last executing test programs: 34.375443681s ago: executing program 4 (id=334): r0 = socket(0x40000000015, 0x5, 0x0) close(0x3) r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r1, &(0x7f0000000300)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x48) r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) bind$netrom(r2, &(0x7f00000004c0)={{0x6, @rose, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}, 0x48) listen(r2, 0x80) sendmsg$xdp(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f00000007c0)="ad237f1863d2d2d1a397e2a489c4ee1564e9eefdb4b79061470cc823e53d854435579529b39d744f960b8ed0bba79f9df628ff262afb11e4c03b500df2985e8f7a86f3ab28aa6e65dc1668e18aa4168755523a88d020c8955b46806d3f69f8112e948be32c675bd54ac2a8fae35dd71d00f06ab2cea8236060d1dcf3d1edf529357f70b8e066aaf93e5b32683568c00392ab3f0f8b1ac8a2ec51caacb1cc69306d814957a18b04bec4fae32726ae9013fe17948367ec6494080c4859841ebdb4d9237640caef0b7010d479", 0xcb}, {&(0x7f0000000d80)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a823d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df895d9907e4afb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b907e0974f1073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f752753c938da6241607a742361d995188b23cb4b", 0x1fa}], 0x2, 0x0, 0x0, 0x8004}, 0x0) 33.821089492s ago: executing program 4 (id=341): keyctl$reject(0x13, 0x0, 0xc80000000000000, 0x5, 0xfffffffffffffffb) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x6) open$dir(0x0, 0x80, 0x108) pipe(&(0x7f0000000000)={0xffffffffffffffff}) close(r3) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x94) r4 = getpid() r5 = syz_pidfd_open(r4, 0x0) r6 = socket$alg(0x26, 0x5, 0x0) io_setup(0x1, &(0x7f0000000b80)=0x0) io_submit(r7, 0x1, &(0x7f0000000240)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0x1, r6, 0x0, 0x0, 0x0, 0x0, 0x2}]) setns(r5, 0x24020000) syz_clone(0xfdba2180, 0x0, 0x0, 0x0, 0x0, 0x0) 28.564715539s ago: executing program 4 (id=364): r0 = creat(0x0, 0x0) r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x20200, 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$qrtrtun(r0, &(0x7f0000000300)="ca", 0x1) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x1}}, 0x3c) 28.332843938s ago: executing program 4 (id=367): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0) 27.285276994s ago: executing program 4 (id=372): gettid() r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246) write$binfmt_aout(r1, &(0x7f00000002c0)=ANY=[], 0x13) 20.940332364s ago: executing program 4 (id=390): syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_WRITE_LOCAL_NAME={{0xa9}, 0xa0}}}, 0x7) 18.873805219s ago: executing program 32 (id=390): syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_WRITE_LOCAL_NAME={{0xa9}, 0xa0}}}, 0x7) 6.760801711s ago: executing program 2 (id=444): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90924fc60", 0x8c0}], 0x1, 0x0, 0x0, 0x600}, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, "fbddf0", 0x8, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, {[], @echo_request={0x80, 0x0, 0x0, 0x0, 0x9}}}}}}, 0x0) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$sock_linger(r3, 0x1, 0x3d, &(0x7f00000002c0)={0x1}, 0x8) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x800) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r4 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000200), 0x4) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040) r6 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4) ioctl$sock_TIOCOUTQ(r6, 0x5411, &(0x7f0000000040)) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6(0xa, 0x2, 0x0) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r3, 0x0, 0x61, &(0x7f0000000480)={'filter\x00', 0x4}, 0x68) sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0xfffff274}]}}}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x5, 0xb68, 0xfffffffffffffeb9, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0xe}, 0x48) 5.729229891s ago: executing program 2 (id=447): sendmsg$netlink(0xffffffffffffffff, &(0x7f0000002700)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000fc0)={0x11b0, 0x31, 0x100, 0x70bd26, 0x25dfdbfd, "", [@nested={0x1030, 0xfb, 0x0, 0x1, [@nested={0x101d, 0x13, 0x0, 0x1, [@generic="783cabcf3de8f3c211caac293bfba1f6c66248e2705bfdeaf3e518701e75b6870e949c9efe541264de467766dfe253da80bc4601fddfb29d68a356ca39cba5bb876bdee1d1f6640bb64e313f030da7715e4e5f282235c21405e318614f33083a4b615d83fbc2757362a21e81598dd1c94f416f7fe0291ee066acb78990917d93450dc091617b2b9b856b762e98782567c7ae32d25d68ac22ba4415ab4e9411b60459b5fe04a16c83cb50e70b539e77b39213d9c96b5f0eaa04346eb659528defaefebc201f6fd8a70ef275ffc1ccaf61d56015c4bb63039c3b5db172b76ef8c834ae9df36f8764c27785f4098f8bbe8190e92a2f53d0e17cbd0e3150c8839cfd779a96807dfb84d6d424978b1060dc0fe13a00d526681c018bd90b954e1dd4f36787f6cf693c4a428c8cc5a6c0c77a940f5911f6191babbb44ddb0874a2e573d9a4c41cc89134dc1498259ae3da6f5e2bb40631050a2b28b86f43fa397c8cb73698f2625d966e2695db75c2d719077e59f4278644ce09c0b5cd873f4ce68a6d88819c0caf1c3b58612897c74636701d99260c2ed0e29392f96e6b46a5d8e4797d49f7db2400f81bbdfe7fedab277d090a977eb6d3143e34ab570975d403d9d5975d8a1b373d0322e954d8921cca83c962e55959bb2b82ab789e617a67200d503f89c88d6e8f04deb2773349669e22cdc62f0d6037bc11334f3b7f3c203866d39f6f2f15215fa9a707960c2f6d5229ee00a879a842724c9f633dcb55114d5b4ae228f59001fdea972a1e2893ca0f1855a3918dda375af22d6531cf30c28f84ab3f45d7893f65a9ac09cca966c896c79172b1f8b8da2af3c82ad641eb3db53966e1f670fa1f94465c356331e7a9e39be91d6b2719780d650d54e75277ba22818857a3ce176b85f447a52d43e52d621422695ce1bbeaaa3611d296953b63f08238844704293e37334ef7dc826b87704ffa5e634c89fe70223869ef8484d0dbab21bf206fae62fa6b645ecd4f1f0ea1107ec9ae55882dd92b099da4cd71ab2493b81a3eee6f617dd53af22ff15b01e97689db12b6fe53f941207303d1e822a7b98303617efdaa4e844df85dac246617b3aff4cd0bb5db224a59fa4e7161c4862114cdec7a7b9f4ffcbd7e8a9dc761dc3368a0f37541463227ae5cf525441ab99b9ba09d70b4c2ad9719a5c48258398e77adb9d1f8dcc64d8d658cfcd1b5fef2669f1b2c19f0988268611a644f02f13b86377a9203c36091545f09d62c96c98732c2619cc81dbd4ca19dd62141ce8421dbc28de8b32fa91631b8957025c89812d5fdd72d79aa5d1f765aaa08317915d35ebdfc8a880923596ffbbe4bc6bbd81427869350d59a206c96c813efb25bade849f515e6b6a47c6ccb2131e60c8c05891ea8f065baf49459218c32257c13a82b423cee266dbf51f500ce996d76a723e662f3c3d2fddaff5c050f2ef2e17d0fafb0c42a82184201d8732fa4f1c370384fed4b0d8ee842f2de5523aed2e09e2c484f940a1736359711eb655bd00504e76f3c72f26970d3c05b00ea25803e8be24d7751baadfda870d3e0e64514f0b290a052071cd8f71a2c6ff4850b891c3f1818e0774794c46c62d511db9ee5b960404c866850602205b15b287e6d3279e6a5d1dce653ef770f68af6a16dfa552145e18dd0b185571f29542c24b753ee6ee5f5fb448afcfe643d540e7a120ebf36f2e4f3a30b46d8497ad69b5a55ee023709f640d44e1ba6a4da79579fbaf66676c8e2f60a1a8e3fe123a70b4604e75db29ee19bb8805e22195aeda6b0412c750e0043a53c673e24f9bf68544089b1bc8fe1763e0b157106cec5b21847eeea377c258bac16ff48a208b4c7d3cd1fcf410d22148beb6f95317061c1de7e2d87c448bc2c00069d2e886a7a37c4ced954d2b06ee6de91785a967d4dd117b83fdf7786133abd08ac3399ba7e6f521d933e14966ca444056c4289ec24c76b9eed38ceae0c5493dbe53c20063ac6f9290663cad2b4c73b5276bc5a17847e9098563928694a0316d7d73c4a439bd0fb91fdb520d9b92c5c686ed1122383012b84f4846f4d5e0c5fedf74c9c07ec64da1f2157feee49aa476a4d2b830f528f1c8bf8b7b76ecf7d2266ed1b9d8278a5923501cf134fb9e59f1ee9a5c1397387c2959e0743e634cc41782b57f8c7ea51525150c443066b352f84050fbfb72f55680f24461c791024efa74022caa8d58f1e9985e910f25aa92bfe756ab3eacf8079e7eb7f970165b3ff1bf1ca457ab5f4d9a1a08448ffca704fcee8030a7d8aca43ae64b0be45efd5151bcea83845720d210aa76ef748810e46ffb0cdb7bad706a24d6cb076171a6b79f5de5ac6b8190919a68b1b41b173914dd37d599f7a78587c4ee606b31949a88e6a790eca971c348d32f05a22e68d22793282b716d151d9de60e24cc049e3bf4cce36fe43b5ea824a7b3c854860ceed13d466439263353e81940e7ded03f31211cc714f4cdf240516025f1f5621cced4b88a4e48c940d6f46ff2f57f0583046b650a440c4ea8e9fab79e98d7529db2f11cc7529bb361cf8cb65600ffb36eb5fd93acbdd58398ecbb0befd277e267051f93dc3e7c6a5212c2ed990eb60d9d451b4458cb44cd691dac77ece483236e3006b7f7913e39f685ca41bcd1692494370acb70d0cfdc9e6de0bcd602040a0bc2de02a8cd477fef88b5410f5dfea1cd32d25464853d56c82abd3c11caebd992ca656e88a10ca2779f887472d5064fddd7397eb0205c419b23c2756a3b9b722ff273907c50f8b176834edcc1268e036214a2a25651c719541a4f7729ef7e32dee27c5b910bfea677c562138b30b3355b462c8f910874acc292f6787f8d94fa1cb2e648789cc67d05eb49d6d3c8788a024e3c523c4ee282764090044b44f30a9848daf2522b76448ecb9249ffe58dad4363b1d08181131a89af718ecbd5ffe44e032ca26664eecabc9aa57a875b5964ea492b7e759606a3f4ab36130a8a43a19be74709dea4eeebf5e53706685122e6603247996d672dacdf1bbadf5df111cfe7e72f5b2c6cdc32c1e4eed30147c9a51c5abd4214c577c4c8d1725daf906d145c6ff2c9ab0fc3da4edfb92be40b4af234c2bc147b2d08a801b539928cb754f2f6d2d4280ee0c834ee4f5eb8b0662ffa6f7154307b0fe55fe248a3f953a09b06244674adbf31dd7489be3f26423140ffe98671ca413d678047096fcad53f5bca7e602354553af02c225a67e4e8eabf298495a99de9653638405ebe78dc75e6d16c39e1547dadbc07a014369e39175991368d05be623656c4ecb3735612546b9a9c1490f834cab7567e61c8b2669aa62f156f2ff3b76b32e11b0e0acb6c7ccd6623bef1a5ccbe5f477ae90b3918899fc6b6075c514deaf387d5f09cd59f3fb3c0a9614f1eec092a8f7c6bd200e04da47085d58adc08f1f0651f7ce0cea5792a30aa2bee9970913fc9e79bcf0b5c55adfa6967a44b84ffcd3ce7fb47a610773eb9323b8ab3b5b9670f3ddc06e673e5ebe929f1ae4508decd56a2cefc34bab4703bbd3d83fcfdc27fc4e8a799a34742526848f6aae932ec98959f46ea50f12e0ad3ba4ef50a7b4defdf2fcf8dd2afdb8f29a1b7eed384b17c8b4ff4cfc220745cef2c083615eee226bccb8f2b7faf5a8948e60edc37a644b70011ff8b608da74a3873b2d8a6ba50dcce8a5ed6fe96c599c6d0b8a431f0b96789e974ea48400b94c2d1fbb7a8908de838cc64d4de93d506dfb450012df4af40d5980aed567e0b94281f8109ae7cb42f8253783a9ccb1cdd07245b31c0a00f13b42eedea9dd6d031f283a277f140f7ccacffc4e76829fede0479d59a542f873524651dbed995a00749e1b06182f073ebc3122ef1b007436d9eeb89d4f82ad366361ae8bb54e795b5c3d0594ccab1d5019f4b9191fd7c84598c866a8f98b2759738a65af53943b466aec83bb055e8f6c6e7755862de6c4c203fa67663702783f5f19459620a99f4de75fc85efedc44cf65adaaead7038406ebc507048b115c44209057f887f204a60ad9f6abc9b7983b930be5115cd91de9723bef58d29e421e123c7fa19ac3de2900827041d096ce0d589d45159c322ff3529687b89a10dd6c628977aedb1547ab6630995b48edba0a6f0e9ce99166dd7acdab5253f6bd4c3891c45d6ce4cf136a7791bc553769b57559215f79051388cff4761a3a63f6c73d8d7aafa8053e4f764f1c37b8b57128ecea00d7046c7532576bd413e01bf6df40bb1c3bf0480efbb1407003a98b1014552d2a1ecf99ba29c063ba96b3555cca24a211c2c604766a6b503a875040039f23f7ed46566519ee1aed0167c774555b623bee2bcfe83459af5527b312a19298e8323cd9b3fe5e075ee0867aadae8bc81939919d6d36834a87c1bf9e47d467395892aa09f12cfc172a2a9a44a43ff880219487798a206fbaca25172b3f00867d3f100f355ccb987bd0c41c015d791bae97c258ea4138a377fee51219e917893248391b7b2fa8d1bedc3ac71e5dd6ac382a0c8e0753f16bda800108d9dcbf9ccb192136b1cc555129afd8821b007543ff2d14f07003fe05cdd5fd133295c36bd44aca53c8fd91428fbd72951d4a97006636456baeac6c4d2f75d864e5aec7e738d865f2a0e5bdfadccc2486241fb38c024f981b08c8ad06bd48e99ee116c764d894f39e603949a4644ab2ed942d933876f16949c833f0bf1962b908087ff77b9318945edd47cf5c6b329e0dc403944fc9fc49e0c88f0177ba649ce61b4758ccdce20df2abbc45fec9e350286898d3fbc0ace3f75a5d8667438217ad564903ce64ee98e90ea770e431bec58c7d624278c5dc5955a555056be562308c7a003abdeb13456d43c245bcaa63c4ed17a4fb73cd53d890130322ad78c9b53073e7146ee8cc36f29f632c0e554dbcf161ab7a01badd56a0d84c8f337a2a3248c4ec96445158cb59060c352df81f6b85cccda5a0d737d44101a413d9edf5ed0bf16537520bd544e25540124ac7fc202bb8db6b141fca9cc25e85b4d064535de0dc5b8868025b71f8950ddc35d6b1bf04d8440c8ea2660fa3476578981bb467e9a54a9ebb2561f1414d34a922168537cde92375d6bb4e35cf4e2655cb0daca2a1b75013a9a5f72768b061492a381d1e339970a322f07ff3d0b9af33af6a191ed778a99b721eb89a294ebf76748230837f75cb9f5f31a0dcc4b9f6dcc99487e5799e1ff5db60f7193308a4b40dcac5e9aa3a288c03d724a5e2da794590446c236234eb0b34cc60fde282400039d7a263fad5b2df94907c54b07cc0d3e6d97a64e7306131f741caec8bfca4e40b033f4633a63d0845db13b0b59b3eb0ad2cde32856ee356d8e910524f71aa75d1b527bd0c69c7126f7d18644c3547acedcac805f9077778362d40004e8fb4d6de7f3dd679e1519f8896174be1fb9313a90bd3c5f2999cb0e1d96cbad7a1d9a708558d4984343d4b05f16acda0edba81d898efea1d7bb10baeaf2141d5b40b2131983132c6c16add15f83d122f305d67067321bc004960d47cb7e41e530a025498fa1d07b3040be112638801625d3e7e90d73b398bfe6d473278c5feba0b895347fc3395aa7c336ebed7aad8e1c2091b6e7167ab04f292f469e5e517509f1f780f7394958bfa07e6cce1af58573f08a743bbef50ba44d980448329666357eda505a49f06e24a73daf6d49b1f92e00210c96d34ccc033e0fbf3582180f477e0fa5a10f0cc49296a57242bc1a065539357ed9a6b5830f37d35fa3cb30a03b06256013a87ba66a582", @typed={0x14, 0x122, 0x0, 0x0, @ipv6=@private0}, @typed={0x8, 0x10, 0x0, 0x0, @u32=0x7}]}, @typed={0xc, 0x123, 0x0, 0x0, @u64}]}, @generic="d90a58cde601d565cdddcc6aa3fcc8c25583297245b4d7973d0df9b022c59bb26343d8fac6abbe023d9e0640355e0034d2aca4a49132b88c8660af242102d45a28332c4b796cc5268b9a5ec5b61042577e3e5ea90f21384e8c5852110520bfd976705ca7e25e8a5ac6dd7bdadeb451f164c86cdb89561b05f0b9e143b1917e3dd99ee920f46511a803ab9cf9dd2d6aaf8aee259d1476cd960ce44acbc6a970c4fdd6f99aeee46de8efec7151b1e4cc13cd723e9cfa7ba2f69b60189d7aff553101c449174d1e18b6c5b148275100a3f8bd0c4c96296c43028aa284f8f626392a21d31e5e06fe98065e0246d46b7fe927a881c18c044e5c139e", @typed={0x14, 0xbe, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0xa}}, @typed={0x8, 0x63, 0x0, 0x0, @u32=0x1}, @typed={0x8, 0x18, 0x0, 0x0, @u32=0x4}, @nested={0x4d, 0xee, 0x0, 0x1, [@typed={0x8, 0x39, 0x0, 0x0, @fd}, @typed={0x8, 0xc0, 0x0, 0x0, @ipv4=@empty}, @generic="48f2adbc26fa866f55146583e697a3ae3793fe641fbf2f7456a75f437954532e62b73821b1", @nested={0x4, 0x4f}, @typed={0x8, 0xc8, 0x0, 0x0, @pid}, @typed={0x8, 0x9e, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}]}]}, 0x11b0}], 0x1, 0x0, 0x0, 0x10004800}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 5.119451206s ago: executing program 5 (id=391): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_DEBUGREGS(r3, 0x4080aea2, &(0x7f0000000100)={[0xeeee8000, 0x4, 0x8000000, 0x8000000], 0x4, 0x48, 0x5}) 4.697997931s ago: executing program 2 (id=450): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_RINGS_SET(r0, 0x0, 0x0) 4.473559628s ago: executing program 5 (id=451): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x2c) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x1b, &(0x7f0000001800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000017000000180100002020690000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000700)={r1, r3, 0x25, 0x0, @val=@perf_event}, 0x18) syz_emit_ethernet(0x36, &(0x7f00000002c0)={@broadcast, @empty, @void, {@ipv6={0x86dd, @generic={0xb, 0x6, '\t\aO', 0x0, 0x29, 0x1, @private2={0xfc, 0x2, '\x00', 0x4}, @mcast2}}}}, 0x0) 4.472868089s ago: executing program 2 (id=453): 4.240683127s ago: executing program 2 (id=455): syz_usb_connect(0x3, 0x1c, 0x0, 0x0) r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000100)={0x1d, r1, 0x2, {0x3}}, 0x18) syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r0) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[], 0x14}}, 0x10) 4.19359178s ago: executing program 5 (id=456): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90924fc60", 0x8c0}], 0x1, 0x0, 0x0, 0x600}, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, "fbddf0", 0x8, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, {[], @echo_request={0x80, 0x0, 0x0, 0x0, 0x9}}}}}}, 0x0) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$sock_linger(r3, 0x1, 0x3d, &(0x7f00000002c0)={0x1}, 0x8) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x800) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r4 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000200), 0x4) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040) r6 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4) ioctl$sock_TIOCOUTQ(r6, 0x5411, &(0x7f0000000040)) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6(0xa, 0x2, 0x0) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r3, 0x0, 0x61, &(0x7f0000000480)={'filter\x00', 0x4}, 0x68) sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0xfffff274}]}}}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x5, 0xb68, 0xfffffffffffffeb9, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0xe}, 0x48) 4.145328492s ago: executing program 0 (id=457): r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x20201) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100)) openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r2 = socket$unix(0x1, 0x5, 0x0) r3 = dup2(r2, r1) close_range(r3, 0xffffffffffffffff, 0x0) 3.943601278s ago: executing program 0 (id=458): syz_emit_ethernet(0x3a, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000800000000000000002c0000000000119078000000000000000000004e21001890780400"], 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000845, 0x0, 0x0) getpeername$inet6(r1, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000400), 0x6001) 3.804207773s ago: executing program 1 (id=459): setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x11, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="043e0a01", @ANYRESOCT], 0xd) 3.614351959s ago: executing program 1 (id=460): sendmsg$netlink(0xffffffffffffffff, &(0x7f0000002700)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000fc0)={0x10, 0x31, 0x100, 0x70bd26, 0x25dfdbfd}, 0x10}], 0x1, 0x0, 0x0, 0x10004800}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 3.526761143s ago: executing program 3 (id=461): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) close(0xffffffffffffffff) setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x65, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3e0, 0x1b0, 0xc8, 0x8, 0x1b0, 0x5803, 0x310, 0x2e8, 0x2e8, 0x310, 0x2e8, 0x3, 0x0, {[{{@ipv6={@loopback, @mcast1, [], [], 'erspan0\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1b0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e67442c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1}}, @common=@inet=@socket1={{0x28}, 0xa490f54eab606508}]}, @unspec=@TRACE={0x20}}, {{@ipv6={@remote, @mcast2, [], [], 'macvtap0\x00', 'syzkaller1\x00'}, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x440) 2.688343191s ago: executing program 0 (id=462): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0) r1 = socket(0x1d, 0x2, 0x6) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0) r5 = socket(0x22, 0x2, 0x4) bind$isdn_base(r5, 0x0, 0x0) sendmsg$NFT_BATCH(r4, 0x0, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETRULE(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000190a0102"], 0x14}}, 0x0) r7 = socket(0x1d, 0x2, 0x6) setsockopt$ALG_SET_KEY(r7, 0x6a, 0x1, 0x0, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000010900010073797a310000000054000000030a01040000000000000000010000000900030073797a31000000000900010073797a3100000040000000000000004000000005080002401b2fd2c5140003006970366772653000000000000000000028000000000a05000000000000000000010000080900010073797a3100000000080002400000000114000000110001"], 0xc4}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000440)={'wlan0\x00'}) syz_genetlink_get_family_id$nl80211(0x0, r2) sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r2, 0x0, 0x40000) ppoll(0x0, 0x0, 0x0, &(0x7f00000000c0)={[0x8d]}, 0x8) 2.260821377s ago: executing program 5 (id=463): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000000080)={@val={0x8, 0x800}, @val={0x6, 0x0, 0x6, 0x0, 0x14}, @ipv4=@tipc={{0x5, 0x4, 0x3, 0x4, 0x3c, 0x66, 0x0, 0x7, 0x6, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x1a}}, @name_distributor={{0x28, 0x0, 0x0, 0x0, 0x1, 0xa, 0xb, 0x2, 0xc, 0x0, 0x1, 0xb2b, 0x4, 0x1, 0x4e20, 0x4e20, 0x3, 0x0, 0x0, 0x0, 0x1}}}}, 0x4a) 1.865156755s ago: executing program 1 (id=464): r0 = socket$inet_sctp(0x2, 0x1, 0x84) close(0x3) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}], 0x10) sendmsg$inet_sctp(r1, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x2a000}], 0x1, 0x0, 0x0, 0x804c040}, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, 0x0}, 0x0) sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0) 1.825071584s ago: executing program 3 (id=465): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_RINGS_SET(r0, 0x0, 0x0) 1.768900732s ago: executing program 1 (id=466): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x2c) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x1b, &(0x7f0000001800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000017000000180100002020690000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000700)={r1, r3, 0x25, 0x0, @val=@perf_event}, 0x18) syz_emit_ethernet(0x36, &(0x7f00000002c0)={@broadcast, @empty, @void, {@ipv6={0x86dd, @generic={0xb, 0x6, '\t\aO', 0x0, 0x29, 0x1, @private2={0xfc, 0x2, '\x00', 0x4}, @mcast2}}}}, 0x0) 1.629020776s ago: executing program 3 (id=467): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000000240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}]}}) read$FUSE(r0, &(0x7f00000093c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40) 1.590447798s ago: executing program 0 (id=468): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r0, &(0x7f0000000540)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x3, @loopback, 0x3}, 0x1c, &(0x7f00000004c0)=[{&(0x7f0000000240)="dc", 0x1}], 0x1}}], 0x1, 0x3404c891) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000680)={0x0, 0xf7}, 0x8) 1.569621864s ago: executing program 1 (id=469): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100)) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0x0, 0x1000000, 0x0}) r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) read$FUSE(r5, &(0x7f0000000480)={0x2020}, 0x2020) 1.449152218s ago: executing program 3 (id=470): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) recvmmsg(r0, &(0x7f0000000e40)=[{{0x0, 0x0, 0x0}, 0x10004}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000000)=""/203, 0xcb}, {&(0x7f0000000340)=""/250, 0xfa}, {&(0x7f0000001b40)=""/4109, 0x100d}, {&(0x7f00000006c0)=""/215, 0xd7}], 0x4}, 0xe9}, {{0x0, 0x0, 0x0}, 0x40}, {{0x0, 0x0, 0x0}, 0x9}, {{0x0, 0x0, 0x0}, 0xb0}, {{0x0, 0x0, 0x0}, 0xa}], 0x7, 0x20, 0x0) 1.448951444s ago: executing program 5 (id=471): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x84, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x2e, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x3c, 0x4, {0x1, 0x2, 0x8, 0x40}}, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @beacon=[@NL80211_ATTR_FTM_RESPONDER={0x18, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_LCI={0xe, 0x2, "6360d4f7c0179cf792ce"}]}, @NL80211_ATTR_PROBE_RESP={0x4}, @NL80211_ATTR_IE_ASSOC_RESP={0x4}]]}, 0x84}}, 0x0) 1.22773264s ago: executing program 0 (id=472): syz_emit_ethernet(0x3a, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000800000000000000002c0000000000119078000000000000000000004e21001890780400"], 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000845, 0x0, 0x0) getpeername$inet6(r1, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000400), 0x6001) 1.146469259s ago: executing program 5 (id=473): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90924fc60", 0x8c0}], 0x1, 0x0, 0x0, 0x600}, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, "fbddf0", 0x8, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, {[], @echo_request={0x80, 0x0, 0x0, 0x0, 0x9}}}}}}, 0x0) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$sock_linger(r3, 0x1, 0x3d, &(0x7f00000002c0)={0x1}, 0x8) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x800) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r4 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000200), 0x4) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040) r6 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4) ioctl$sock_TIOCOUTQ(r6, 0x5411, &(0x7f0000000040)) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6(0xa, 0x2, 0x0) sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0xfffff274}]}}}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x5, 0xb68, 0xfffffffffffffeb9, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0xe}, 0x48) 1.146234254s ago: executing program 3 (id=474): r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x1, 0x0, 0x34524742, 0x4, 0x4, [{0xff}, {0xffffffff, 0x3000000}, {0x0, 0x1}, {0xd, 0x76dfbff1}, {0xfffffffe, 0x2}, {0xfffffffd, 0x1}, {0x0, 0x10}, {0x0, 0x6}], 0x0, 0x20, 0x0, 0x0, 0x1}}) 841.23021ms ago: executing program 3 (id=475): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r3, 0x0) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 837.421627ms ago: executing program 2 (id=476): r0 = socket$inet_sctp(0x2, 0x1, 0x84) close(0x3) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000080)={0x26, 0x54, 0xa, 0x3, 0x0, 0x85, 0x6, 0x21, 0x85, 0x0, 0x81, 0x4c, 0x2, 0xff}, 0xe) sendmsg$inet_sctp(r1, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x2a000}], 0x1, 0x0, 0x0, 0x804c040}, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, 0x0}, 0x0) sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0) 495.247µs ago: executing program 0 (id=477): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$802154_dgram(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x24, @short={0x2, 0xffff, 0xaaa1}}, 0x14, &(0x7f0000000100)={0x0}, 0x7}, 0x0) recvmmsg(r0, &(0x7f0000000080), 0x1, 0x8161, 0x0) 0s ago: executing program 1 (id=478): socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = fsopen(0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fchdir(0xffffffffffffffff) r1 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$inet6(r1, 0x0, 0x0) r2 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) write$binfmt_script(r2, &(0x7f0000000400)={'#! ', '', [{0x20, '\t\t\xf2`:y\xd4H\xfa\xee=d\xd7T\x0f7\x93`\xc6\xd04\xa3\xacQT\x8cj\x83\xa8\xb1\x88H\xe3\x16\xeb\x16\xaa\x91Pn\xcd\xde}$\xad`\xd6(\xa8\xaa\xc67?anM_\xa0\xcf\x82\x84\xf8\xb0\x8amlKL!\xd7\xaaK\xces\x04\x1e*p\x9e\xf2\x16\x01`\x00\x00\x00B\x1d\xc7\xd8\xb5\x81\x15\x0f[D8\x88@A$\x88\xa5O&\xae\xe3\b\xa8\xd4\x9b\xabo\xf4\xd1\f\"e\xcdzA\xf49\xc1\xc8\f\x8c\xb1)*O\xe3\xc3L\xd6J\ta\xf5\xc6\xee\xa2\xd4\xde\xe5\x1b\x1e'}]}, 0x98) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) close(r2) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.19' (ED25519) to the list of known hosts. [ 88.911938][ T5822] cgroup: Unknown subsys name 'net' [ 89.068899][ T5822] cgroup: Unknown subsys name 'cpuset' [ 89.078299][ T5822] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 90.743161][ T5822] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 93.483628][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 93.492155][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 93.504173][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 93.512560][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 93.520657][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 93.586351][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 93.596500][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 93.605174][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 93.634115][ T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 93.645085][ T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 93.729701][ T5845] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 93.729967][ T5155] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 93.745869][ T5845] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 93.746274][ T5155] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 93.760642][ T5845] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 93.769367][ T5845] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 93.770441][ T5155] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 93.778049][ T5845] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 93.785528][ T5155] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 93.791992][ T5845] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 93.815104][ T5845] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 93.826304][ T5845] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 93.837351][ T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 93.863507][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 93.872056][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 94.343350][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 94.446299][ T5841] chnl_net:caif_netlink_parms(): no params data found [ 94.701115][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.709114][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.719661][ T5833] bridge_slave_0: entered allmulticast mode [ 94.728210][ T5833] bridge_slave_0: entered promiscuous mode [ 94.749270][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.756635][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.764385][ T5833] bridge_slave_1: entered allmulticast mode [ 94.772349][ T5833] bridge_slave_1: entered promiscuous mode [ 94.835185][ T5843] chnl_net:caif_netlink_parms(): no params data found [ 94.860312][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 94.926123][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.933435][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.941516][ T5841] bridge_slave_0: entered allmulticast mode [ 94.949619][ T5841] bridge_slave_0: entered promiscuous mode [ 94.970691][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.990431][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.000010][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.007755][ T5841] bridge_slave_1: entered allmulticast mode [ 95.016202][ T5841] bridge_slave_1: entered promiscuous mode [ 95.044488][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.112609][ T5847] chnl_net:caif_netlink_parms(): no params data found [ 95.193814][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.222618][ T5833] team0: Port device team_slave_0 added [ 95.255032][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.281876][ T5833] team0: Port device team_slave_1 added [ 95.303021][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.310318][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.317633][ T5837] bridge_slave_0: entered allmulticast mode [ 95.325624][ T5837] bridge_slave_0: entered promiscuous mode [ 95.351125][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.358761][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.366771][ T5843] bridge_slave_0: entered allmulticast mode [ 95.374360][ T5843] bridge_slave_0: entered promiscuous mode [ 95.411440][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.419366][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.427353][ T5837] bridge_slave_1: entered allmulticast mode [ 95.435781][ T5837] bridge_slave_1: entered promiscuous mode [ 95.476917][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.484386][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.491753][ T5843] bridge_slave_1: entered allmulticast mode [ 95.499977][ T5843] bridge_slave_1: entered promiscuous mode [ 95.537743][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.544953][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.571011][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.595818][ T5155] Bluetooth: hci0: command tx timeout [ 95.614214][ T5841] team0: Port device team_slave_0 added [ 95.623105][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.648393][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.655708][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.682310][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.731194][ T5841] team0: Port device team_slave_1 added [ 95.740441][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.754145][ T5155] Bluetooth: hci1: command tx timeout [ 95.772506][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.787961][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.799212][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.806572][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.814388][ T5847] bridge_slave_0: entered allmulticast mode [ 95.821700][ T5847] bridge_slave_0: entered promiscuous mode [ 95.838461][ T5155] Bluetooth: hci2: command tx timeout [ 95.898860][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.906733][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.914335][ T5155] Bluetooth: hci4: command tx timeout [ 95.914387][ T51] Bluetooth: hci3: command tx timeout [ 95.920296][ T5847] bridge_slave_1: entered allmulticast mode [ 95.932751][ T5847] bridge_slave_1: entered promiscuous mode [ 95.957421][ T5837] team0: Port device team_slave_0 added [ 95.964271][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.971256][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.997398][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.028476][ T5843] team0: Port device team_slave_0 added [ 96.038096][ T5843] team0: Port device team_slave_1 added [ 96.060300][ T5837] team0: Port device team_slave_1 added [ 96.068001][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.075419][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.102301][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.119714][ T5833] hsr_slave_0: entered promiscuous mode [ 96.129618][ T5833] hsr_slave_1: entered promiscuous mode [ 96.202288][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.209631][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.235827][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.249393][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.256572][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.282680][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.297201][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.374347][ T5841] hsr_slave_0: entered promiscuous mode [ 96.381057][ T5841] hsr_slave_1: entered promiscuous mode [ 96.387774][ T5841] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.396547][ T5841] Cannot create hsr debugfs directory [ 96.405482][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.430351][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.437581][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.464505][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.477758][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.485122][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.511536][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.609537][ T5847] team0: Port device team_slave_0 added [ 96.668171][ T5847] team0: Port device team_slave_1 added [ 96.715329][ T5843] hsr_slave_0: entered promiscuous mode [ 96.721868][ T5843] hsr_slave_1: entered promiscuous mode [ 96.728902][ T5843] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.736825][ T5843] Cannot create hsr debugfs directory [ 96.770505][ T5837] hsr_slave_0: entered promiscuous mode [ 96.779714][ T5837] hsr_slave_1: entered promiscuous mode [ 96.786159][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.793842][ T5837] Cannot create hsr debugfs directory [ 96.837332][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.844641][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.871572][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.936639][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.943643][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.970780][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.279084][ T1209] cfg80211: failed to load regulatory.db [ 97.298655][ T5847] hsr_slave_0: entered promiscuous mode [ 97.306059][ T5847] hsr_slave_1: entered promiscuous mode [ 97.312439][ T5847] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 97.320699][ T5847] Cannot create hsr debugfs directory [ 97.420282][ T5833] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 97.437324][ T5833] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 97.487234][ T5833] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 97.499382][ T5833] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 97.629486][ T5841] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 97.649072][ T5841] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 97.670002][ T5841] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 97.677017][ T51] Bluetooth: hci0: command tx timeout [ 97.688959][ T5841] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 97.834565][ T51] Bluetooth: hci1: command tx timeout [ 97.880609][ T5843] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 97.901880][ T5843] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 97.914727][ T51] Bluetooth: hci2: command tx timeout [ 97.941805][ T5843] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 97.953163][ T5843] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.994589][ T51] Bluetooth: hci4: command tx timeout [ 97.995017][ T5155] Bluetooth: hci3: command tx timeout [ 98.054919][ T5837] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 98.066348][ T5837] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 98.108125][ T5837] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 98.147299][ T5837] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 98.189146][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.217659][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.243609][ T5847] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 98.276526][ T5847] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 98.290310][ T5847] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 98.303331][ T5847] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 98.352158][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.391663][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.399018][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.420191][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.469447][ T4548] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.476702][ T4548] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.491845][ T4548] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.499033][ T4548] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.515910][ T134] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.523121][ T134] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.659119][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.682746][ T5833] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 98.761354][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.778503][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.803216][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.810449][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.870706][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.878002][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.979447][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.998334][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.068345][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.083684][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.091284][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.141883][ T4548] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.149139][ T4548] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.163472][ T4548] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.170765][ T4548] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.208935][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.252064][ T3513] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.259323][ T3513] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.310621][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.716762][ T5833] veth0_vlan: entered promiscuous mode [ 99.754557][ T5155] Bluetooth: hci0: command tx timeout [ 99.808767][ T5833] veth1_vlan: entered promiscuous mode [ 99.840144][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.922039][ T5155] Bluetooth: hci1: command tx timeout [ 99.994230][ T5155] Bluetooth: hci2: command tx timeout [ 99.997169][ T5833] veth0_macvtap: entered promiscuous mode [ 100.061584][ T5833] veth1_macvtap: entered promiscuous mode [ 100.076027][ T5155] Bluetooth: hci3: command tx timeout [ 100.084526][ T5155] Bluetooth: hci4: command tx timeout [ 100.100758][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.139135][ T5837] veth0_vlan: entered promiscuous mode [ 100.174751][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.209495][ T5837] veth1_vlan: entered promiscuous mode [ 100.230156][ T5841] veth0_vlan: entered promiscuous mode [ 100.251949][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.263659][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.300932][ T5833] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.310936][ T5833] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.320627][ T5833] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.330567][ T5833] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.349549][ T5841] veth1_vlan: entered promiscuous mode [ 100.360465][ T5847] veth0_vlan: entered promiscuous mode [ 100.417893][ T5847] veth1_vlan: entered promiscuous mode [ 100.451576][ T5837] veth0_macvtap: entered promiscuous mode [ 100.511346][ T5841] veth0_macvtap: entered promiscuous mode [ 100.527156][ T5837] veth1_macvtap: entered promiscuous mode [ 100.572109][ T5841] veth1_macvtap: entered promiscuous mode [ 100.597276][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.602696][ T5843] veth0_vlan: entered promiscuous mode [ 100.613505][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.649076][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.706504][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.722209][ T5843] veth1_vlan: entered promiscuous mode [ 100.731785][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.740127][ T5847] veth0_macvtap: entered promiscuous mode [ 100.752123][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.752558][ T5847] veth1_macvtap: entered promiscuous mode [ 100.769145][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.783562][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.820244][ T5841] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.830173][ T5841] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.841864][ T5841] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.850734][ T5841] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.870471][ T5837] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.881107][ T5837] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.891066][ T5837] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.900277][ T5837] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.933124][ T5833] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 100.943843][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.962133][ T5843] veth0_macvtap: entered promiscuous mode [ 100.998401][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.021924][ T5843] veth1_macvtap: entered promiscuous mode [ 101.049134][ T5847] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.073650][ T5847] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.082937][ T5847] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.093930][ T5847] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.185958][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.208368][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.251388][ T5843] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.262641][ T5843] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.272002][ T5843] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.282060][ T5843] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.338839][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.362889][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.456487][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.487808][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.634028][ T4548] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.644427][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 101.679728][ T4548] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.779606][ T4548] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.834141][ T5155] Bluetooth: hci0: command tx timeout [ 101.850120][ T4548] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.869240][ T4548] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.893456][ T4548] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.904627][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 101.994853][ T5155] Bluetooth: hci1: command tx timeout [ 102.040208][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.057846][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.076043][ T5155] Bluetooth: hci2: command tx timeout [ 102.155886][ T5155] Bluetooth: hci4: command tx timeout [ 102.155905][ T51] Bluetooth: hci3: command tx timeout [ 102.194999][ T5965] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 102.235661][ T4548] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.794622][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 102.924239][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 102.994064][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 103.078696][ T4548] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.224257][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.232949][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.241588][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.355081][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 103.363363][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 104.004088][ T5967] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8'. [ 104.057793][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.067081][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.179980][ T5994] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 105.405099][ T5997] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14'. [ 107.214577][ T926] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 107.446997][ T926] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 107.458264][ T6026] netlink: 772 bytes leftover after parsing attributes in process `syz.1.24'. [ 107.502707][ T926] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 107.526130][ T926] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 107.556599][ T926] usb 3-1: Product: syz [ 107.573516][ T926] usb 3-1: Manufacturer: syz [ 107.601376][ T926] usb 3-1: SerialNumber: syz [ 107.933091][ T926] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 108.678838][ T926] usb 3-1: USB disconnect, device number 2 [ 108.766434][ T926] usblp0: removed [ 110.054835][ T6054] netlink: 772 bytes leftover after parsing attributes in process `syz.2.35'. [ 112.032933][ T6081] process 'syz.3.41' launched './file0' with NULL argv: empty string added [ 113.614904][ T5155] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 113.626739][ T5155] Bluetooth: hci4: Injecting HCI hardware error event [ 113.636726][ T51] Bluetooth: hci4: hardware error 0x00 [ 115.820263][ T6117] vlan1: entered promiscuous mode [ 115.825665][ T6117] vlan1: entered allmulticast mode [ 115.830825][ T6117] veth0_vlan: entered allmulticast mode [ 116.154135][ T51] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 116.309898][ T6110] syz.4.47 (6110) used greatest stack depth: 17992 bytes left [ 116.951073][ T6123] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 120.157871][ T6172] input: syz0 as /devices/virtual/input/input5 [ 120.309749][ T6173] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.72' sets config #768 [ 120.312785][ T6176] netlink: 4 bytes leftover after parsing attributes in process `syz.0.73'. [ 122.394036][ T926] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 122.695626][ T926] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 122.709848][ T926] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.749072][ T926] usb 3-1: config 0 descriptor?? [ 123.542374][ T6212] netlink: 8 bytes leftover after parsing attributes in process `syz.4.80'. [ 124.189062][ T926] usb 3-1: Cannot set autoneg [ 124.454414][ T926] MOSCHIP usb-ethernet driver 3-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -61 [ 124.853188][ T6225] netlink: 8 bytes leftover after parsing attributes in process `syz.3.85'. [ 124.870214][ T6212] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 125.107099][ T6219] No memory to map [ 125.444437][ T5963] usb 3-1: USB disconnect, device number 3 [ 129.458327][ T6237] Zero length message leads to an empty skb [ 129.927820][ T6254] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer. [ 131.217062][ T6264] 9pnet_virtio: no channels available for device syz [ 132.447162][ T1209] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 132.515575][ T6273] netlink: 8 bytes leftover after parsing attributes in process `syz.0.99'. [ 132.666832][ T1209] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 132.676588][ T1209] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.765920][ T1209] usb 2-1: config 0 descriptor?? [ 135.823454][ T1209] usb 2-1: Cannot set autoneg [ 135.828534][ T1209] MOSCHIP usb-ethernet driver 2-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -32 [ 136.070486][ T1209] usb 2-1: USB disconnect, device number 2 [ 136.475873][ T6301] fuse: Bad value for 'fd' [ 136.956849][ T6307] Driver unsupported XDP return value 0 on prog (id 20) dev N/A, expect packet loss! [ 138.376029][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.382865][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 140.674168][ T1209] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 140.994054][ T1209] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 141.154049][ T1209] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.298874][ T1209] usb 5-1: config 0 descriptor?? [ 141.518467][ T6398] fuse: Bad value for 'fd' [ 143.638043][ T1209] usb 5-1: Cannot set autoneg [ 143.769714][ T1209] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -32 [ 145.026236][ T1209] usb 5-1: USB disconnect, device number 2 [ 148.554826][ T6461] fuse: Bad value for 'fd' [ 152.552782][ T6481] can0: slcan on pty28. [ 153.356656][ T6478] can0 (unregistered): slcan off pty28. [ 154.796746][ T6501] evm: overlay not supported [ 155.066873][ T1209] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 155.267433][ T1209] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 155.315803][ T1209] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 155.374971][ T1209] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 155.423933][ T1209] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 155.469866][ T6504] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 155.540563][ T1209] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 155.894581][ T1209] usb 3-1: USB disconnect, device number 4 [ 156.098868][ T5886] udevd[5886]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 158.150867][ T6577] netlink: 8 bytes leftover after parsing attributes in process `syz.4.175'. [ 160.005915][ T5899] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 160.184041][ T5899] usb 5-1: Using ep0 maxpacket: 8 [ 160.199580][ T5899] usb 5-1: config 32 has an invalid interface number: 32 but max is 0 [ 160.218263][ T5899] usb 5-1: config 32 has an invalid descriptor of length 0, skipping remainder of the config [ 160.256210][ T5899] usb 5-1: config 32 has no interface number 0 [ 160.263036][ T5899] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 160.272767][ T5899] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.315581][ T5899] hub 5-1:32.32: bad descriptor, ignoring hub [ 160.328086][ T5899] hub 5-1:32.32: probe with driver hub failed with error -5 [ 160.356464][ T6615] netlink: 12 bytes leftover after parsing attributes in process `syz.1.190'. [ 160.464633][ T6617] netlink: 28 bytes leftover after parsing attributes in process `syz.1.191'. [ 160.539924][ T6597] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 160.551671][ T6619] netlink: 8 bytes leftover after parsing attributes in process `syz.3.192'. [ 160.584489][ T6597] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 160.735922][ T5899] usb 5-1: USB disconnect, device number 3 [ 161.190016][ T6641] netlink: 8 bytes leftover after parsing attributes in process `syz.2.201'. [ 163.614123][ T5963] IPVS: starting estimator thread 0... [ 163.754231][ T6688] IPVS: using max 29 ests per chain, 69600 per kthread [ 163.954320][ T6692] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 164.068598][ T6701] netlink: 'syz.4.223': attribute type 10 has an invalid length. [ 164.118026][ T6701] bridge0: port 2(bridge_slave_1) entered disabled state [ 164.157159][ T6701] bridge_slave_1: left allmulticast mode [ 164.173384][ T6701] bridge_slave_1: left promiscuous mode [ 164.181809][ T6701] bridge0: port 2(bridge_slave_1) entered disabled state [ 164.200316][ T6701] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 164.245466][ T6705] batman_adv: batadv0: Adding interface: dummy0 [ 164.293935][ T6705] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 164.328367][ T6705] batman_adv: batadv0: Interface activated: dummy0 [ 164.676256][ T6719] syzkaller0: entered promiscuous mode [ 164.696881][ T6719] syzkaller0: entered allmulticast mode [ 164.726084][ T6719] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 166.092181][ T6776] netlink: 8 bytes leftover after parsing attributes in process `syz.1.254'. [ 166.117874][ T6776] netlink: 8 bytes leftover after parsing attributes in process `syz.1.254'. [ 168.498507][ T6786] netlink: 'syz.3.258': attribute type 10 has an invalid length. [ 168.518374][ T6786] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.526837][ T6786] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.616433][ T6786] bridge0: port 2(bridge_slave_1) entered blocking state [ 168.623723][ T6786] bridge0: port 2(bridge_slave_1) entered forwarding state [ 168.631489][ T6786] bridge0: port 1(bridge_slave_0) entered blocking state [ 168.638757][ T6786] bridge0: port 1(bridge_slave_0) entered forwarding state [ 168.708297][ T6786] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 168.794227][ T6783] tipc: Started in network mode [ 168.814798][ T6783] tipc: Node identity 52e7aaafb58d, cluster identity 4711 [ 168.844796][ T6783] tipc: Enabled bearer , priority 0 [ 168.873095][ T6795] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 168.899280][ T6791] syzkaller0: entered promiscuous mode [ 168.937005][ T6791] syzkaller0: entered allmulticast mode [ 169.464584][ T30] audit: type=1326 audit(1754532519.556:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6793 comm="syz.4.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f923578ebe9 code=0x7ffc0000 [ 169.620827][ T6795] tipc: Resetting bearer [ 169.704763][ T30] audit: type=1326 audit(1754532519.566:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6793 comm="syz.4.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f923578ebe9 code=0x7ffc0000 [ 169.743010][ T30] audit: type=1326 audit(1754532519.566:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6793 comm="syz.4.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f923578ebe9 code=0x7ffc0000 [ 169.781889][ T6779] tipc: Resetting bearer [ 169.784805][ T30] audit: type=1326 audit(1754532519.566:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6793 comm="syz.4.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f923578ebe9 code=0x7ffc0000 [ 169.857855][ T6779] tipc: Disabling bearer [ 169.907822][ T30] audit: type=1326 audit(1754532519.896:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6793 comm="syz.4.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f923578ebe9 code=0x7ffc0000 [ 169.973577][ T6811] syz_tun: entered allmulticast mode [ 170.004098][ T5963] tipc: Node number set to 3882527407 [ 170.009230][ T30] audit: type=1326 audit(1754532519.906:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6793 comm="syz.4.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f923578ebe9 code=0x7ffc0000 [ 170.064633][ T6811] netlink: 12 bytes leftover after parsing attributes in process `syz.2.267'. [ 170.298943][ T6826] netlink: 16 bytes leftover after parsing attributes in process `syz.3.272'. [ 170.564836][ T6832] netlink: 8 bytes leftover after parsing attributes in process `syz.0.276'. [ 170.571082][ T6836] batman_adv: batadv0: Adding interface: dummy0 [ 170.601052][ T6836] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 170.647425][ T6836] batman_adv: batadv0: Interface activated: dummy0 [ 170.667523][ T6838] batadv0: mtu less than device minimum [ 170.685844][ T6838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 170.698209][ T6838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 170.709949][ T6838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 170.721959][ T6838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 170.734032][ T6838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 170.745660][ T6838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 170.757216][ T6838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 170.768604][ T6838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 170.779990][ T6838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 170.856298][ T6832] team0: No ports can be present during mode change [ 170.876223][ T6842] vlan0: entered promiscuous mode [ 170.941128][ T6842] team0: Port device vlan0 added [ 170.957190][ T6832] tipc: Enabled bearer , priority 10 [ 173.028637][ T5950] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 173.264371][ T5950] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 173.326279][ T5950] usb 4-1: New USB device found, idVendor=0421, idProduct=0007, bcdDevice=b8.51 [ 173.342307][ T5950] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 173.370381][ T5950] usb 4-1: Product: syz [ 173.375652][ T5950] usb 4-1: Manufacturer: syz [ 173.380449][ T5950] usb 4-1: SerialNumber: syz [ 173.420651][ T5950] usb 4-1: config 0 descriptor?? [ 173.438417][ T5950] usb 4-1: bad CDC descriptors [ 173.641790][ T5963] usb 4-1: USB disconnect, device number 2 [ 173.811927][ T6887] netlink: 8 bytes leftover after parsing attributes in process `syz.4.298'. [ 176.082682][ T6896] syzkaller1: entered promiscuous mode [ 176.105686][ T6896] syzkaller1: entered allmulticast mode [ 176.774856][ T6920] netlink: 8 bytes leftover after parsing attributes in process `syz.1.311'. [ 177.356885][ T6940] tipc: Started in network mode [ 177.362039][ T6940] tipc: Node identity fa45e23cae3e, cluster identity 4711 [ 177.369669][ T6940] tipc: Enabled bearer , priority 0 [ 177.750730][ T6940] syzkaller0: entered promiscuous mode [ 177.829390][ T6940] syzkaller0: entered allmulticast mode [ 177.863212][ T6940] tipc: Resetting bearer [ 178.203628][ T36] tipc: Resetting bearer [ 178.328880][ T6939] tipc: Resetting bearer [ 178.504945][ T926] tipc: Node number set to 1417404988 [ 180.965269][ T6939] tipc: Disabling bearer [ 183.884698][ T5899] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 184.046571][ T5899] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 184.061336][ T5899] usb 3-1: New USB device found, idVendor=0421, idProduct=0007, bcdDevice=b8.51 [ 184.071092][ T5899] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 184.183962][ T5899] usb 3-1: Product: syz [ 184.188233][ T5899] usb 3-1: Manufacturer: syz [ 184.192879][ T5899] usb 3-1: SerialNumber: syz [ 184.207964][ T5899] usb 3-1: config 0 descriptor?? [ 184.225947][ T5899] usb 3-1: bad CDC descriptors [ 184.429988][ T24] usb 3-1: USB disconnect, device number 5 [ 184.531457][ T7039] kvm: pic: single mode not supported [ 185.592841][ T7047] syz.3.355 uses obsolete (PF_INET,SOCK_PACKET) [ 185.683565][ T7049] netlink: 'syz.2.357': attribute type 72 has an invalid length. [ 185.691504][ T7049] netlink: 'syz.2.357': attribute type 8 has an invalid length. [ 185.790773][ T7053] input: syz1 as /devices/virtual/input/input6 [ 187.016392][ T7070] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 187.296167][ T7076] ======================================================= [ 187.296167][ T7076] WARNING: The mand mount option has been deprecated and [ 187.296167][ T7076] and is ignored by this kernel. Remove the mand [ 187.296167][ T7076] option from the mount to silence this warning. [ 187.296167][ T7076] ======================================================= [ 187.331205][ T7078] netlink: 8 bytes leftover after parsing attributes in process `syz.3.368'. [ 188.030514][ T7083] netlink: 'syz.1.369': attribute type 72 has an invalid length. [ 188.082608][ T7083] netlink: 'syz.1.369': attribute type 8 has an invalid length. [ 188.303947][ T5963] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 189.384188][ T5963] usb 1-1: Using ep0 maxpacket: 16 [ 189.447406][ T5963] usb 1-1: config 0 has an invalid interface number: 105 but max is 0 [ 189.496636][ T5963] usb 1-1: config 0 has no interface number 0 [ 189.568464][ T5963] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 189.600641][ T5963] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 189.619274][ T5963] usb 1-1: Product: syz [ 189.625447][ T5963] usb 1-1: Manufacturer: syz [ 189.633321][ T5963] usb 1-1: SerialNumber: syz [ 189.647419][ T5963] usb 1-1: config 0 descriptor?? [ 189.735853][ T5963] usb 1-1: Found UVC 0.00 device syz (046d:08f3) [ 189.742330][ T5963] usb 1-1: No valid video chain found. [ 192.162093][ T5963] usb 1-1: USB disconnect, device number 2 [ 192.472808][ T6188] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.603242][ T6188] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.737530][ T6188] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.946490][ T6188] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.960991][ T7119] netlink: 24 bytes leftover after parsing attributes in process `syz.3.382'. [ 192.999885][ T7119] netlink: 8 bytes leftover after parsing attributes in process `syz.3.382'. [ 193.314304][ T7123] netlink: 892 bytes leftover after parsing attributes in process `syz.3.384'. [ 193.402104][ T6188] bridge_slave_0: left allmulticast mode [ 193.445068][ T6188] bridge_slave_0: left promiscuous mode [ 193.453271][ T6188] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.914276][ T24] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 196.956154][ T6188] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 197.029091][ T6188] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 197.065053][ T6188] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface [ 197.070423][ T24] usb 2-1: Using ep0 maxpacket: 16 [ 197.085003][ T6188] bond0 (unregistering): Released all slaves [ 197.087541][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.122607][ T24] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 197.175631][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.216544][ T24] usb 2-1: config 0 descriptor?? [ 197.275260][ T7163] team0: Port device vlan0 removed [ 197.424179][ T7166] netlink: 892 bytes leftover after parsing attributes in process `syz.3.396'. [ 197.555329][ T5155] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 197.573653][ T5155] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 197.582625][ T5155] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 197.600952][ T5155] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 197.614211][ T5155] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 197.680392][ T24] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 197.716968][ T24] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 197.776046][ T24] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 197.806044][ T24] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 197.838924][ T24] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 197.862727][ T24] mcp2221 0003:04D8:00DD.0001: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 198.272763][ T7187] netlink: 24 bytes leftover after parsing attributes in process `syz.2.394'. [ 198.353508][ T7188] netlink: 8 bytes leftover after parsing attributes in process `syz.2.394'. [ 198.383384][ T6188] hsr_slave_0: left promiscuous mode [ 198.396459][ T6188] hsr_slave_1: left promiscuous mode [ 198.409432][ T6188] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 198.418209][ T6188] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 198.432382][ T6188] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 198.444835][ T6188] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 198.500026][ T6188] veth1_macvtap: left promiscuous mode [ 198.518002][ T6188] veth0_macvtap: left promiscuous mode [ 198.532704][ T6188] veth1_vlan: left promiscuous mode [ 198.550604][ T24] usb 2-1: USB disconnect, device number 3 [ 200.370816][ T51] Bluetooth: hci2: command tx timeout [ 200.372207][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 200.383280][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 201.477687][ T6188] team0 (unregistering): Port device team_slave_1 removed [ 201.576869][ T6188] team0 (unregistering): Port device team_slave_0 removed [ 202.413987][ T51] Bluetooth: hci2: command tx timeout [ 202.434034][ T1209] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 202.603936][ T1209] usb 1-1: Using ep0 maxpacket: 32 [ 202.617730][ T1209] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 66, changing to 10 [ 202.636883][ T1209] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1786, setting to 1024 [ 202.673516][ T1209] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 202.696958][ T1209] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 202.719388][ T1209] usb 1-1: Product: syz [ 202.732098][ T1209] usb 1-1: Manufacturer: syz [ 202.761791][ T7227] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 202.846199][ T1209] hub 1-1:4.0: USB hub found [ 203.220034][ T1209] hub 1-1:4.0: 2 ports detected [ 203.315390][ T7168] chnl_net:caif_netlink_parms(): no params data found [ 203.539265][ T1209] hub 1-1:4.0: set hub depth failed [ 203.566834][ T1209] usb 1-1: USB disconnect, device number 3 [ 203.906490][ T7168] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.918683][ T6188] IPVS: stop unused estimator thread 0... [ 203.938053][ T7168] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.962578][ T7168] bridge_slave_0: entered allmulticast mode [ 203.990229][ T7168] bridge_slave_0: entered promiscuous mode [ 204.079378][ T7168] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.109770][ T7168] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.142857][ T7168] bridge_slave_1: entered allmulticast mode [ 204.178242][ T7168] bridge_slave_1: entered promiscuous mode [ 204.242725][ T7271] netlink: 24 bytes leftover after parsing attributes in process `syz.0.416'. [ 204.274886][ T7271] netlink: 8 bytes leftover after parsing attributes in process `syz.0.416'. [ 204.477240][ T51] Bluetooth: hci2: command tx timeout [ 204.490387][ T7168] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 204.541359][ T7168] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 204.657449][ T7168] team0: Port device team_slave_0 added [ 204.879128][ T7168] team0: Port device team_slave_1 added [ 204.976281][ T7168] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 204.999095][ T7168] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.072897][ T7168] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 205.115104][ T7168] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 205.135626][ T7168] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.165055][ T7168] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 205.464706][ T7168] hsr_slave_0: entered promiscuous mode [ 205.472635][ T7168] hsr_slave_1: entered promiscuous mode [ 205.486024][ T7168] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 205.500970][ T7168] Cannot create hsr debugfs directory [ 205.784012][ T5899] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 205.836457][ T7315] netlink: 12 bytes leftover after parsing attributes in process `syz.0.430'. [ 205.908268][ T7318] netlink: 8 bytes leftover after parsing attributes in process `syz.0.430'. [ 205.944686][ T5899] usb 3-1: Using ep0 maxpacket: 32 [ 205.971600][ T5899] usb 3-1: config 0 has an invalid interface number: 85 but max is 0 [ 205.990682][ T5899] usb 3-1: config 0 has no interface number 0 [ 206.011843][ T5899] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 206.055867][ T5899] usb 3-1: config 0 interface 85 has no altsetting 0 [ 206.104300][ T5899] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 206.126492][ T5899] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 206.145911][ T5899] usb 3-1: Product: syz [ 206.161450][ T5899] usb 3-1: Manufacturer: syz [ 206.177868][ T5899] usb 3-1: SerialNumber: syz [ 206.223438][ T5899] usb 3-1: config 0 descriptor?? [ 206.295662][ T5838] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 206.338104][ T7168] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 206.358194][ T7168] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 206.388449][ T7168] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 206.425066][ T7168] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 206.454005][ T5838] usb 4-1: Using ep0 maxpacket: 8 [ 206.468361][ T5838] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 206.478527][ T5838] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.509420][ T5838] pvrusb2: Hardware description: Terratec Grabster AV400 [ 206.539866][ T5838] pvrusb2: ********** [ 206.548404][ T5838] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 206.558948][ T51] Bluetooth: hci2: command tx timeout [ 206.579588][ T5838] pvrusb2: Important functionality might not be entirely working. [ 206.587855][ T5838] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 206.600345][ T5838] pvrusb2: ********** [ 206.707496][ T2342] pvrusb2: Invalid write control endpoint [ 206.791920][ T7168] 8021q: adding VLAN 0 to HW filter on device bond0 [ 206.849041][ T5899] appletouch 3-1:0.85: Geyser mode initialized. [ 206.867005][ T7168] 8021q: adding VLAN 0 to HW filter on device team0 [ 206.896855][ T5899] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input7 [ 206.921034][ T2342] pvrusb2: Invalid write control endpoint [ 206.923916][ T6361] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.930379][ T2342] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 206.934392][ T6361] bridge0: port 1(bridge_slave_0) entered forwarding state [ 206.946489][ T2342] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 207.001551][ T6361] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.008945][ T6361] bridge0: port 2(bridge_slave_1) entered forwarding state [ 207.011036][ T2342] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 207.063486][ T5963] usb 3-1: USB disconnect, device number 6 [ 207.101734][ T6386] tipc: Subscription rejected, illegal request [ 207.258092][ T2342] pvrusb2: Device being rendered inoperable [ 207.330657][ T7168] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 207.332504][ T5963] appletouch 3-1:0.85: input: appletouch disconnected [ 207.365360][ T2342] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 207.371845][ T5899] usb 4-1: USB disconnect, device number 3 [ 207.383365][ T2342] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 207.391587][ T7168] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 207.425955][ T2342] pvrusb2: Attached sub-driver cx25840 [ 207.445841][ T2342] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 207.468006][ T2342] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 207.788308][ T7364] binder: 7363:7364 ioctl 40086602 200000000000 returned -22 [ 208.018867][ T7168] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.283211][ T7378] program syz.2.442 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 208.424259][ T5838] usb 4-1: new low-speed USB device number 4 using dummy_hcd [ 208.674367][ T5838] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 208.715373][ T5838] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.765672][ T5838] usb 4-1: config 0 descriptor?? [ 208.828497][ T7168] veth0_vlan: entered promiscuous mode [ 208.895203][ T7168] veth1_vlan: entered promiscuous mode [ 209.050047][ T7168] veth0_macvtap: entered promiscuous mode [ 209.079135][ T7168] veth1_macvtap: entered promiscuous mode [ 209.164487][ T5963] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 209.175664][ T7168] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 209.311107][ T7168] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 209.426240][ T5963] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 209.436345][ T5963] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.466212][ T5963] usb 1-1: config 0 descriptor?? [ 209.479908][ T7168] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.505842][ T7168] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.543341][ T7168] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.568823][ T7168] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.752794][ T5963] udl 1-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 209.868291][ T6387] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 209.893331][ T6387] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.021737][ T5963] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2 [ 210.067582][ T5963] [drm] Initialized udl on minor 2 [ 210.068445][ T6387] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.132385][ T6387] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.357609][ T5963] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 210.401211][ T5963] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 210.446726][ T5918] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 210.465141][ T5838] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 210.481034][ T5963] usb 1-1: USB disconnect, device number 4 [ 210.488336][ T5918] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 210.524201][ T5838] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9 [ 210.574147][ T5838] asix 4-1:0.0: probe with driver asix failed with error -71 [ 210.624695][ T5838] usb 4-1: USB disconnect, device number 4 [ 211.750971][ T51] Bluetooth: hci0: unexpected subevent 0x01 length: 9 < 18 [ 212.943605][ T7464] xt_socket: unknown flags 0x8 [ 213.475112][ T7465] netlink: 40 bytes leftover after parsing attributes in process `syz.0.462'. [ 213.663202][ T7468] syzkaller1: entered promiscuous mode [ 213.724094][ T7468] syzkaller1: entered allmulticast mode [ 215.569468][ T7505] ------------[ cut here ]------------ [ 215.575485][ T7505] WARNING: CPU: 1 PID: 7505 at ./include/linux/memcontrol.h:371 folio_memcg+0x1a8/0x310 [ 215.585593][ T7505] Modules linked in: [ 215.589843][ T7505] CPU: 1 UID: 0 PID: 7505 Comm: syz.3.475 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) [ 215.600026][ T7505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 215.610256][ T7505] RIP: 0010:folio_memcg+0x1a8/0x310 [ 215.615661][ T7505] Code: 80 3c 28 00 74 08 4c 89 f7 e8 74 ca 1b 00 4d 8b 36 4c 89 f0 5b 41 5c 41 5d 41 5e 41 5f 5d e9 7f 20 65 09 cc e8 19 e3 bb ff 90 <0f> 0b 90 eb c5 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c fe fe ff ff [ 215.635607][ T7505] RSP: 0018:ffffc9000f4ff250 EFLAGS: 00010283 [ 215.643488][ T7505] RAX: ffffffff820442a7 RBX: 0000000000000000 RCX: 0000000000080000 [ 215.653056][ T7505] RDX: ffffc9000c60a000 RSI: 0000000000001de2 RDI: 0000000000001de3 [ 215.661260][ T7505] RBP: 0000000000000000 R08: ffffea0000d04847 R09: 1ffffd40001a0908 [ 215.669450][ T7505] R10: dffffc0000000000 R11: fffff940001a0909 R12: ffffea0000d04870 [ 215.678055][ T7505] R13: dffffc0000000000 R14: ffff888032fe1200 R15: 0000000000000002 [ 215.686175][ T7505] FS: 00007f1b9f3f66c0(0000) GS:ffff888125d57000(0000) knlGS:0000000000000000 [ 215.695311][ T7505] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.701959][ T7505] CR2: 0000000000000000 CR3: 000000007b81e000 CR4: 00000000003526f0 [ 215.710050][ T7505] Call Trace: [ 215.713391][ T7505] [ 215.716437][ T7505] workingset_activation+0x5f/0x4a0 [ 215.721701][ T7505] ? folio_mark_accessed+0x361/0x4a0 [ 215.727251][ T7505] folio_mark_accessed+0x3b5/0x4a0 [ 215.732452][ T7505] kvm_release_page_clean+0x9a/0xe0 [ 215.737793][ T7505] kvm_tdp_page_fault+0x2dd/0x370 [ 215.744705][ T7505] kvm_mmu_do_page_fault+0x2c5/0x640 [ 215.750077][ T7505] ? vmx_vcpu_run+0xd8b/0x25d0 [ 215.756862][ T7505] ? __pfx_kvm_mmu_do_page_fault+0x10/0x10 [ 215.762773][ T7505] ? vmx_handle_exit_irqoff+0x29e/0xad0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 215.768430][ T7505] kvm_mmu_page_fault+0x22f/0xb70 [ 215.773543][ T7505] ? __pfx_handle_ept_violation+0x10/0x10 [ 215.779387][ T7505] vmx_handle_exit+0x1090/0x18a0 [ 215.784510][ T7505] ? vcpu_run+0x361c/0x6f70 [ 215.789177][ T7505] ? rcu_is_watching+0x15/0xb0 [ 215.794075][ T7505] vcpu_run+0x432e/0x6f70 [ 215.798553][ T7505] ? vcpu_run+0x361c/0x6f70 [ 215.803214][ T7505] ? __pfx_vcpu_run+0x10/0x10 [ 215.808042][ T7505] ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940 [ 215.813909][ T7505] ? rcu_is_watching+0x15/0xb0 [ 215.818746][ T7505] kvm_arch_vcpu_ioctl_run+0xfc9/0x1940 [ 215.824401][ T7505] ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940 [ 215.830180][ T7505] ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 215.836320][ T7505] ? rcu_is_watching+0x15/0xb0 [ 215.841158][ T7505] ? look_up_lock_class+0x74/0x170 [ 215.848703][ T7505] ? register_lock_class+0x51/0x320 [ 215.855410][ T7505] ? __lock_acquire+0xab9/0xd20 [ 215.860455][ T7505] kvm_vcpu_ioctl+0x95c/0xe90 [ 215.865253][ T7505] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 215.870510][ T7505] ? __lock_acquire+0xab9/0xd20 [ 215.875522][ T7505] ? __asan_memset+0x22/0x50 [ 215.880179][ T7505] ? smack_file_ioctl+0x302/0x340 [ 215.885330][ T7505] ? __pfx_smack_file_ioctl+0x10/0x10 [ 215.890777][ T7505] ? __fget_files+0x2a/0x420 [ 215.895496][ T7505] ? __fget_files+0x3a0/0x420 [ 215.900252][ T7505] ? __fget_files+0x2a/0x420 [ 215.904997][ T7505] ? bpf_lsm_file_ioctl+0x9/0x20 [ 215.909997][ T7505] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 215.915424][ T7505] __se_sys_ioctl+0xfc/0x170 [ 215.920173][ T7505] do_syscall_64+0xfa/0x3b0 [ 215.924788][ T7505] ? lockdep_hardirqs_on+0x9c/0x150 [ 215.930037][ T7505] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.936261][ T7505] ? clear_bhb_loop+0x60/0xb0 [ 215.941004][ T7505] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.948683][ T7505] RIP: 0033:0x7f1ba118ebe9 [ 215.953259][ T7505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 215.975208][ T7505] RSP: 002b:00007f1b9f3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 215.983706][ T7505] RAX: ffffffffffffffda RBX: 00007f1ba13b5fa0 RCX: 00007f1ba118ebe9 [ 215.992015][ T7505] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 216.000152][ T7505] RBP: 00007f1ba1211e19 R08: 0000000000000000 R09: 0000000000000000 [ 216.008262][ T7505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 216.016326][ T7505] R13: 00007f1ba13b6038 R14: 00007f1ba13b5fa0 R15: 00007ffe5cea5c98 [ 216.024461][ T7505] [ 216.027528][ T7505] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 216.034940][ T7505] CPU: 1 UID: 0 PID: 7505 Comm: syz.3.475 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) [ 216.044807][ T7505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 216.055072][ T7505] Call Trace: [ 216.058475][ T7505] [ 216.061424][ T7505] dump_stack_lvl+0x99/0x250 [ 216.066042][ T7505] ? __asan_memcpy+0x40/0x70 [ 216.070682][ T7505] ? __pfx_dump_stack_lvl+0x10/0x10 [ 216.075901][ T7505] ? __pfx__printk+0x10/0x10 [ 216.080526][ T7505] panic+0x2db/0x790 [ 216.084533][ T7505] ? __pfx_panic+0x10/0x10 [ 216.088986][ T7505] __warn+0x31b/0x4b0 [ 216.092982][ T7505] ? folio_memcg+0x1a8/0x310 [ 216.097599][ T7505] ? folio_memcg+0x1a8/0x310 [ 216.102223][ T7505] report_bug+0x2be/0x4f0 [ 216.106571][ T7505] ? folio_memcg+0x1a8/0x310 [ 216.111190][ T7505] ? folio_memcg+0x1a8/0x310 [ 216.115815][ T7505] ? folio_memcg+0x1aa/0x310 [ 216.120434][ T7505] handle_bug+0x84/0x160 [ 216.124790][ T7505] exc_invalid_op+0x1a/0x50 [ 216.129319][ T7505] asm_exc_invalid_op+0x1a/0x20 [ 216.134193][ T7505] RIP: 0010:folio_memcg+0x1a8/0x310 [ 216.139415][ T7505] Code: 80 3c 28 00 74 08 4c 89 f7 e8 74 ca 1b 00 4d 8b 36 4c 89 f0 5b 41 5c 41 5d 41 5e 41 5f 5d e9 7f 20 65 09 cc e8 19 e3 bb ff 90 <0f> 0b 90 eb c5 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c fe fe ff ff [ 216.159045][ T7505] RSP: 0018:ffffc9000f4ff250 EFLAGS: 00010283 [ 216.165140][ T7505] RAX: ffffffff820442a7 RBX: 0000000000000000 RCX: 0000000000080000 [ 216.173133][ T7505] RDX: ffffc9000c60a000 RSI: 0000000000001de2 RDI: 0000000000001de3 [ 216.181121][ T7505] RBP: 0000000000000000 R08: ffffea0000d04847 R09: 1ffffd40001a0908 [ 216.189201][ T7505] R10: dffffc0000000000 R11: fffff940001a0909 R12: ffffea0000d04870 [ 216.197193][ T7505] R13: dffffc0000000000 R14: ffff888032fe1200 R15: 0000000000000002 [ 216.205455][ T7505] ? folio_memcg+0x1a7/0x310 [ 216.210088][ T7505] workingset_activation+0x5f/0x4a0 [ 216.215316][ T7505] ? folio_mark_accessed+0x361/0x4a0 [ 216.220637][ T7505] folio_mark_accessed+0x3b5/0x4a0 [ 216.225790][ T7505] kvm_release_page_clean+0x9a/0xe0 [ 216.231031][ T7505] kvm_tdp_page_fault+0x2dd/0x370 [ 216.236097][ T7505] kvm_mmu_do_page_fault+0x2c5/0x640 [ 216.241414][ T7505] ? vmx_vcpu_run+0xd8b/0x25d0 [ 216.246205][ T7505] ? __pfx_kvm_mmu_do_page_fault+0x10/0x10 [ 216.252050][ T7505] ? vmx_handle_exit_irqoff+0x29e/0xad0 [ 216.257624][ T7505] kvm_mmu_page_fault+0x22f/0xb70 [ 216.262678][ T7505] ? __pfx_handle_ept_violation+0x10/0x10 [ 216.268424][ T7505] vmx_handle_exit+0x1090/0x18a0 [ 216.273382][ T7505] ? vcpu_run+0x361c/0x6f70 [ 216.277914][ T7505] ? rcu_is_watching+0x15/0xb0 [ 216.282727][ T7505] vcpu_run+0x432e/0x6f70 [ 216.287099][ T7505] ? vcpu_run+0x361c/0x6f70 [ 216.291670][ T7505] ? __pfx_vcpu_run+0x10/0x10 [ 216.296374][ T7505] ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940 [ 216.302122][ T7505] ? rcu_is_watching+0x15/0xb0 [ 216.306996][ T7505] kvm_arch_vcpu_ioctl_run+0xfc9/0x1940 [ 216.312572][ T7505] ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940 [ 216.318315][ T7505] ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 216.324334][ T7505] ? rcu_is_watching+0x15/0xb0 [ 216.329206][ T7505] ? look_up_lock_class+0x74/0x170 [ 216.334342][ T7505] ? register_lock_class+0x51/0x320 [ 216.339573][ T7505] ? __lock_acquire+0xab9/0xd20 [ 216.344469][ T7505] kvm_vcpu_ioctl+0x95c/0xe90 [ 216.349175][ T7505] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 216.354398][ T7505] ? __lock_acquire+0xab9/0xd20 [ 216.359270][ T7505] ? __asan_memset+0x22/0x50 [ 216.363896][ T7505] ? smack_file_ioctl+0x302/0x340 [ 216.368963][ T7505] ? __pfx_smack_file_ioctl+0x10/0x10 [ 216.374369][ T7505] ? __fget_files+0x2a/0x420 [ 216.378987][ T7505] ? __fget_files+0x3a0/0x420 [ 216.383746][ T7505] ? __fget_files+0x2a/0x420 [ 216.388397][ T7505] ? bpf_lsm_file_ioctl+0x9/0x20 [ 216.393376][ T7505] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 216.398600][ T7505] __se_sys_ioctl+0xfc/0x170 [ 216.403251][ T7505] do_syscall_64+0xfa/0x3b0 [ 216.407775][ T7505] ? lockdep_hardirqs_on+0x9c/0x150 [ 216.413006][ T7505] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.419093][ T7505] ? clear_bhb_loop+0x60/0xb0 [ 216.423800][ T7505] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.429720][ T7505] RIP: 0033:0x7f1ba118ebe9 [ 216.434156][ T7505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 216.453807][ T7505] RSP: 002b:00007f1b9f3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 216.462275][ T7505] RAX: ffffffffffffffda RBX: 00007f1ba13b5fa0 RCX: 00007f1ba118ebe9 [ 216.470306][ T7505] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 216.478310][ T7505] RBP: 00007f1ba1211e19 R08: 0000000000000000 R09: 0000000000000000 [ 216.486394][ T7505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 216.494386][ T7505] R13: 00007f1ba13b6038 R14: 00007f1ba13b5fa0 R15: 00007ffe5cea5c98 [ 216.502393][ T7505] [ 216.505807][ T7505] Kernel Offset: disabled [ 216.510201][ T7505] Rebooting in 86400 seconds..