last executing test programs: 5.226063215s ago: executing program 3 (id=191): syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000840)={0x44, &(0x7f0000000200)={0x20, 0x30, 0xc, "3ba80704f90c6441cba3b642"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b705000008"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x98f0a000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000680)='./bus\x00', 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x20001400) ioctl$TUNSETOFFLOAD(r3, 0x8004745a, 0x2000000c) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_pressure(r4, &(0x7f0000000040)='cpu.pressure\x00', 0x2, 0x0) write$cgroup_pressure(r5, &(0x7f0000000080)={'full', 0x20, 0xfffffffffffffffc, 0x20, 0x100000007}, 0x9) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) bind$inet6(r6, 0x0, 0x0) syz_open_dev$hidraw(&(0x7f0000002300), 0x1, 0x14a042) pipe2(&(0x7f0000000200)={0x0, 0x0}, 0x0) r7 = syz_io_uring_setup(0x237, &(0x7f0000000300)={0x0, 0x200000, 0x10100, 0x3}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r7, 0x2def, 0x4000, 0x0, 0x0, 0x0) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) 3.770840946s ago: executing program 2 (id=205): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = dup(r3) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000b7000040"]) r5 = dup(r0) write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c) r6 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x200000, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f0000000080)=0x0) r9 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r9, &(0x7f0000019680)=""/102392, 0x18ff8) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) mremap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000003000/0x2000)=nil) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x8) syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x12, 0x0, @fd_index=0x3}) setreuid(0xee01, 0x0) io_uring_enter(r6, 0x2def, 0x4000, 0x0, 0x0, 0x0) r10 = socket$tipc(0x1e, 0x5, 0x0) ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0x5202}, {r10, 0x8180}, {0xffffffffffffffff, 0x80}], 0x3, 0x0, 0x0, 0x0) 3.600470572s ago: executing program 3 (id=206): syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2a, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0xfffffffffffffe46, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = socket(0x1e, 0x1, 0x0) getsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, 0x0, &(0x7f0000000080)) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x100, 0x0, 0x0, 0x4) setsockopt$pppl2tp_PPPOL2TP_SO_RECVSEQ(0xffffffffffffffff, 0x6a, 0x3, 0x20000000, 0x4) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x169802, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r4) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0xc0) getdents(r5, 0x0, 0x0) getdents(r5, &(0x7f00000000c0)=""/201, 0xc9) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x20) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x670, 0x5, 0x328, 0x1e8, 0xa8, 0xfeffffff, 0xa8, 0xa8, 0x290, 0x290, 0xffffffff, 0x290, 0x290, 0x5, 0x0, {[{{@ip={@broadcast, @remote, 0x0, 0x0, 'geneve1\x00', 'geneve0\x00'}, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @port, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x0, 0x7}}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x1e8}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @local, @local, @gre_key, @gre_key}}}}, {{@ip={@private, @local, 0x0, 0x0, 'veth1_virt_wifi\x00', 'pim6reg0\x00', {}, {}, 0x88}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @local, @loopback, @port, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x388) 2.900461073s ago: executing program 1 (id=213): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0xce1, 0x0, 0x0, 0x0) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0) ioctl$SOUND_MIXER_READ_RECSRC(r3, 0x80044dff, &(0x7f00000001c0)) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) ioctl$KVM_SET_DEBUGREGS(r1, 0x4080aea2, &(0x7f0000000080)={[0xdddd1000, 0xeeee0000, 0x80a0000, 0x8000000], 0x4, 0x24, 0x9}) accept4(r4, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000200)="ad0000000000", 0x6) r5 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syz_tun\x00'}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0xb, 0x0, &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$kcm(0x10, 0x2, 0x0) r6 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f0000000140)={0x8000, 0x1, 0x4}) ioctl$vim2m_VIDIOC_STREAMOFF(r6, 0x40045612, &(0x7f0000000040)=0x1) ioctl$vim2m_VIDIOC_STREAMOFF(r6, 0x40045612, &(0x7f00000012c0)=0x2) ioctl$vim2m_VIDIOC_QBUF(r6, 0xc044560f, &(0x7f00000001c0)=@mmap={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2063569a"}}) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000001c0)={0x14, r8, 0x1}, 0x14}}, 0x0) sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000001000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000032140000000c0a0108000000000000000001000000140000001000010000000000000000000000000a"], 0x98}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0xf4, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 2.770759814s ago: executing program 2 (id=214): syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000840)={0x44, &(0x7f0000000200)={0x20, 0x30, 0xc, "3ba80704f90c6441cba3b642"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b705000008"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x98f0a000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000680)='./bus\x00', 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x20001400) ioctl$TUNSETOFFLOAD(r3, 0x8004745a, 0x2000000c) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_pressure(r4, &(0x7f0000000040)='cpu.pressure\x00', 0x2, 0x0) write$cgroup_pressure(r5, &(0x7f0000000080)={'full', 0x20, 0xfffffffffffffffc, 0x20, 0x100000007}, 0x9) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) bind$inet6(r6, 0x0, 0x0) syz_open_dev$hidraw(&(0x7f0000002300), 0x1, 0x14a042) pipe2(&(0x7f0000000200)={0x0, 0x0}, 0x0) r7 = syz_io_uring_setup(0x237, &(0x7f0000000300)={0x0, 0x200000, 0x10100, 0x3}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r7, 0x2def, 0x4000, 0x0, 0x0, 0x0) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) 2.720289075s ago: executing program 3 (id=215): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getsockname(r0, 0x0, &(0x7f0000000240)) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x13, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffc, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r1 = getpid() r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040), 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="090000000600000004000000fc07"], 0x48) 2.290881614s ago: executing program 1 (id=216): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='io.stat\x00', 0x26e1, 0x0) close(r0) socket$packet(0x11, 0x3, 0x300) ioctl$SIOCSIFHWADDR(r0, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @random="020000202000"}) 2.290583392s ago: executing program 1 (id=217): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_setup(0x239, 0x0, &(0x7f00000002c0)=0x0, 0x0) syz_io_uring_submit(r2, 0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040804}, 0x2000) io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) close(r5) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r5, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\\\x00\x00 \x00('}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r6 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg(r6, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000080)="115ac84fe221236f72665f7099b5298bcf24179fb268351158cdaafd588beacce1112e57d904f64066cd64834b8db0a8cd68663183d1d2b66c4a6e7ffe2f1659197b0f42617c1deef27e6118a89dd81ad7ce9ae1e2e95d48479cf073f29f22cf1dd8507927bb29033e1a61fa47db38c9530192275521e5e354dff1c20f83820d66", 0x81}, {&(0x7f0000000140)="3ba3f99de1c528d8732d52629f7d1eebe0fb662a70166e56", 0x18}, {&(0x7f00000001c0)="861cfc25c0a449fca28335538fbdc42ee4aef55c378264c207756e44bda51d79d8c1f335b3c388bb8512f54d8093872773b6b5bc358020378e650344a3963f6615cbe331f0b967caa4a1e267408668efc022d14cf6a324a68099dd8bccb23a61c3482b9e48f1f90bc48286094a768e829f527faeebc00577c9304a3ba596e580720a4c4bf781139999ceb83aa08df9ec8e23ac3e8348b2fa118b031c0b627b0f27d74ae3c29de1f72f294fc96aa706332e676c4bca359a65665f0323afc9d40f2c6fee1f4a33c2929cb1b997e8209f5323ff", 0xd2}, {0x0}, {&(0x7f0000000380)="6a1dec8c0e5a3fd1d01e44e73bd24cb9a49fdd767e9500f0726325c25cd228e1b155035960c45025190fe07d91cf011502913f", 0x33}, {&(0x7f00000003c0)="bad9b017c0afc0a413d0a81dcb71b76444bfdb0fab4c1bfc02c4b47864b50ef5f3782f9c1e988508c7ecb351d3ce2f5e68b25381f3021aabfa14b338407fb05e60c0c62b633e6e0eec346184aa4034df4c9e5b9aeeb83064f5d888d4dbc47056164f8adbbe31940aff1b888ef3d3e074c295a5007718ddbfea279b8678f94ef72c27f64b", 0x84}, {&(0x7f0000000480)="114bbe61956eaf7c86b038cf2f85cfe556bb54a90b1730e82b70a47dde90540a3dca6d9e27c475ea7ed4f590ca6235b1002ebdad2467e498806117398d86a587fc8d1af04c0c8952621310f2f62a08f7421e34b57883b1df9d510342e85ae7e1d8b411e17d130ac8e0357e0e5d43202886433f500777fc2be7e14c4bdab42a7933533668924f03d67032af36e8992471c81a821565c2e8eb902537f58ed33407a10ef712340cecdd82aba835651c3fcf136ecb3156e7123445294ce3433b5accbe4cdc7bf4bea86e7080320dbdce88e5eea8cac02d36e5a2f827783ca38ce8c4f4e77ce2d24b6a470fa895fe769bc3a85e3a49572e25d854527e0ee09d81", 0xfe}, {&(0x7f0000000580)="8ea3613c1371e6dc1ad9667a94d21a0f9c4eda6cf8e9bfa45efb1c91cd67c7147f0b1e13b31e631692ddf048132bba719dce904ef0998416eec314dbfd24c74db1e85496440738bb7f6cd18b2713a4b8ad7bbb376361b6b95f8c28776d01c51cd4d0326a506cc007fe42a119917f09b09ec1ff88ccb0", 0x76}, {&(0x7f0000000600)}], 0x9, &(0x7f0000000740)=ANY=[@ANYBLOB="6c00000000000000240000008d265d8322d10e46ab93c38cf3dbe4b2754d6ecd9093fe64e375b7f1ab2524f0760e1029e6dfe867f22ebbae47535781707edb4a9a389730ac7b21326e9cbdd41e3ce8c4fdb62ed1c9a581fbddcfd08b04bebcf141e7fe989e31f81a7b0100"/120], 0x78}, 0x81) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3) connect$inet6(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r8, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000b00)=[@rights={{0x10, 0x1, 0x1, [r7]}}], 0x10, 0x1}, 0x40) recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mlock2(&(0x7f0000018000/0x2000)=nil, 0x2000, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 1.790850884s ago: executing program 3 (id=219): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f0000000680)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x5, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240), 0x2149a2, 0x0) write$dsp(r3, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) ioctl$NBD_SET_TIMEOUT(r5, 0xab09, 0x5) r6 = socket$key(0xf, 0x3, 0x2) recvfrom$packet(r6, 0x0, 0x0, 0x1, 0x0, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x1) accept4$x25(0xffffffffffffffff, &(0x7f0000000000)={0x9, @remote}, 0x0, 0x800) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x3, 0x3bc, 0x1ac, 0x111, 0x4b4, 0x0, 0xd4feffff, 0x2f4, 0x20a, 0x278, 0x2f4, 0x278, 0x3, 0x0, {[{{@uncond, 0x0, 0x188, 0x1ac, 0x0, {}, [@inet=@rpfilter={{0x24}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "6d93eb04697dfa39de04767f46614613a407abbf4ed2e83a63b484dbb3bf6b2a850e79009e2905d2f98ba19f91f3c9faee6d3686e9bee067f4e77d9ad66238750c4100d7ee97ec7646259d90edece6e9787a97bc956c01754c34c5c9518c46178ed5f9194454980e579c80eca35a58dc47d1d5e4ff6e216c724e88c702448587", 0x1}}]}, @common=@inet=@TCPMSS={0x24}}, {{@ipv6={@loopback, @private1, [], [], 'veth1_to_hsr\x00', 'veth0_virt_wifi\x00'}, 0x0, 0xe0, 0x148, 0x0, {}, [@common=@unspec=@limit={{0x3c}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x418) r8 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$apparmor_current(r8, &(0x7f00000002c0)=ANY=[], 0x17) setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000000c0)='yeah\x00', 0x5) connect$inet6(r4, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) write$binfmt_script(r4, &(0x7f0000000200), 0xfffffd9d) 1.629205066s ago: executing program 0 (id=221): io_setup(0x81, &(0x7f0000001440)=0x0) r1 = syz_genetlink_get_family_id$nfc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NFC_CMD_GET_SE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r1, 0x200, 0x70bd2c, 0x25dfdbfb, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x44000) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r2, 0x107, 0x18, &(0x7f0000000100)=0xc, 0x4) r3 = socket(0x1, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendto$packet(r2, &(0x7f00000001c0)="ff008400e01980000200977635e4e79cd34c0000000800890800348157b1115c4f94454c0600e5c16c92063d5dae253089f3419235f1a43c89962cc88d125ebe9ac8ed6f12a4beb57268b178e40c596607a0eab9d4c45506422da1bb64dc8a7879a155bf33a13de86e58347d96eb4ea1ee0ac55d3ed9cf861e20d60e6893fe61681e5a9d1056a39f6db6573f58e9c2e1", 0x90, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f00000000c0)={{0xeb9f, 0x2, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}, {0x2}}, 0x0, 0x1a, 0x0, 0x2, 0x0, 0x0, @void, @value}, 0x28) mount$binder(0x0, &(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000240)={[{@stats}]}) r5 = syz_io_uring_setup(0x2af8, &(0x7f0000000380)={0x0, 0x0, 0x13090}, &(0x7f0000000340), &(0x7f0000000080)) io_submit(r0, 0x1, &(0x7f00000008c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0x0, r5, 0x0}]) io_uring_enter(r5, 0x14e2, 0x27b7, 0x69, 0x0, 0x0) io_setup(0x81, &(0x7f0000001440)) (async) syz_genetlink_get_family_id$nfc(&(0x7f00000000c0), 0xffffffffffffffff) (async) sendmsg$NFC_CMD_GET_SE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r1, 0x200, 0x70bd2c, 0x25dfdbfb, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x44000) (async) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_int(r2, 0x107, 0x18, &(0x7f0000000100)=0xc, 0x4) (async) socket(0x1, 0x803, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'batadv0\x00'}) (async) sendto$packet(r2, &(0x7f00000001c0)="ff008400e01980000200977635e4e79cd34c0000000800890800348157b1115c4f94454c0600e5c16c92063d5dae253089f3419235f1a43c89962cc88d125ebe9ac8ed6f12a4beb57268b178e40c596607a0eab9d4c45506422da1bb64dc8a7879a155bf33a13de86e58347d96eb4ea1ee0ac55d3ed9cf861e20d60e6893fe61681e5a9d1056a39f6db6573f58e9c2e1", 0x90, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f00000000c0)={{0xeb9f, 0x2, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}, {0x2}}, 0x0, 0x1a, 0x0, 0x2, 0x0, 0x0, @void, @value}, 0x28) (async) mount$binder(0x0, &(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000240)={[{@stats}]}) (async) syz_io_uring_setup(0x2af8, &(0x7f0000000380)={0x0, 0x0, 0x13090}, &(0x7f0000000340), &(0x7f0000000080)) (async) io_submit(r0, 0x1, &(0x7f00000008c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0x0, r5, 0x0}]) (async) io_uring_enter(r5, 0x14e2, 0x27b7, 0x69, 0x0, 0x0) (async) 1.410708669s ago: executing program 0 (id=222): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$alg(0x26, 0x5, 0x0) sched_setattr(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141121) r1 = dup(r0) write$6lowpan_enable(r1, 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000780)=@raw={'raw\x00', 0x8, 0x3, 0x2b4, 0x150, 0xffffffff, 0xffffffff, 0x150, 0xffffffff, 0x220, 0xffffffff, 0xffffffff, 0x220, 0xffffffff, 0x7fffffe, 0x0, {[{{@uncond, 0x6, 0x130, 0x220, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "00000100cbd047da9ca965f96ad5801f0514d363ee84bb895919d9490f6785fba3c4a44f1e25ecefef2a2d6054f5260ece5ce1a56a5ef73be11d65bfe8c37674024c183ebacdf741cea92ded3a9ca54de15dd9ec8ef62f9e000000000000000000ffffff7f00", 0x7d, 0x2}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x310) 1.410448514s ago: executing program 0 (id=223): sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='00'], 0x30}, 0x1, 0x0, 0x0, 0x18004}, 0x0) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000800000001a000000280022800400148004000080040000808341f1680200008014000080040000800400008004000080060021"], 0x44}}, 0x0) 1.320529136s ago: executing program 2 (id=224): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0xce1, 0x0, 0x0, 0x0) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0) ioctl$SOUND_MIXER_READ_RECSRC(r3, 0x80044dff, &(0x7f00000001c0)) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) ioctl$KVM_SET_DEBUGREGS(r1, 0x4080aea2, &(0x7f0000000080)={[0xdddd1000, 0xeeee0000, 0x80a0000, 0x8000000], 0x4, 0x24, 0x9}) accept4(r4, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000200)="ad0000000000", 0x6) r5 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syz_tun\x00'}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0xb, 0x0, &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$kcm(0x10, 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x8, 0x2, 0x1}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000140)={0x8000, 0x1, 0x4}) ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000040)=0x1) ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f00000012c0)=0x2) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc044560f, &(0x7f00000001c0)=@mmap={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2063569a"}}) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000001c0)={0x14, r7, 0x1}, 0x14}}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000001000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000032140000000c0a0108000000000000000001000000140000001000010000000000000000000000000a"], 0x98}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0xf4, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 1.320141696s ago: executing program 0 (id=225): capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000100)) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) pipe(&(0x7f0000001240)={0xffffffffffffffff, 0xffffffffffffffff}) sendfile(r2, r1, 0x0, 0x2) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x88c0) close(0x4) r3 = syz_io_uring_setup(0x10d, &(0x7f00000003c0)={0x0, 0xfffffffe}, &(0x7f0000000380)=0x0, &(0x7f0000000280)=0x0) syz_emit_ethernet(0x32, &(0x7f0000000040)={@multicast, @local, @val={@val={0x88a8, 0x3, 0x0, 0x1}, {0x8100, 0x4, 0x1}}, {@generic={0x6004, "cd50aa1786b0be5c874a833e1cb21847a702316ed420a418974894e9"}}}, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_WRITE_FIXED={0x5, 0x2, 0x4007, @fd_index=0x4, 0x8, 0x2, 0x100ffff, 0x21, 0x0, {0x1}}) ioperm(0x6, 0xa875, 0x10000005) r6 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$unix(r7, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x2000) io_uring_enter(r3, 0x3f70, 0x0, 0x0, 0x0, 0x0) 1.080746572s ago: executing program 2 (id=226): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWRULE={0x20, 0x6, 0xa, 0x409, 0x0, 0x34000000, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x48}}, 0x0) 1.080464307s ago: executing program 2 (id=227): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getsockname(r0, 0x0, &(0x7f0000000240)) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x13, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffc, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r1 = getpid() r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040), 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="090000000600000004000000fc07"], 0x48) 950.423158ms ago: executing program 1 (id=228): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x2, 0x0, @private0}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000001600)=[{{0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f00000002c0)=';', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000140)='R', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000004c0)="a0", 0x1}], 0x1}}], 0x3, 0x10) syz_usb_disconnect(0xffffffffffffffff) r1 = creat(0x0, 0x0) sendmsg$ETHTOOL_MSG_WOL_SET(r1, 0x0, 0x24008040) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x800000000, 0xf, &(0x7f0000006680)) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)=@getlink={0x28, 0x12, 0x8, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0xc22c, 0x2}, [@IFLA_MTU={0x0, 0x4, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x4000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x10) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) set_robust_list(0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000100), 0x24, 0x0) chmod(&(0x7f0000000180)='./file0\x00', 0x23f) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8b19, &(0x7f0000000080)={'wlan1\x00', @random="020000002401"}) shutdown(r0, 0x2) iopl(0x3) poll(0x0, 0x0, 0x3) 848.030231ms ago: executing program 3 (id=229): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount$9p_virtio(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x190, &(0x7f0000000200)=ANY=[@ANYBLOB="7472616e733d76697274696f2c616e616d653d39300000000e00000000004bb51adf0000002c00"]) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_tcp(0xa, 0x1, 0x0) (async) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) (async) close(r1) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x40400, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="84010000030100000000000000000000140000010800074000001000cc00028006000340000100000c000280050001002f00005f62ca002ad73c2f66d1b99a002c00018014000300fc01000000000000000000000000000014000400fc0100000000000000000000000000010c000280050001008400000006000340000200001400018008000100ffffffff080002007f0000012c00018014000300fc00000000000000000000000000000114000400fe80000037be278b00000000000000bb2c00018014000300fe8000000000000000000000000000bb14000400fe80000000000000000000000000002c060003400002000034001080080001400300000008000140000007ff0800024000000004080001400000000308000140000007ce08000240000080003400198008000200c2000000fb080001001507000008000200c000000008000100500200000800020050000000080001002009000034000f800800024000000001080002400000000d08000340000000000800034000000005080002"], 0x184}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000040)="410f3266ba2100edc4a1a8594554d867060fc79a0e0000002e994a0fc76b7fe22ef3e735f22667f4", 0x28}], 0x1, 0x30, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x13) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r4, 0x4068aea3, &(0x7f00000000c0)={0xbe, 0x0, 0x1}) ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x1) (async) ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x1) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) (async) syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f00000000c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES64=r2, @ANYRESDEC, @ANYRES32=r6, @ANYBLOB="08002a00e9"], 0x4c}, 0x1, 0x0, 0x0, 0x20000080}, 0x2040094) ioctl$KVM_RUN(r4, 0xae80, 0x0) r7 = syz_io_uring_setup(0x4072, &(0x7f0000000380)={0x0, 0x0, 0x10100, 0x0, 0x400}, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r8, r9, &(0x7f0000001680)=@IORING_OP_SYMLINKAT={0x26, 0x1b, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r7, 0x567, 0x0, 0x0, 0x0, 0x0) syz_usb_connect(0x2, 0x3d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async) r10 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r10, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000880)={[{@metacopy_on}, {@lowerdir={'lowerdir', 0x3d, './bus'}}]}) (async) mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000880)={[{@metacopy_on}, {@lowerdir={'lowerdir', 0x3d, './bus'}}]}) ioperm(0x1000000, 0x8, 0x8) shmget(0x1, 0x4000, 0x200, &(0x7f0000ff8000/0x4000)=nil) (async) r11 = shmget(0x1, 0x4000, 0x200, &(0x7f0000ff8000/0x4000)=nil) shmat(r11, &(0x7f0000feb000/0x2000)=nil, 0x3000) (async) shmat(r11, &(0x7f0000feb000/0x2000)=nil, 0x3000) shmctl$IPC_RMID(r11, 0x0) 510.627383ms ago: executing program 3 (id=230): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) fsopen(&(0x7f0000000100)='iso9660\x00', 0x1) r1 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000200)={0x0, 0x0}) r2 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x0, 0x800, 0x3, 0x200400}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13}) io_setup(0x81, &(0x7f0000001440)) r5 = socket(0x1d, 0x3, 0x1) getsockopt$nfc_llcp(r5, 0x65, 0x8, 0x0, 0x20001008) io_uring_enter(r2, 0x47f9, 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000080)={0x0, 0x7, 0x30}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0x0, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000340)={0x0, 0x5}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000d8000000000000000000eaff85000000750000009500000000000000"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r6, 0x0, 0x0}, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7400}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[], 0x84}}, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe33) r7 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r7, 0x0, 0x0, 0x800, 0x0, 0x0) sendto$inet(r1, &(0x7f00000003c0)='M', 0x1, 0x0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10) sendto$inet(r1, &(0x7f0000000280)='p', 0x29fcb, 0x0, 0x0, 0x0) sendto$inet(r1, &(0x7f00000000c0)="a4", 0x1, 0x800, 0x0, 0x0) 440.634365ms ago: executing program 0 (id=231): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newqdisc={0x5c, 0x24, 0xf0b, 0x0, 0x1000000, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x2c, 0x2, [@TCA_CAKE_AUTORATE={0x8, 0x9, 0xff}, @TCA_CAKE_FLOW_MODE={0x8, 0x5, 0x3}, @TCA_CAKE_SPLIT_GSO={0x8}, @TCA_CAKE_FLOW_MODE={0x8, 0x5, 0x2}, @TCA_CAKE_FLOW_MODE={0x8, 0x5, 0x4}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) syz_open_dev$dri(0x0, 0x0, 0x28080) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000000)=0x200, 0x4) sendmsg$inet(r3, &(0x7f00000024c0)={&(0x7f0000000080)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x19}}, 0x10, &(0x7f0000002380)=[{&(0x7f00000000c0)="5a7f178559c42fbdac9374449dde115ba3a8975a65802e2053c77519c049a26cb54d6c23e4cd93a58877b89909ae9d3ac5c6828b1c53c6592aa6ce98c0aa729cf63c1ff291b67141d14764668e816b2616a8e1cf6bc13c57bd0e2a758756b00cb02a9d6047fb8a659124b8de39d1b62d4d39e2152290a4f5037e2c37d175bf3ef43936d3086020b5aec9733ce4079bcc73415ec0cf43eb41afa48cdb4701dfeeda4cd30f9383336cc0ed15d549a7c20521942d875d687c2482b02434d30f234f6776f32207a12fb4fafaa6fe204ea37dada0055f246b2afdceb9bceb4e230126703486dc013f3dbb589268f2112e409b069222e950bb0c2a7dc7f347cda98e6fb48aeb97844967eef3f83596de94a0accd90fa31a9", 0xffe3}], 0x1, 0x0, 0x0, 0x1f000000}, 0x24040000) 440.403677ms ago: executing program 0 (id=232): syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000840)={0x44, &(0x7f0000000200)={0x20, 0x30, 0xc, "3ba80704f90c6441cba3b642"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b705000008"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x98f0a000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) mkdirat(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x20001400) ioctl$TUNSETOFFLOAD(r3, 0x8004745a, 0x2000000c) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_pressure(r4, &(0x7f0000000040)='cpu.pressure\x00', 0x2, 0x0) write$cgroup_pressure(r5, &(0x7f0000000080)={'full', 0x20, 0xfffffffffffffffc, 0x20, 0x100000007}, 0x9) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) bind$inet6(r6, 0x0, 0x0) syz_open_dev$hidraw(&(0x7f0000002300), 0x1, 0x14a042) pipe2(&(0x7f0000000200)={0x0, 0x0}, 0x0) r7 = syz_io_uring_setup(0x237, &(0x7f0000000300)={0x0, 0x200000, 0x10100, 0x3}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r7, 0x2def, 0x4000, 0x0, 0x0, 0x0) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) 60.699274ms ago: executing program 1 (id=233): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) (async) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) (async, rerun: 64) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 64) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) (async) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_mptcp_buf(r4, 0x11c, 0x4, &(0x7f0000000080)=""/78, &(0x7f0000000100)=0x4e) (async) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94) r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) read$nci(r5, &(0x7f0000000300)=""/102, 0x66) r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000000240), r7) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="0100000000000000000002000000080001"], 0x1c}}, 0x0) (async) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) poll(&(0x7f00000002c0)=[{r10}], 0x1, 0x83a4) fcntl$setpipe(r10, 0x407, 0x0) read$char_usb(r9, &(0x7f0000000100)=""/124, 0x7c) write$char_usb(r10, &(0x7f0000000440)="93", 0x1) (async, rerun: 32) socketpair$unix(0x1, 0x1, 0x0, 0x0) (async, rerun: 32) r11 = openat$sysctl(0xffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0) pipe(&(0x7f0000000000)) (async) splice(r0, 0x0, r11, 0x0, 0x3, 0x1) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="340000000206050000000000000000f0ffff7f000c00033a69700005000417a0789321c28e2542ad580fb3ea1c2e000000000004000780050005000200000000000000008691739ff3a5da8761537d16a48827219eb590248b4ab6b088367cbbe568fae17ceb78b76bb801cbf9f0e8cd78af25d2f5a63f4170bc47bb1dc88411d006fc2e48e8782f8725fd25f83c90466b01d9a111dee24fe4a2cb087f081e2d150ce85f9351970b32fa6a78e747e0f540f7ca88d40c5ace8121a8b6f9ebd06c1919af0f45645b7f98991a4ebc3498e9ae73704c56c1caba467f2bb971a7c15d627d69466a9520f0b24bddcb62a4cac29edb5b2a46ed5fe7818f7652598b8568160ce79d23"], 0x34}}, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f00000001c0)=0x2f) connect$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x20008000, @remote, 0x4}, 0x1c) (async) close(r0) socket(0x2b, 0x1, 0x1) 366.197µs ago: executing program 2 (id=234): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0xce1, 0x0, 0x0, 0x0) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0) ioctl$SOUND_MIXER_READ_RECSRC(r3, 0x80044dff, &(0x7f00000001c0)) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) ioctl$KVM_SET_DEBUGREGS(r1, 0x4080aea2, &(0x7f0000000080)={[0xdddd1000, 0xeeee0000, 0x80a0000, 0x8000000], 0x4, 0x24, 0x9}) accept4(r4, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000200)="ad0000000000", 0x6) r5 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syz_tun\x00'}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0xb, 0x0, &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$kcm(0x10, 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x8, 0x2, 0x1}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000140)={0x8000, 0x1, 0x4}) ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000040)=0x1) ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f00000012c0)=0x2) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc044560f, &(0x7f00000001c0)=@mmap={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2063569a"}}) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000001c0)={0x14, r7, 0x1}, 0x14}}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000001000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000032140000000c0a0108000000000000000001000000140000001000010000000000000000000000000a"], 0x98}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0xf4, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 0s ago: executing program 1 (id=235): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b708000000020000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0xc0) getdents(r0, &(0x7f00000002c0)=""/31, 0x1f) getdents(r0, &(0x7f00000000c0)=""/201, 0xc9) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) r3 = timerfd_create(0x9, 0x0) ioprio_set$uid(0x3, 0x0, 0x6000) timerfd_settime(r3, 0x3, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xcc}, &(0x7f00000000c0)=0x0, &(0x7f0000000280)) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="0000000000000000000000800080000014000091ff0f00004500f5ff06ff00010100fc5e15f4c3d3fbd80dad0000abfa"], 0x125) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) openat$binder_debug(0xffffff9c, &(0x7f0000000340)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) r5 = socket$inet6(0xa, 0x40000080806, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000380)='sched_kthread_work_execute_start\x00', r6}, 0x18) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6) bind$inet6(r5, &(0x7f000047b000)={0xa, 0x4e20, 0x4, @loopback}, 0x1c) listen(r5, 0x20000005) r7 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r7, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty, 0x8000000}, 0x1c) setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000180)='wg0\x00', 0x10) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:7617' (ED25519) to the list of known hosts. [ 41.584714][ T5925] cgroup: Unknown subsys name 'net' [ 41.701162][ T5925] cgroup: Unknown subsys name 'cpuset' [ 41.705900][ T5925] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 42.483833][ T5925] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 45.195080][ T5940] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 45.198630][ T5940] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 45.201847][ T5940] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 45.204948][ T5940] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 45.208648][ T5940] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 45.211515][ T5940] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 45.212747][ T5949] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 45.215903][ T5940] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 45.216705][ T5949] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 45.219753][ T5940] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 45.222186][ T5949] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 45.222336][ T5950] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 45.222838][ T5950] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 45.223098][ T5950] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 45.223394][ T5950] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 45.223766][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 45.226629][ T5949] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 45.226687][ T5940] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 45.226904][ T5940] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 45.227040][ T5940] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 45.227155][ T5940] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 45.228815][ T5952] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 45.230415][ T5949] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 45.234042][ T5952] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 45.392320][ T5938] chnl_net:caif_netlink_parms(): no params data found [ 45.414739][ T5936] chnl_net:caif_netlink_parms(): no params data found [ 45.419368][ T5945] chnl_net:caif_netlink_parms(): no params data found [ 45.564747][ T5938] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.567616][ T5938] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.570079][ T5938] bridge_slave_0: entered allmulticast mode [ 45.573314][ T5938] bridge_slave_0: entered promiscuous mode [ 45.576685][ T5938] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.578814][ T5938] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.580985][ T5938] bridge_slave_1: entered allmulticast mode [ 45.583170][ T5938] bridge_slave_1: entered promiscuous mode [ 45.594383][ T5936] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.596848][ T5936] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.599152][ T5936] bridge_slave_0: entered allmulticast mode [ 45.601670][ T5936] bridge_slave_0: entered promiscuous mode [ 45.620220][ T5945] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.622974][ T5945] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.625693][ T5945] bridge_slave_0: entered allmulticast mode [ 45.628882][ T5945] bridge_slave_0: entered promiscuous mode [ 45.634259][ T5945] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.637210][ T5945] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.639906][ T5945] bridge_slave_1: entered allmulticast mode [ 45.642811][ T5945] bridge_slave_1: entered promiscuous mode [ 45.660501][ T5936] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.662600][ T5936] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.664782][ T5936] bridge_slave_1: entered allmulticast mode [ 45.667129][ T5936] bridge_slave_1: entered promiscuous mode [ 45.676332][ T5944] chnl_net:caif_netlink_parms(): no params data found [ 45.689433][ T5938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.704735][ T5936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.721219][ T5938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.734600][ T5936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.739692][ T5945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.769590][ T5945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.776565][ T5938] team0: Port device team_slave_0 added [ 45.788528][ T5936] team0: Port device team_slave_0 added [ 45.805881][ T5938] team0: Port device team_slave_1 added [ 45.809439][ T5936] team0: Port device team_slave_1 added [ 45.862184][ T5945] team0: Port device team_slave_0 added [ 45.864110][ T5944] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.866290][ T5944] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.869290][ T5944] bridge_slave_0: entered allmulticast mode [ 45.871430][ T5944] bridge_slave_0: entered promiscuous mode [ 45.882822][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.885716][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.893729][ T5938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.898064][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.900149][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.909116][ T5936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.913338][ T5945] team0: Port device team_slave_1 added [ 45.922267][ T5944] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.924666][ T5944] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.926809][ T5944] bridge_slave_1: entered allmulticast mode [ 45.928874][ T5944] bridge_slave_1: entered promiscuous mode [ 45.939567][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.941478][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.948380][ T5938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.952975][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.955061][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.962652][ T5936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.982556][ T5944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.989381][ T5944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.007560][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.010145][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.018832][ T5945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.023071][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.025291][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.034106][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.057808][ T5944] team0: Port device team_slave_0 added [ 46.063589][ T5944] team0: Port device team_slave_1 added [ 46.083232][ T5938] hsr_slave_0: entered promiscuous mode [ 46.086369][ T5938] hsr_slave_1: entered promiscuous mode [ 46.142496][ T5936] hsr_slave_0: entered promiscuous mode [ 46.144595][ T5936] hsr_slave_1: entered promiscuous mode [ 46.146949][ T5936] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.149418][ T5936] Cannot create hsr debugfs directory [ 46.159136][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.161790][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.169812][ T5944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.184422][ T5945] hsr_slave_0: entered promiscuous mode [ 46.186547][ T5945] hsr_slave_1: entered promiscuous mode [ 46.188467][ T5945] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.190651][ T5945] Cannot create hsr debugfs directory [ 46.192615][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.195271][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.203294][ T5944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.285640][ T5944] hsr_slave_0: entered promiscuous mode [ 46.287964][ T5944] hsr_slave_1: entered promiscuous mode [ 46.290329][ T5944] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.292675][ T5944] Cannot create hsr debugfs directory [ 46.448198][ T5936] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 46.455270][ T5936] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 46.462587][ T5936] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 46.467756][ T5936] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 46.479316][ T5945] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 46.483909][ T5945] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 46.487395][ T5945] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 46.492875][ T5945] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 46.513813][ T5938] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 46.517362][ T5938] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 46.520572][ T5938] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 46.523681][ T5938] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 46.560703][ T5944] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 46.566880][ T5944] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 46.570921][ T5944] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 46.574835][ T5944] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 46.609188][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.613651][ T5936] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.628095][ T5945] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.632298][ T5936] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.649012][ T1136] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.651268][ T1136] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.654349][ T1136] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.656524][ T1136] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.660046][ T1136] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.662065][ T1136] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.671263][ T5944] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.674600][ T1008] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.676813][ T1008] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.682043][ T5938] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.694101][ T5938] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.700203][ T1008] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.702312][ T1008] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.711967][ T5936] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 46.720917][ T1008] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.723160][ T1008] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.727364][ T5944] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.737170][ T1008] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.739377][ T1008] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.756036][ T78] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.758234][ T78] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.796012][ T5936] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.815835][ T5936] veth0_vlan: entered promiscuous mode [ 46.822611][ T5936] veth1_vlan: entered promiscuous mode [ 46.834216][ T5936] veth0_macvtap: entered promiscuous mode [ 46.838670][ T5936] veth1_macvtap: entered promiscuous mode [ 46.844329][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.864208][ T5945] veth0_vlan: entered promiscuous mode [ 46.868932][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.874146][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.878185][ T5936] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.880887][ T5936] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.883457][ T5936] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.885993][ T5936] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.893110][ T5945] veth1_vlan: entered promiscuous mode [ 46.905474][ T5938] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.913647][ T5944] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.931855][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.934584][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.942066][ T5945] veth0_macvtap: entered promiscuous mode [ 46.945841][ T5945] veth1_macvtap: entered promiscuous mode [ 46.955663][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.958184][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.962247][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.965585][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.969336][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.973290][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.976364][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.981979][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.990329][ T5945] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.992903][ T5945] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.995126][ T5936] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 46.995504][ T5945] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.003440][ T5945] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.014954][ T5944] veth0_vlan: entered promiscuous mode [ 47.019860][ T5938] veth0_vlan: entered promiscuous mode [ 47.028814][ T5944] veth1_vlan: entered promiscuous mode [ 47.033490][ T5938] veth1_vlan: entered promiscuous mode [ 47.046148][ T5938] veth0_macvtap: entered promiscuous mode [ 47.052262][ T5944] veth0_macvtap: entered promiscuous mode [ 47.057852][ T5938] veth1_macvtap: entered promiscuous mode [ 47.063447][ T5944] veth1_macvtap: entered promiscuous mode [ 47.077166][ T1008] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.077330][ T5938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.079499][ T1008] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.086620][ T5938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.089694][ T5938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.093518][ T5938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.097882][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.107319][ T5938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.111072][ T5938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.114699][ T5938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.118075][ T5938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.121423][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.125135][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.128441][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.131318][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.134389][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.137702][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.140781][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.144063][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.153111][ T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.153875][ T5938] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.156051][ T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.161194][ T5938] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.163686][ T5938] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.166190][ T5938] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.170630][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.173814][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.176791][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.179732][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.182478][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.185392][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.190854][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.194875][ T5944] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.197589][ T5944] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.200097][ T5944] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.202519][ T5944] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.263293][ T66] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.271479][ T6003] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 47.273668][ T6005] capability: warning: `syz.0.1' uses deprecated v2 capabilities in a way that may be insecure [ 47.274137][ T66] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.285813][ T66] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.294134][ T66] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.298049][ T5952] Bluetooth: hci2: command tx timeout [ 47.300345][ T5943] Bluetooth: hci0: command tx timeout [ 47.300996][ T5952] Bluetooth: hci1: command tx timeout [ 47.303165][ T5943] Bluetooth: hci3: command tx timeout [ 47.315671][ T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.326741][ T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.335368][ T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.343388][ T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.026672][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 48.429155][ T6027] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 48.491646][ T6029] uprobe: syz.1.8:6029 failed to unregister, leaking uprobe [ 48.526661][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 48.537679][ T0] NOHZ tick-stop error: local softirq work is pending, handler #288!!! [ 48.545006][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 48.778122][ T6036] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 49.205405][ T6044] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 49.346643][ T5952] Bluetooth: hci0: command tx timeout [ 49.349514][ T5952] Bluetooth: hci2: command tx timeout [ 49.351806][ T5948] Bluetooth: hci3: command tx timeout [ 49.354618][ T5948] Bluetooth: hci1: command tx timeout [ 49.414148][ T6047] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 49.912421][ T6055] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15'. [ 49.916172][ T6055] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15'. [ 49.925579][ T6055] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 49.930238][ T6055] xt_TCPMSS: Only works on TCP SYN packets [ 49.985655][ T6056] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 50.026556][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.200798][ T6061] netlink: 4 bytes leftover after parsing attributes in process `syz.3.17'. [ 50.232249][ T6059] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 50.234841][ T6059] overlayfs: failed to set xattr on upper [ 50.236616][ T6059] overlayfs: ...falling back to redirect_dir=nofollow. [ 50.238602][ T6059] overlayfs: ...falling back to index=off. [ 50.240324][ T6059] overlayfs: ...falling back to uuid=null. [ 50.250370][ T6059] evm: overlay not supported [ 50.417812][ T1008] Bluetooth: Error in BCSP hdr checksum [ 50.663960][ T30] IPVS: starting estimator thread 0... [ 50.686940][ T78] Bluetooth: Error in BCSP hdr checksum [ 50.728318][ T6068] process 'syz.1.19' launched './file0' with NULL argv: empty string added [ 50.749012][ T6069] IPVS: using max 38 ests per chain, 91200 per kthread [ 50.777821][ T6070] cgroup: fork rejected by pids controller in /syz1 [ 50.947853][ T39] Bluetooth: Error in BCSP hdr checksum [ 51.183944][ T6212] can0: slcan on ttyS3. [ 51.201150][ T6212] netlink: 11 bytes leftover after parsing attributes in process `syz.1.22'. [ 51.436782][ T5948] Bluetooth: hci1: command tx timeout [ 51.438619][ T5948] Bluetooth: hci2: command tx timeout [ 51.440757][ T5948] Bluetooth: hci3: command tx timeout [ 51.442645][ T5948] Bluetooth: hci0: command tx timeout [ 51.867591][ T6205] can0 (unregistered): slcan off ttyS3. [ 51.953509][ T6236] netlink: 4 bytes leftover after parsing attributes in process `syz.1.25'. [ 52.126909][ T8] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 52.226682][ T5952] Bluetooth: hci4: command 0x1003 tx timeout [ 52.227845][ T5943] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 52.279548][ T8] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 52.283794][ T8] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 52.287697][ T8] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 52.291321][ T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 52.299830][ T6231] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 52.308405][ T8] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 52.522385][ T64] usb 7-1: USB disconnect, device number 2 [ 52.947156][ T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!! [ 53.206731][ T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!! [ 53.209219][ T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!! [ 53.211595][ T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!! [ 53.213995][ T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!! [ 53.509113][ T5943] Bluetooth: hci0: command tx timeout [ 53.511522][ T5943] Bluetooth: hci3: command tx timeout [ 53.513753][ T5943] Bluetooth: hci2: command tx timeout [ 53.515976][ T5943] Bluetooth: hci1: command tx timeout [ 53.635663][ T6266] can0: slcan on ttyS3. [ 53.651388][ T6266] netlink: 11 bytes leftover after parsing attributes in process `syz.0.30'. [ 54.426947][ T6261] can0 (unregistered): slcan off ttyS3. [ 54.755976][ T6292] lo speed is unknown, defaulting to 1000 [ 54.760160][ T6292] lo speed is unknown, defaulting to 1000 [ 54.762592][ T6292] lo speed is unknown, defaulting to 1000 [ 54.801714][ T6292] infiniband syz0: set active [ 54.803747][ T6292] infiniband syz0: added lo [ 54.804543][ T64] lo speed is unknown, defaulting to 1000 [ 54.844408][ T6292] RDS/IB: syz0: added [ 54.845846][ T6292] smc: adding ib device syz0 with port count 1 [ 54.847889][ T6292] smc: ib device syz0 port 1 has pnetid [ 54.850587][ T64] lo speed is unknown, defaulting to 1000 [ 54.852561][ T6292] lo speed is unknown, defaulting to 1000 [ 54.891500][ T6292] lo speed is unknown, defaulting to 1000 [ 54.902640][ T6296] netlink: 32 bytes leftover after parsing attributes in process `syz.1.34'. [ 54.983492][ T6292] lo speed is unknown, defaulting to 1000 [ 55.052510][ T6303] vlan2: entered allmulticast mode [ 55.054194][ T6303] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 55.059542][ T6303] mac80211_hwsim hwsim9 wlan1: left allmulticast mode [ 55.088641][ T6292] lo speed is unknown, defaulting to 1000 [ 56.496305][ T6337] can0: slcan on ttyS3. [ 56.539976][ T6337] netlink: 11 bytes leftover after parsing attributes in process `syz.2.42'. [ 57.024305][ T6347] overlayfs: failed to resolve '/': -2 [ 57.028269][ T6347] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 57.072545][ T6354] netlink: 24 bytes leftover after parsing attributes in process `syz.3.46'. [ 57.487180][ T6331] can0 (unregistered): slcan off ttyS3. [ 57.896379][ T6384] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 59.295627][ T6412] netlink: 'syz.1.59': attribute type 12 has an invalid length. [ 59.310965][ T6412] syzkaller0: entered promiscuous mode [ 59.312725][ T6412] syzkaller0: entered allmulticast mode [ 59.531709][ T6414] FAULT_INJECTION: forcing a failure. [ 59.531709][ T6414] name failslab, interval 1, probability 0, space 0, times 1 [ 59.538458][ T6414] CPU: 0 UID: 0 PID: 6414 Comm: syz.2.60 Not tainted 6.13.0-rc5-syzkaller-00012-g0bc21e701a6f #0 [ 59.542042][ T6414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 59.545399][ T6414] Call Trace: [ 59.546432][ T6414] [ 59.547306][ T6414] dump_stack_lvl+0x116/0x1f0 [ 59.548803][ T6414] should_fail_ex+0x497/0x5b0 [ 59.550254][ T6414] should_failslab+0xc2/0x120 [ 59.551737][ T6414] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 59.553644][ T6414] ? __send_signal_locked+0x159/0x11a0 [ 59.555524][ T6414] ? sig_get_ucounts+0x1c0/0x5b0 [ 59.557080][ T6414] __send_signal_locked+0x159/0x11a0 [ 59.558865][ T6414] ? __lock_task_sighand+0x146/0x340 [ 59.560991][ T6414] group_send_sig_info+0x2aa/0x300 [ 59.562659][ T6414] ? __pfx_group_send_sig_info+0x10/0x10 [ 59.564377][ T6414] bpf_send_signal_common+0x415/0x520 [ 59.566020][ T6414] ? __pfx_bpf_send_signal_common+0x10/0x10 [ 59.567916][ T6414] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 59.569712][ T6414] ? trace_lock_acquire+0x14e/0x1f0 [ 59.571280][ T6414] ? bpf_trace_run4+0x1d6/0x5a0 [ 59.572732][ T6414] bpf_send_signal+0x1d/0x30 [ 59.574105][ T6414] bpf_prog_da8cbe553dc44a71+0x23/0x2a [ 59.575728][ T6414] bpf_trace_run4+0x245/0x5a0 [ 59.577140][ T6414] ? __pfx_bpf_trace_run4+0x10/0x10 [ 59.578690][ T6414] ? trace_lock_acquire+0x14e/0x1f0 [ 59.580227][ T6414] ? get_mm_memcg_path.constprop.0+0x12f/0x3d0 [ 59.582058][ T6414] __mmap_lock_do_trace_acquire_returned.part.0+0x20f/0x2d0 [ 59.584188][ T6414] ? __pfx___mmap_lock_do_trace_acquire_returned.part.0+0x10/0x10 [ 59.586463][ T6414] ? down_read_trylock+0x1ed/0x3f0 [ 59.587983][ T6414] ? lock_mm_and_find_vma+0x35/0x6a0 [ 59.589565][ T6414] ? __pfx_down_read_trylock+0x10/0x10 [ 59.591214][ T6414] ? __up_read+0x1fb/0x760 [ 59.592535][ T6414] __mmap_lock_do_trace_acquire_returned+0x33/0x40 [ 59.594486][ T6414] lock_mm_and_find_vma+0xeb/0x6a0 [ 59.596016][ T6414] do_user_addr_fault+0x2b5/0x13f0 [ 59.597520][ T6414] exc_page_fault+0x5c/0xc0 [ 59.598877][ T6414] asm_exc_page_fault+0x26/0x30 [ 59.600331][ T6414] RIP: 0010:_copy_from_iter+0x37f/0x1400 [ 59.601997][ T6414] Code: 4d 85 f6 0f 85 4e ff ff ff e8 dd 59 02 fd 4c 8b 74 24 18 44 89 fe 4c 89 f7 e8 ed d1 64 fd 0f 01 cb 4c 89 f9 4c 89 f7 48 89 de a4 0f 1f 00 48 89 cb 0f 01 ca 4d 89 fc 49 29 cc e9 1d ff ff ff [ 59.607502][ T6414] RSP: 0018:ffffc90003c179d0 EFLAGS: 00050246 [ 59.609269][ T6414] RAX: 0000000000000001 RBX: 0000000020001ec0 RCX: 0000000000002cf3 [ 59.611571][ T6414] RDX: ffffed100cf79fc7 RSI: 000000002000f000 RDI: ffff888067bcd140 [ 59.613801][ T6414] RBP: ffffc90003c17c48 R08: 0000000000000001 R09: ffffed100cf79fc6 [ 59.616068][ T6414] R10: ffff888067bcfe32 R11: 0000000000000000 R12: 0000000020011cf3 [ 59.618378][ T6414] R13: 00007ffffffff000 R14: ffff888067bc0000 R15: 000000000000fe33 [ 59.620674][ T6414] ? trace_lock_acquire+0x14e/0x1f0 [ 59.622233][ T6414] ? __pfx__copy_from_iter+0x10/0x10 [ 59.623815][ T6414] ? __virt_addr_valid+0x1a4/0x590 [ 59.625337][ T6414] ? __virt_addr_valid+0x5e/0x590 [ 59.626855][ T6414] ? __phys_addr+0xc6/0x150 [ 59.628232][ T6414] ? __phys_addr_symbol+0x30/0x80 [ 59.630206][ T6414] ? __check_object_size+0x488/0x710 [ 59.632108][ T6414] netlink_sendmsg+0x813/0xd70 [ 59.633501][ T6414] ? __pfx_netlink_sendmsg+0x10/0x10 [ 59.635043][ T6414] sock_write_iter+0x4fe/0x5b0 [ 59.636439][ T6414] ? __pfx_sock_write_iter+0x10/0x10 [ 59.637995][ T6414] ? bpf_lsm_file_permission+0x9/0x10 [ 59.639617][ T6414] ? security_file_permission+0x71/0x210 [ 59.641309][ T6414] vfs_write+0x5ae/0x1150 [ 59.642616][ T6414] ? __pfx_sock_write_iter+0x10/0x10 [ 59.644225][ T6414] ? __pfx_vfs_write+0x10/0x10 [ 59.645673][ T6414] ? __fget_files+0x40/0x3a0 [ 59.647079][ T6414] ksys_write+0x207/0x250 [ 59.648390][ T6414] ? __pfx_ksys_write+0x10/0x10 [ 59.650151][ T6414] __do_fast_syscall_32+0x73/0x120 [ 59.651674][ T6414] do_fast_syscall_32+0x32/0x80 [ 59.653101][ T6414] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 59.654983][ T6414] RIP: 0023:0xf7ff4579 [ 59.656227][ T6414] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 59.661979][ T6414] RSP: 002b:00000000f514655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 59.664691][ T6414] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020001ec0 [ 59.667031][ T6414] RDX: 000000000000fe33 RSI: 0000000000000000 RDI: 0000000000000000 [ 59.669818][ T6414] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 59.672258][ T6414] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 59.674519][ T6414] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 59.676851][ T6414] [ 59.801591][ T6420] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 60.434295][ T6428] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 60.716230][ T6431] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 61.443861][ T6449] netlink: 72 bytes leftover after parsing attributes in process `syz.0.70'. [ 61.448562][ T6454] xt_TCPMSS: Only works on TCP SYN packets [ 61.470558][ T6457] tty tty3: ldisc open failed (-12), clearing slot 2 [ 61.725371][ T6464] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 62.148423][ T6455] syz.0.70 (6455) used greatest stack depth: 20336 bytes left [ 62.435207][ T6472] FAULT_INJECTION: forcing a failure. [ 62.435207][ T6472] name failslab, interval 1, probability 0, space 0, times 0 [ 62.439196][ T6472] CPU: 0 UID: 0 PID: 6472 Comm: syz.3.76 Not tainted 6.13.0-rc5-syzkaller-00012-g0bc21e701a6f #0 [ 62.442321][ T6472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 62.445526][ T6472] Call Trace: [ 62.446574][ T6472] [ 62.447488][ T6472] dump_stack_lvl+0x16c/0x1f0 [ 62.448924][ T6472] should_fail_ex+0x497/0x5b0 [ 62.450369][ T6472] ? fs_reclaim_acquire+0xae/0x150 [ 62.451933][ T6472] should_failslab+0xc2/0x120 [ 62.453364][ T6472] __kmalloc_noprof+0xce/0x4f0 [ 62.454822][ T6472] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 62.456525][ T6472] ? tomoyo_realpath_from_path+0xbf/0x710 [ 62.458237][ T6472] tomoyo_realpath_from_path+0xbf/0x710 [ 62.459919][ T6472] ? tomoyo_path_number_perm+0x235/0x5b0 [ 62.461619][ T6472] tomoyo_path_number_perm+0x248/0x5b0 [ 62.463275][ T6472] ? tomoyo_path_number_perm+0x235/0x5b0 [ 62.464966][ T6472] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 62.466807][ T6472] ? __pfx_lock_release+0x10/0x10 [ 62.468337][ T6472] ? trace_lock_acquire+0x14e/0x1f0 [ 62.469926][ T6472] ? lock_acquire+0x2f/0xb0 [ 62.471310][ T6472] ? __fget_files+0x40/0x3a0 [ 62.472724][ T6472] ? __fget_files+0x206/0x3a0 [ 62.474157][ T6472] security_file_ioctl_compat+0x9b/0x240 [ 62.475854][ T6472] __do_compat_sys_ioctl+0x4e/0x2c0 [ 62.477502][ T6472] __do_fast_syscall_32+0x73/0x120 [ 62.479055][ T6472] do_fast_syscall_32+0x32/0x80 [ 62.480541][ T6472] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 62.482449][ T6472] RIP: 0023:0xf7f64579 [ 62.483692][ T6472] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 62.489455][ T6472] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 62.491961][ T6472] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0905664 [ 62.494322][ T6472] RDX: 00000000200002c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 62.496716][ T6472] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 62.499078][ T6472] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 62.501557][ T6472] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 62.504053][ T6472] [ 62.506252][ T6472] ERROR: Out of memory at tomoyo_realpath_from_path. [ 62.536085][ T6475] block device autoloading is deprecated and will be removed. [ 62.756253][ T6481] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 62.828203][ T6000] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 63.653282][ T6508] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 64.362688][ T6520] FAULT_INJECTION: forcing a failure. [ 64.362688][ T6520] name failslab, interval 1, probability 0, space 0, times 0 [ 64.366822][ T6520] CPU: 3 UID: 0 PID: 6520 Comm: syz.1.89 Not tainted 6.13.0-rc5-syzkaller-00012-g0bc21e701a6f #0 [ 64.369983][ T6520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 64.373187][ T6520] Call Trace: [ 64.374227][ T6520] [ 64.375150][ T6520] dump_stack_lvl+0x16c/0x1f0 [ 64.376621][ T6520] should_fail_ex+0x497/0x5b0 [ 64.378046][ T6520] should_failslab+0xc2/0x120 [ 64.379492][ T6520] __kmalloc_cache_noprof+0x68/0x420 [ 64.381097][ T6520] sctp_add_bind_addr+0x9d/0x3e0 [ 64.382648][ T6520] sctp_copy_local_addr_list+0x39e/0x5a0 [ 64.384518][ T6520] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 64.386376][ T6520] ? sctp_auth_asoc_copy_shkeys+0x2a7/0x360 [ 64.388244][ T6520] ? sctp_bind_addr_copy+0xe0/0x530 [ 64.389853][ T6520] sctp_bind_addr_copy+0xe0/0x530 [ 64.391444][ T6520] sctp_connect_new_asoc+0x1d8/0x790 [ 64.393126][ T6520] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 64.394904][ T6520] ? mark_held_locks+0x9f/0xe0 [ 64.396408][ T6520] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 64.398113][ T6520] sctp_sendmsg+0x162a/0x1f10 [ 64.399629][ T6520] ? __pfx___lock_acquire+0x10/0x10 [ 64.401232][ T6520] ? __pfx_sctp_sendmsg+0x10/0x10 [ 64.402831][ T6520] ? __pfx_aa_sk_perm+0x10/0x10 [ 64.404414][ T6520] ? __pfx_sctp_sendmsg+0x10/0x10 [ 64.405976][ T6520] inet_sendmsg+0x119/0x140 [ 64.407439][ T6520] __sys_sendto+0x42a/0x4f0 [ 64.408942][ T6520] ? __pfx___sys_sendto+0x10/0x10 [ 64.410525][ T6520] ? ksys_write+0x1ba/0x250 [ 64.411959][ T6520] ? __pfx_ksys_write+0x10/0x10 [ 64.413504][ T6520] __ia32_sys_sendto+0xdd/0x1b0 [ 64.415027][ T6520] ? lockdep_hardirqs_on+0x7c/0x110 [ 64.416666][ T6520] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 64.418716][ T6520] __do_fast_syscall_32+0x73/0x120 [ 64.420319][ T6520] do_fast_syscall_32+0x32/0x80 [ 64.421832][ T6520] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 64.423829][ T6520] RIP: 0023:0xf7f51579 [ 64.425091][ T6520] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 64.431031][ T6520] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 64.433700][ T6520] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000300 [ 64.436161][ T6520] RDX: 0000000000034000 RSI: 0000000000000041 RDI: 0000000020000380 [ 64.438647][ T6520] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 64.441136][ T6520] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 64.443672][ T6520] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 64.446171][ T6520] [ 64.753148][ T6548] netlink: 48 bytes leftover after parsing attributes in process `syz.3.96'. [ 64.933751][ T6556] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 65.129467][ T6559] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 65.407592][ T6561] FAULT_INJECTION: forcing a failure. [ 65.407592][ T6561] name failslab, interval 1, probability 0, space 0, times 0 [ 65.411379][ T6561] CPU: 2 UID: 0 PID: 6561 Comm: syz.2.100 Not tainted 6.13.0-rc5-syzkaller-00012-g0bc21e701a6f #0 [ 65.414497][ T6561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 65.417706][ T6561] Call Trace: [ 65.418719][ T6561] [ 65.419626][ T6561] dump_stack_lvl+0x16c/0x1f0 [ 65.421061][ T6561] should_fail_ex+0x497/0x5b0 [ 65.422491][ T6561] ? fs_reclaim_acquire+0xae/0x150 [ 65.424053][ T6561] should_failslab+0xc2/0x120 [ 65.425484][ T6561] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 65.427265][ T6561] ? __lock_acquire+0x15a9/0x3c40 [ 65.428790][ T6561] ? __alloc_skb+0x2b3/0x380 [ 65.430209][ T6561] __alloc_skb+0x2b3/0x380 [ 65.431568][ T6561] ? __pfx___alloc_skb+0x10/0x10 [ 65.433064][ T6561] netlink_alloc_large_skb+0x69/0x130 [ 65.434679][ T6561] netlink_sendmsg+0x689/0xd70 [ 65.436133][ T6561] ? __pfx_netlink_sendmsg+0x10/0x10 [ 65.437824][ T6561] ____sys_sendmsg+0x9ae/0xb40 [ 65.439274][ T6561] ? __pfx_____sys_sendmsg+0x10/0x10 [ 65.440848][ T6561] ? get_compat_msghdr+0x11b/0x170 [ 65.442390][ T6561] ___sys_sendmsg+0x135/0x1e0 [ 65.443817][ T6561] ? __pfx____sys_sendmsg+0x10/0x10 [ 65.445384][ T6561] ? __pfx_lock_release+0x10/0x10 [ 65.446905][ T6561] ? trace_lock_acquire+0x14e/0x1f0 [ 65.448478][ T6561] ? __fget_files+0x206/0x3a0 [ 65.449903][ T6561] __sys_sendmsg+0x16e/0x220 [ 65.451307][ T6561] ? __pfx___sys_sendmsg+0x10/0x10 [ 65.452848][ T6561] __do_fast_syscall_32+0x73/0x120 [ 65.454385][ T6561] do_fast_syscall_32+0x32/0x80 [ 65.455855][ T6561] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 65.457744][ T6561] RIP: 0023:0xf7ff4579 [ 65.458968][ T6561] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 65.464718][ T6561] RSP: 002b:00000000f514655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 65.467263][ T6561] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001180 [ 65.469637][ T6561] RDX: 0000000000008084 RSI: 0000000000000000 RDI: 0000000000000000 [ 65.472000][ T6561] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 65.474356][ T6561] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 65.476719][ T6561] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 65.479106][ T6561] [ 66.009990][ T833] IPVS: starting estimator thread 0... [ 66.011886][ T6586] netlink: 4 bytes leftover after parsing attributes in process `syz.0.110'. [ 66.018755][ T6586] lo speed is unknown, defaulting to 1000 [ 66.020719][ T6586] lo speed is unknown, defaulting to 1000 [ 66.022928][ T6586] lo speed is unknown, defaulting to 1000 [ 66.026548][ T6586] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 66.031781][ T6586] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 66.039634][ T6586] lo speed is unknown, defaulting to 1000 [ 66.042132][ T6586] lo speed is unknown, defaulting to 1000 [ 66.046909][ T6586] lo speed is unknown, defaulting to 1000 [ 66.049265][ T6586] lo speed is unknown, defaulting to 1000 [ 66.098243][ T6587] IPVS: using max 38 ests per chain, 91200 per kthread [ 66.338332][ T6601] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 66.545678][ T6598] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 66.672904][ T6606] syz.3.115 uses obsolete (PF_INET,SOCK_PACKET) [ 67.017118][ T6623] FAULT_INJECTION: forcing a failure. [ 67.017118][ T6623] name failslab, interval 1, probability 0, space 0, times 0 [ 67.020991][ T6623] CPU: 3 UID: 0 PID: 6623 Comm: syz.0.120 Not tainted 6.13.0-rc5-syzkaller-00012-g0bc21e701a6f #0 [ 67.024160][ T6623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 67.027362][ T6623] Call Trace: [ 67.028376][ T6623] [ 67.029282][ T6623] dump_stack_lvl+0x16c/0x1f0 [ 67.030726][ T6623] should_fail_ex+0x497/0x5b0 [ 67.032169][ T6623] ? fs_reclaim_acquire+0xae/0x150 [ 67.034185][ T6623] should_failslab+0xc2/0x120 [ 67.035713][ T6623] __kmalloc_noprof+0xce/0x4f0 [ 67.037425][ T6623] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 67.039302][ T6623] ? tomoyo_realpath_from_path+0xbf/0x710 [ 67.041087][ T6623] tomoyo_realpath_from_path+0xbf/0x710 [ 67.042773][ T6623] ? tomoyo_path_number_perm+0x235/0x5b0 [ 67.044475][ T6623] tomoyo_path_number_perm+0x248/0x5b0 [ 67.046128][ T6623] ? tomoyo_path_number_perm+0x235/0x5b0 [ 67.047841][ T6623] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 67.049668][ T6623] ? __pfx_lock_release+0x10/0x10 [ 67.051212][ T6623] ? trace_lock_acquire+0x14e/0x1f0 [ 67.052874][ T6623] ? lock_acquire+0x2f/0xb0 [ 67.054297][ T6623] ? __fget_files+0x40/0x3a0 [ 67.055773][ T6623] ? __fget_files+0x206/0x3a0 [ 67.057264][ T6623] security_file_ioctl_compat+0x9b/0x240 [ 67.058974][ T6623] __do_compat_sys_ioctl+0x4e/0x2c0 [ 67.060568][ T6623] __do_fast_syscall_32+0x73/0x120 [ 67.062133][ T6623] do_fast_syscall_32+0x32/0x80 [ 67.063620][ T6623] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 67.065546][ T6623] RIP: 0023:0xf712e579 [ 67.066795][ T6623] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 67.072592][ T6623] RSP: 002b:00000000f512055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 67.075116][ T6623] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0f8565c [ 67.077482][ T6623] RDX: 0000000020000280 RSI: 0000000000000000 RDI: 0000000000000000 [ 67.079928][ T6623] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 67.082329][ T6623] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 67.084715][ T6623] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 67.087131][ T6623] [ 67.089209][ T6623] ERROR: Out of memory at tomoyo_realpath_from_path. [ 67.211968][ T6630] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 67.510343][ T6634] netlink: 4 bytes leftover after parsing attributes in process `syz.0.124'. [ 67.513044][ T6634] bridge_slave_1: left allmulticast mode [ 67.514829][ T6634] bridge_slave_1: left promiscuous mode [ 67.517862][ T6634] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.523106][ T6634] bridge_slave_0: left allmulticast mode [ 67.524776][ T6634] bridge_slave_0: left promiscuous mode [ 67.527815][ T6634] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.992601][ T6647] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 68.298132][ T6654] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 68.731311][ T6665] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 69.132237][ T6674] FAULT_INJECTION: forcing a failure. [ 69.132237][ T6674] name failslab, interval 1, probability 0, space 0, times 0 [ 69.137169][ T6674] CPU: 3 UID: 0 PID: 6674 Comm: syz.2.134 Not tainted 6.13.0-rc5-syzkaller-00012-g0bc21e701a6f #0 [ 69.140348][ T6674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.143558][ T6674] Call Trace: [ 69.144585][ T6674] [ 69.145484][ T6674] dump_stack_lvl+0x16c/0x1f0 [ 69.146922][ T6674] should_fail_ex+0x497/0x5b0 [ 69.148356][ T6674] ? fs_reclaim_acquire+0xae/0x150 [ 69.149879][ T6674] should_failslab+0xc2/0x120 [ 69.151289][ T6674] __kmalloc_noprof+0xce/0x4f0 [ 69.152731][ T6674] ? tracepoint_add_func+0x2a9/0xeb0 [ 69.154333][ T6674] ? __pfx___bpf_trace_tlb_flush+0x10/0x10 [ 69.156112][ T6674] tracepoint_add_func+0x2a9/0xeb0 [ 69.157674][ T6674] ? __pfx___bpf_trace_tlb_flush+0x10/0x10 [ 69.159430][ T6674] ? find_held_lock+0x2d/0x110 [ 69.160884][ T6674] ? __pfx___bpf_trace_tlb_flush+0x10/0x10 [ 69.162635][ T6674] tracepoint_probe_register_prio_may_exist+0xbd/0x110 [ 69.164707][ T6674] ? __pfx_tracepoint_probe_register_prio_may_exist+0x10/0x10 [ 69.166952][ T6674] ? __pfx___bpf_trace_tlb_flush+0x10/0x10 [ 69.168727][ T6674] ? __local_bh_enable_ip+0xa4/0x120 [ 69.170329][ T6674] bpf_probe_register+0x189/0x200 [ 69.171863][ T6674] bpf_raw_tp_link_attach+0x2cd/0x5f0 [ 69.173478][ T6674] ? __pfx_lock_release+0x10/0x10 [ 69.175032][ T6674] ? __pfx_bpf_raw_tp_link_attach+0x10/0x10 [ 69.176830][ T6674] ? lock_acquire+0x2f/0xb0 [ 69.178202][ T6674] ? __fget_files+0x40/0x3a0 [ 69.179619][ T6674] ? fput+0x67/0x440 [ 69.180813][ T6674] ? __bpf_prog_get+0xa0/0x290 [ 69.182269][ T6674] __sys_bpf+0x3a7/0x57a0 [ 69.183585][ T6674] ? __pfx_lock_release+0x10/0x10 [ 69.185120][ T6674] ? __pfx___sys_bpf+0x10/0x10 [ 69.186576][ T6674] ? vfs_write+0x306/0x1150 [ 69.187971][ T6674] ? __mutex_unlock_slowpath+0x164/0x690 [ 69.189679][ T6674] ? fput+0x67/0x440 [ 69.190873][ T6674] ? ksys_write+0x1ba/0x250 [ 69.192259][ T6674] ? __pfx_ksys_write+0x10/0x10 [ 69.193736][ T6674] __ia32_sys_bpf+0x76/0xe0 [ 69.195139][ T6674] __do_fast_syscall_32+0x73/0x120 [ 69.196708][ T6674] do_fast_syscall_32+0x32/0x80 [ 69.198179][ T6674] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 69.200082][ T6674] RIP: 0023:0xf7ff4579 [ 69.201317][ T6674] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 69.207221][ T6674] RSP: 002b:00000000f514655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 69.209892][ T6674] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 00000000200004c0 [ 69.212259][ T6674] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000 [ 69.214623][ T6674] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 69.217013][ T6674] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 69.219379][ T6674] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 69.221695][ T6674] [ 69.503060][ T6681] can0: slcan on ttyS3. [ 69.506055][ T6681] netlink: 11 bytes leftover after parsing attributes in process `syz.2.137'. [ 69.937121][ T6680] can0 (unregistered): slcan off ttyS3. [ 69.966655][ T64] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 70.000959][ T6703] netlink: 4 bytes leftover after parsing attributes in process `syz.2.141'. [ 70.116520][ T64] usb 5-1: Using ep0 maxpacket: 8 [ 70.121480][ T64] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 70.124950][ T64] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 70.128931][ T6707] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 70.130005][ T64] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 70.136063][ T64] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 70.142232][ T64] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 70.146731][ T64] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 70.149842][ T64] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.359102][ T64] usb 5-1: GET_CAPABILITIES returned 0 [ 70.362166][ T64] usbtmc 5-1:16.0: can't read capabilities [ 70.789424][ T1412] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.792330][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.073991][ T6728] can0: slcan on ttyS3. [ 71.078216][ T6728] netlink: 11 bytes leftover after parsing attributes in process `syz.3.149'. [ 71.186751][ T6727] can0 (unregistered): slcan off ttyS3. [ 71.314902][ T6738] lo speed is unknown, defaulting to 1000 [ 71.356156][ T6738] lo speed is unknown, defaulting to 1000 [ 71.723606][ T6760] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 72.499494][ T833] usb 5-1: USB disconnect, device number 3 [ 72.664556][ T6789] syz_tun: entered allmulticast mode [ 72.672100][ T6789] dvmrp1: entered allmulticast mode [ 72.678958][ T6788] syz_tun: left allmulticast mode [ 73.028266][ T6802] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 73.326707][ T6804] Cannot find add_set index 0 as target [ 73.355767][ T6806] netlink: 12 bytes leftover after parsing attributes in process `syz.3.170'. [ 73.719191][ T6815] netlink: 8 bytes leftover after parsing attributes in process `syz.2.174'. [ 73.807661][ T6826] Zero length message leads to an empty skb [ 73.846871][ T6831] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 73.849731][ T6831] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 74.018880][ T6846] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 74.173340][ T6848] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 74.813145][ T40] audit: type=1326 audit(1735939706.212:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6864 comm="syz.0.192" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf712e579 code=0x0 [ 75.146592][ T6876] netlink: 96 bytes leftover after parsing attributes in process `syz.1.194'. [ 75.150131][ T6876] netlink: 'syz.1.194': attribute type 5 has an invalid length. [ 75.497005][ T6881] netlink: 8 bytes leftover after parsing attributes in process `syz.1.196'. [ 75.529308][ T6883] netlink: 4 bytes leftover after parsing attributes in process `syz.1.197'. [ 75.921007][ T6904] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 76.821170][ T6922] mmap: syz.0.208 (6922) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 77.649495][ T6956] warning: `syz.1.216' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 78.094873][ T6966] cgroup: fork rejected by pids controller in /syz0 [ 78.383744][ T7323] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 78.925245][ T6960] Set syz1 is full, maxelem 65536 reached [ 79.296241][ T40] audit: type=1326 audit(1735939710.692:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7338 comm="syz.1.228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 79.302816][ T40] audit: type=1326 audit(1735939710.692:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7338 comm="syz.1.228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 79.312802][ T40] audit: type=1326 audit(1735939710.692:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7338 comm="syz.1.228" exe="/syz-executor" sig=0 arch=40000003 syscall=311 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 79.320725][ T40] audit: type=1326 audit(1735939710.692:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7338 comm="syz.1.228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 79.329075][ T40] audit: type=1326 audit(1735939710.692:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7338 comm="syz.1.228" exe="/syz-executor" sig=0 arch=40000003 syscall=227 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 79.335391][ T40] audit: type=1326 audit(1735939710.692:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7338 comm="syz.1.228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 79.343421][ T40] audit: type=1326 audit(1735939710.692:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7338 comm="syz.1.228" exe="/syz-executor" sig=0 arch=40000003 syscall=15 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 79.351732][ T40] audit: type=1326 audit(1735939710.692:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7338 comm="syz.1.228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 79.358604][ T40] audit: type=1326 audit(1735939710.692:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7338 comm="syz.1.228" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 80.227056][ T66] wlan1: Trigger new scan to find an IBSS to join [ 80.229375][ T66] ------------[ cut here ]------------ [ 80.231038][ T66] WARNING: CPU: 3 PID: 66 at net/mac80211/scan.c:1213 ieee80211_request_ibss_scan+0x7b8/0x9a0 [ 80.234123][ T66] Modules linked in: [ 80.235597][ T66] CPU: 3 UID: 0 PID: 66 Comm: kworker/u32:3 Not tainted 6.13.0-rc5-syzkaller-00012-g0bc21e701a6f #0 [ 80.240524][ T66] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.243806][ T66] Workqueue: events_unbound cfg80211_wiphy_work [ 80.245730][ T66] RIP: 0010:ieee80211_request_ibss_scan+0x7b8/0x9a0 [ 80.247828][ T66] Code: e9 3b fb ff ff e8 88 df 08 f7 be 04 00 00 00 bf 06 00 00 00 41 bd 04 00 00 00 e8 b3 e1 08 f7 e9 3b fd ff ff e8 69 df 08 f7 90 <0f> 0b 90 bb ea ff ff ff e9 6e fc ff ff 48 c7 c7 54 18 1d 90 e8 6f [ 80.253684][ T66] RSP: 0018:ffffc90000a27988 EFLAGS: 00010293 [ 80.255558][ T66] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8a906fc0 [ 80.258095][ T66] RDX: ffff88801ec1c880 RSI: ffffffff8a907057 RDI: 0000000000000005 [ 80.260532][ T66] RBP: ffff8880685e9720 R08: 0000000000000005 R09: 0000000000000000 [ 80.262986][ T66] R10: 0000000000000000 R11: 0000000000000003 R12: 0000000000000005 [ 80.265389][ T66] R13: 0000000000000006 R14: dffffc0000000000 R15: ffff888068738e40 [ 80.267854][ T66] FS: 0000000000000000(0000) GS:ffff88802b700000(0000) knlGS:0000000000000000 [ 80.270544][ T66] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.272556][ T66] CR2: 0000000020d1f000 CR3: 000000000db7e000 CR4: 0000000000352ef0 [ 80.275006][ T66] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 80.277572][ T66] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 80.279990][ T66] Call Trace: [ 80.281034][ T66] [ 80.281955][ T66] ? __warn+0xea/0x3c0 [ 80.283316][ T66] ? ieee80211_request_ibss_scan+0x7b8/0x9a0 [ 80.285127][ T66] ? report_bug+0x3c0/0x580 [ 80.286649][ T66] ? handle_bug+0x54/0xa0 [ 80.288057][ T66] ? exc_invalid_op+0x17/0x50 [ 80.289503][ T66] ? asm_exc_invalid_op+0x1a/0x20 [ 80.291066][ T66] ? ieee80211_request_ibss_scan+0x720/0x9a0 [ 80.292873][ T66] ? ieee80211_request_ibss_scan+0x7b7/0x9a0 [ 80.294678][ T66] ? ieee80211_request_ibss_scan+0x7b8/0x9a0 [ 80.296634][ T66] ? ieee80211_request_ibss_scan+0x7b7/0x9a0 [ 80.298440][ T66] ieee80211_ibss_work+0x107f/0x14c0 [ 80.300041][ T66] ? __pfx_ieee80211_ibss_work+0x10/0x10 [ 80.301728][ T66] ? lock_acquire.part.0+0x11b/0x380 [ 80.303326][ T66] ? find_held_lock+0x2d/0x110 [ 80.304789][ T66] ? skb_dequeue+0x126/0x180 [ 80.306201][ T66] ? mark_held_locks+0x9f/0xe0 [ 80.307751][ T66] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 80.309513][ T66] ? lockdep_hardirqs_on+0x7c/0x110 [ 80.311087][ T66] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 80.312828][ T66] ieee80211_iface_work+0xd01/0xf00 [ 80.314397][ T66] cfg80211_wiphy_work+0x3de/0x560 [ 80.315955][ T66] process_one_work+0x958/0x1b30 [ 80.317562][ T66] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 80.319262][ T66] ? __pfx_process_one_work+0x10/0x10 [ 80.320871][ T66] ? rcu_is_watching+0x12/0xc0 [ 80.322318][ T66] ? assign_work+0x1a0/0x250 [ 80.323734][ T66] worker_thread+0x6c8/0xf00 [ 80.325128][ T66] ? __pfx_worker_thread+0x10/0x10 [ 80.326741][ T66] kthread+0x2c1/0x3a0 [ 80.327984][ T66] ? _raw_spin_unlock_irq+0x23/0x50 [ 80.329557][ T66] ? __pfx_kthread+0x10/0x10 [ 80.330962][ T66] ret_from_fork+0x45/0x80 [ 80.332309][ T66] ? __pfx_kthread+0x10/0x10 [ 80.333709][ T66] ret_from_fork_asm+0x1a/0x30 [ 80.335172][ T66] [ 80.336118][ T66] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 80.338322][ T66] CPU: 3 UID: 0 PID: 66 Comm: kworker/u32:3 Not tainted 6.13.0-rc5-syzkaller-00012-g0bc21e701a6f #0 [ 80.341499][ T66] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.344702][ T66] Workqueue: events_unbound cfg80211_wiphy_work [ 80.346595][ T66] Call Trace: [ 80.347608][ T66] [ 80.348512][ T66] dump_stack_lvl+0x3d/0x1f0 [ 80.349931][ T66] panic+0x71d/0x800 [ 80.351130][ T66] ? __pfx_panic+0x10/0x10 [ 80.352482][ T66] ? show_trace_log_lvl+0x29d/0x3d0 [ 80.354051][ T66] ? check_panic_on_warn+0x1f/0xb0 [ 80.355611][ T66] ? ieee80211_request_ibss_scan+0x7b8/0x9a0 [ 80.357438][ T66] check_panic_on_warn+0xab/0xb0 [ 80.358942][ T66] __warn+0xf6/0x3c0 [ 80.360133][ T66] ? ieee80211_request_ibss_scan+0x7b8/0x9a0 [ 80.361933][ T66] report_bug+0x3c0/0x580 [ 80.363255][ T66] handle_bug+0x54/0xa0 [ 80.364516][ T66] exc_invalid_op+0x17/0x50 [ 80.365904][ T66] asm_exc_invalid_op+0x1a/0x20 [ 80.367397][ T66] RIP: 0010:ieee80211_request_ibss_scan+0x7b8/0x9a0 [ 80.369376][ T66] Code: e9 3b fb ff ff e8 88 df 08 f7 be 04 00 00 00 bf 06 00 00 00 41 bd 04 00 00 00 e8 b3 e1 08 f7 e9 3b fd ff ff e8 69 df 08 f7 90 <0f> 0b 90 bb ea ff ff ff e9 6e fc ff ff 48 c7 c7 54 18 1d 90 e8 6f [ 80.375116][ T66] RSP: 0018:ffffc90000a27988 EFLAGS: 00010293 [ 80.376945][ T66] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8a906fc0 [ 80.379317][ T66] RDX: ffff88801ec1c880 RSI: ffffffff8a907057 RDI: 0000000000000005 [ 80.381673][ T66] RBP: ffff8880685e9720 R08: 0000000000000005 R09: 0000000000000000 [ 80.384036][ T66] R10: 0000000000000000 R11: 0000000000000003 R12: 0000000000000005 [ 80.386411][ T66] R13: 0000000000000006 R14: dffffc0000000000 R15: ffff888068738e40 [ 80.388788][ T66] ? ieee80211_request_ibss_scan+0x720/0x9a0 [ 80.390594][ T66] ? ieee80211_request_ibss_scan+0x7b7/0x9a0 [ 80.392405][ T66] ? ieee80211_request_ibss_scan+0x7b7/0x9a0 [ 80.394240][ T66] ieee80211_ibss_work+0x107f/0x14c0 [ 80.395839][ T66] ? __pfx_ieee80211_ibss_work+0x10/0x10 [ 80.397551][ T66] ? lock_acquire.part.0+0x11b/0x380 [ 80.399151][ T66] ? find_held_lock+0x2d/0x110 [ 80.400599][ T66] ? skb_dequeue+0x126/0x180 [ 80.401912][ T66] ? mark_held_locks+0x9f/0xe0 [ 80.403189][ T66] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 80.404913][ T66] ? lockdep_hardirqs_on+0x7c/0x110 [ 80.406497][ T66] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 80.408259][ T66] ieee80211_iface_work+0xd01/0xf00 [ 80.409839][ T66] cfg80211_wiphy_work+0x3de/0x560 [ 80.411386][ T66] process_one_work+0x958/0x1b30 [ 80.412875][ T66] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 80.414548][ T66] ? __pfx_process_one_work+0x10/0x10 [ 80.416155][ T66] ? rcu_is_watching+0x12/0xc0 [ 80.417614][ T66] ? assign_work+0x1a0/0x250 [ 80.419025][ T66] worker_thread+0x6c8/0xf00 [ 80.420423][ T66] ? __pfx_worker_thread+0x10/0x10 [ 80.421970][ T66] kthread+0x2c1/0x3a0 [ 80.423212][ T66] ? _raw_spin_unlock_irq+0x23/0x50 [ 80.424772][ T66] ? __pfx_kthread+0x10/0x10 [ 80.426160][ T66] ret_from_fork+0x45/0x80 [ 80.427522][ T66] ? __pfx_kthread+0x10/0x10 [ 80.428914][ T66] ret_from_fork_asm+0x1a/0x30 [ 80.430369][ T66] [ 80.431870][ T66] Kernel Offset: disabled [ 80.433235][ T66] Rebooting in 86400 seconds.. VM DIAGNOSIS: 21:28:31 Registers: info registers vcpu 0 CPU#0 RAX=00000002000008fb RBX=0000000000000001 RCX=0000000000000830 RDX=0000000000000002 RSI=00000000000000fb RDI=0000000000000002 RBP=0000000000000001 RSP=ffffc9000fc37610 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000002 R12=0000000000000001 R13=0000000000000000 R14=ffff88802b53ed00 R15=ffff888022922801 RIP=ffffffff8147a098 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002042c000 CR3=0000000066968000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73a3ff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000001ec9d3 RBX=ffff88801cef4880 RCX=1ffffffff2039441 RDX=0000000000000000 RSI=ffffffff8b4cd300 RDI=ffffffff8bb17100 RBP=ffffc9000047fc48 RSP=ffffc9000047fc00 R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff901ce557 R11=0000000000000000 R12=ffff88802b53fb20 R13=ffff888022922440 R14=0000000000000000 R15=ffff88802b43ed00 RIP=ffffffff81686550 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000000c370b10 CR3=0000000066968000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000000e660d RBX=0000000000000002 RCX=ffffffff8b1a4819 RDX=0000000000000000 RSI=ffffffff8b4cd300 RDI=ffffffff8bb17100 RBP=ffffed1003a51000 RSP=ffffc9000048fe08 R8 =0000000000000001 R9 =ffffed10056c6fed R10=ffff88802b637f6b R11=0000000000000000 R12=0000000000000002 R13=ffff88801d288000 R14=ffffffff901ce550 R15=0000000000000000 RIP=ffffffff8b1a5bff RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000563fb6ca48e8 CR3=0000000067d2c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff85143530 RDI=ffffffff9a667200 RBP=ffffffff9a6671c0 RSP=ffffc90000a27290 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000007 R12=0000000000000000 R13=0000000000000020 R14=fffffbfff34cce92 R15=dffffc0000000000 RIP=ffffffff85143557 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020d1f000 CR3=000000000db7e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000