_mode_prepare+0x19/0x80 [ 143.719337][ T4152] __do_fast_syscall_32+0x65/0xf0 [ 143.723647][ T4152] do_fast_syscall_32+0x2f/0x70 [ 143.726993][ T4152] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 143.731100][ T4152] RIP: 0023:0xf7f6e549 [ 143.733442][ T4152] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 143.745925][ T4152] RSP: 002b:00000000f7f695cc EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 143.752517][ T4152] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000200 [ 143.758210][ T4152] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000020000580 [ 143.763940][ T4152] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 143.769978][ T4152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 143.775475][ T4152] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 143.780915][ T4152] [ 143.784473][ T4152] Kernel Offset: disabled [ 143.787789][ T4152] Rebooting in 86400 seconds.. VM DIAGNOSIS: 10:59:58 Registers: info registers vcpu 0 RAX=0000000000086129 RBX=ffffffff8bcbc980 RCX=ffffffff898407e5 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffffff8bc07e18 R8 =0000000000000001 R9 =ffff88802c834c4b R10=ffffed1005906989 R11=0000000000000001 R12=fffffbfff1797930 R13=0000000000000000 R14=ffffffff8de04410 R15=0000000000000000 RIP=ffffffff89870b3b RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c800000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000057f23404 CR3=0000000063a34000 CR4=00150ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=5581dc05d64ed42faba10764f5d009b6 XMM01=00000000000000000000000000000000 XMM02=0000000000000000414fffffe0000000 XMM03=32322035312e322e302e303120303230 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff846255e1 RDI=ffffffff914a5ca0 RBP=ffffffff914a5c60 RSP=ffffc90027cdf1e0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=6234373630386552 R12=0000000000000000 R13=0000000000000020 R14=ffffffff84625580 R15=0000000000000000 RIP=ffffffff8462560b RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c900000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000032f23000 CR3=0000000069cb5000 CR4=00150ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=000000000000000000000000000001a4 XMM01=87eb8b05343e9da588a3dc0d914818a7 XMM02=d3bcf447ecf925e5288a69c2faf3928f XMM03=39bf1ef1f6b20b16804932ccb72e505a XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=0d0c0f0e09080b0a0504070601000302 XMM07=0e0d0c0f0a09080b0605040702010003 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 2 RAX=00000000000680e5 RBX=ffff8880120f1d80 RCX=ffffffff898407e5 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000002 RSP=ffffc9000047fe00 R8 =0000000000000001 R9 =ffff88802ca34c4b R10=ffffed1005946989 R11=0000000000000001 R12=ffffed100241e3b0 R13=0000000000000002 R14=ffffffff8de04410 R15=0000000000000000 RIP=ffffffff89870b3b RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802ca00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f6f7c054 CR3=0000000065245000 CR4=00150ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=0f02000afd6d06404000b3d600e02045 XMM02=2486646c2f961b4dc57e9649d5d78502 XMM03=5d649a80b8434f9986aad6aecb405e19 XMM04=204500085734120054520202000a5552 XMM05=eab7d916adec2b564d908e009a5eb466 XMM06=fb63cf00babf208662284208db821b13 XMM07=1cc844ff0a72c39465dd7fd9245cd55f XMM08=550be6fd667cef209a46b08de35158a3 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 3 RAX=000000000011f2b7 RBX=ffff8880120f3b00 RCX=ffffffff898407e5 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000003 RSP=ffffc9000048fe00 R8 =0000000000000001 R9 =ffff88802cb34c4b R10=ffffed1005966989 R11=0000000000000001 R12=ffffed100241e760 R13=0000000000000003 R14=ffffffff8de04410 R15=0000000000000000 RIP=ffffffff89870b3b RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cb00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7f78f58 CR3=000000006388c000 CR4=00150ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000020000 XMM01=00007f20281905e0000055bb846f5fa0 XMM02=00000000febc00000000000000000000 XMM03=00007f20cb0ffd6b0000000000000000 XMM04=0f02000a0202000a0000000000000000 XMM05=00000000000000000000000000000600 XMM06=14000000000000000000000000000000 XMM07=00000050000000000000000016000ca8 XMM08=1699088520518ccd03f056f6830d75e8 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000