last executing test programs: 24.440182047s ago: executing program 3 (id=7): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x1}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x60}}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x1ff, 0x1, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil}) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x3, &(0x7f0000002480)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) mremap(&(0x7f0000a83000/0x1000)=nil, 0x1000, 0x3000, 0x6, &(0x7f00003bb000/0x3000)=nil) r3 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x1, 0x2) mkdirat$cgroup(r4, &(0x7f0000000080)='syz1\x00', 0x1ff) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000040)=0x4) ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f0000000440)={"db4c1421593cb4d3f8fe6094dc821bbbe06520701fc6de7b0349f34b0f8c556a9e9aff1355aab8d6da26d74608530f150f127f9e3f0a2f1fff0be9774c95d6c007c91903f78616596487bf50017c56b15385ab264cba5b168c62d971e67e6f3e73d60b5a8adbaaf2af8610c6a91c0a116f619adce4aa91d5a68faf8ee98693d32d8d8244381b5720ef596600e39491d216c22d0725904bab7d90fa8afb8fa04b707410aa300ef098609b4fa6dd77b1b7c321b1fc6356564ce3f90826be3a9a5be186ffc48eb13824e9dae77ed212a0f802074ff4f1725c4ad88cf5bbd36e3406bc59d96e82047631d8be9462ee7e54e5b2897c3fff38eabf67e1e160c2b5e18be06457844d89c9a606b7d25fbde713f4759da0bee1fabe3f71dcca63540f113a2b5edc4b327d1f9610377b97265d4aa875b4bc3c44bf8110d5df1beb1fe54794a0aa52dfc80df1caf7d812b4f1cdba1a6836b45ea2180d08439d411ce8e0755868cc839eaeac73e5d28f9f1990584038cf5fa6bee0c4095a27cc8c7b59519bf2a9bf1fedf54cc2dc6aea6c42c32de40c291e5f422f5c7792a08926af160fb379576dd81bac746232fb246817fc3248097914b75e83cc5eb518ce8fb643b34ca69c3b61f0d94e7db62dd480198d41e0862f1ec4429ab637569884a5ba446a0b09edfd986a2b3e15ee35bbd18610dad6271681ed240b0ffab9199b541013c0aadc36484da57511896c14776a41602aa1426edfbb828897d9c218b7936a0572840ebbc796e888a439b24e640324b511deb6ed0b2ce2f7567447826944b4f34101e492e8d20a2deda950e96e78f86d6d4c976f0c99041c94944309e6ce08d84a7c96677d570d9a57ec0506a4321d9e049b55be883ca3648c27772fc5dbaea5e6c2ded2ce72fb68989ae381fe1394cf6966ab04285d5ff8256bc2e85462b8d89aeeebd5432157c945b5dc1960d9282c6cc007fe029325d6078aef94d4954f956c71bcdf846f41392ebe0d3b289438d24ec4bc073617459a6b232445dd636a9f21140e14b162fd5ef1d626b0ff84884fd63d22cc1b05befb77ea937f3045cc15b125479b262c1e32fca75a5468423288c5776efee744b1fccb5e6d661d9d287cfa8582c96ea34a33c1bbc29c0035657da66a87150bbb885be5ee123e431fd793ea179a0fc77aaee66d874c0616cb32324826b36d0e27d14217ad1131cace3bae4ef82dfbc790e78de53a9bfbdb468bf0eb3ff134073b380858965de2d108862daf3fc6b49ad46f20832238aeaa5d010cf08e37938f0bb7bbeaa970c39ce9327a16fe07565708266ce9ef639bfa08538693b456228aa1c370d64ef9795b7cc208a2c528d381a042d149ed5c7f34ed26a7d5a4401b86434f054389e5dac7a4ee896e406d7b27240d925d478e0eb2202797832d3e2c74f4925ad58377b0d6ae9b97034f94"}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 20.978383469s ago: executing program 1 (id=10): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) syz_80211_inject_frame(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000a99"], 0x10) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x4008054) write$nci(r0, 0x0, 0x0) write$nci(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="5001"], 0x14) 20.692992701s ago: executing program 3 (id=11): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() ptrace$poke(0x5, 0x0, &(0x7f0000000080), 0xf5) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r3, &(0x7f00000001c0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f00000000c0)={0xff, 0x6, 0xfe, 0xfd, 0xfe, 0x9, 0x5, 0x1, 0x3, 0x8, 0x20, 0xff, 0x0, 0x2}, 0xe) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) eventfd2(0xe, 0x80001) shutdown(r3, 0x1) 20.563413384s ago: executing program 2 (id=3): socket$kcm(0x10, 0x2, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x1, 0x8, 0x5, 0x8, 0xc1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x4, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @cgroup_sock_addr=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000100), 0x3f, r0}, 0x38) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r0, &(0x7f0000000340), &(0x7f00000004c0)=""/192}, 0x20) syz_open_dev$vim2m(&(0x7f0000000100), 0x2, 0x2) socket$vsock_stream(0x28, 0x1, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x1, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) pselect6(0x3b, &(0x7f00000000c0)={0x0, 0x67f, 0x3, 0x8, 0x2, 0xfffffffffffffffa, 0x1, 0x3}, 0x0, &(0x7f0000000080)={0x1ff, 0x3, 0x0, 0x4, 0x0, 0x1136f858, 0x0, 0xffffffffffffffff}, 0x0, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r3 = getpgrp(0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = getpid() sched_setscheduler(r4, 0x1, &(0x7f0000001440)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x20010, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) r7 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$SIOCPNGETOBJECT(r7, 0x89e0, 0x0) writev(r6, &(0x7f00000006c0)=[{&(0x7f0000000880)="af97a8468d99d8b1ddcad46b2b9109912bf2fc97eab1674739846f16a044710a93734c470cc26daf2ee31226398d10080c2783353f68a1478d2d00deb1b429d0eb1002d30e4a35640c73080393109d76ff98ffa72a873d4b470db26cd21f547b92325383946d90bd4cb62b9c6e81f176992f2eeb9df17547c5a7b7f0cfb87d038382e64c451ce70f084d37fdbc1bf63812e9c0c3da7717a10d79c1cf7c6fb9342f256ffde38eba7f51e1d0256a9d8db7627e9731852959d0eb2f8940c21770fb1bac379390c75a027f494ea3df34b8d875", 0xd1}, {&(0x7f0000000340)="3c429531fe901314c9b2c69714e09bded76dc7e70f193d93dfa137ad8cbcb12521bc49eca93ac281de9050bf61ca26a4d08d3ac7ffa1a352507ff5535c549b1ab6a948d49f80c89eae156ee910d8583c38f729325f4d3b7b0a598c3b0027cdee5f67e313ac69c3b169d55bfb56f80e8d6bfd1a812bea1f388e243ce55198969170dc6fb0a527bf7012a83cd842abce7da91d7b8439f89df67d76b24816e372550675ca6ca398dfa2d779bcc10bcd3bd5d2d22a824c21a5681d3d7a2e7393969aa54c5356b5eae676230fb447b32dcd4bbb0fba9aec9423fb856bbee7dd8f4efa0ec87f2e", 0xe4}, {&(0x7f0000000440)="517d1250f47410e958fc4ac8d7d7184fccb8b34a8eba0ae759f48b223923d20a3c4037571bbd341007629adc6d43b7cd0f0f538e8b1eb2714c52f6803d948fdab51c0fa0846cb6b3c777", 0x4a}, {&(0x7f0000000180)="ddbc4865e6c3a38294263f211d391703", 0x10}, {&(0x7f00000004c0)="115c730dc7d977a1685ae70756301680de74b4cb3ae0eb6966402c129f9e33d436a725234c3467dbaf7523b2e007ddca44d3b250", 0x34}, {&(0x7f0000000500)}, {&(0x7f0000000540)="c8995367e9b8bd095ef5ec7dfadf232a498d4d7b7a92eb011c3a67ca3f43b82f1165b409a90f3e", 0x27}, {&(0x7f0000000200)="46bc622a7f177324f950b5bf182fe782c8e98f027b3d731ab7b04dff561c470e653e7667a4e5dbb05fcabeee7986c186b4e0b2d4f8d3f85a01a89f01f51bdae7501a3113e2689e85cbe45c7fb8d36e89ea24a2fc864a72918e7f8f091f8535b7ce10a1562d76dc9a2b875bcfc75836706a047df8ea7e7a3beae704874a7ec887", 0x80}, {&(0x7f0000000600)="b055db0c76d11f65b44553a9c6020204e739f1d1dfb73f66fd0b7c57bfbf2eccb9d0e8773b974d5b9b1346144c83f6ae5cddaaf01806e7432b49913b4ce01a7cc941d3081322b9dbc7b4d8dfd2b008e68dfc6bbe105c1aca5ea9d52371b22c4eca374f618f98f50a3b093cffb25140181596cd721d2ccd4319410070064b40227c7baf5844c50244251997c729", 0x8d}], 0x9) 20.400210563s ago: executing program 0 (id=1): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000000)=0x5) r1 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1a}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {0x0, 0x0, 0xfffffffffffffff7, 0x4}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x6c}, 0x0, @in=@empty, 0xfffffffc, 0x0, 0x2, 0x7, 0x200}}, 0xe8) sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=ANY=[@ANYBLOB="fc000000160033060000000000000080ff0100000000000000000000000000017f00000100000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff000000000003000000000000000004d232020000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b0000000000000000000000000000000500000000000000ffffffffffffffff000000000000000005000000000000000400000002000000000000000600"], 0xfc}}, 0x0) 17.938439468s ago: executing program 3 (id=12): r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_TRY_EXT_CTRLS(r0, 0xc0205649, &(0x7f0000000140)={0x980000, 0x0, 0x2, 0xffffffffffffffff, 0x0, 0x0}) 17.852422739s ago: executing program 2 (id=13): socket$kcm(0x10, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x2e) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, 0x0, 0x0) getsockopt$sock_int(r4, 0x1, 0x9, 0x0, 0x0) prlimit64(0x0, 0x7, 0x0, 0x0) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000100000000000000000a00000087000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbff00000000000000000000000000000000000000000000000000d3e7de3a00"/97], 0xb8}}, 0x0) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x10, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x1}, 0x50) r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000007c0)={0x0, 0x3ff}, 0xc) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x9, 0x27, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, [@cb_func={0x18, 0x7, 0x4, 0x0, 0x2}, @jmp={0x5, 0x1, 0x6, 0x0, 0x1, 0x1}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xe277}, @ringbuf_query, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0xa000}, @map_val={0x18, 0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ff}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @cb_func={0x18, 0x9, 0x4, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}}, &(0x7f0000000600)='syzkaller\x00', 0x4, 0x0, 0x0, 0x1f00, 0x2, '\x00', 0x0, @cgroup_sock=0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x1, 0x785, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x4, &(0x7f00000008c0)=[0xffffffffffffffff, r6, r7, r8], &(0x7f0000000900)=[{0x4, 0x4, 0x3, 0xb}, {0x3, 0x4, 0xf, 0x7}, {0x0, 0x2, 0xa}, {0x4, 0x4, 0x9, 0xb}], 0x10, 0x4}, 0x94) sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000150001000000000000000000e00000020000000000000000a54bbee6516df0c600000000000000000000000100000000000000000a0010000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000100"/21], 0xb8}}, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x7a, 0x0, 0x0) r9 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FE_SET_PROPERTY(r9, 0x40106f52, &(0x7f0000000000)={0x3, &(0x7f0000000340)=[{0x18, '\x00', @buffer={"84619e920fb77fc479305d95bb4d18b8addbb5b164bb2c5fab8815725bec3314", 0x20}, 0x2}, {0x9, '\x00', @data=0x5, 0x971f7f4}, {0x3, '\x00', @st={0x4, [{0x0, @uvalue=0xfffffffffffffff7}, {0x0, @uvalue=0x68000000000000}, {0x2, @uvalue=0xe52}, {0x2, @uvalue=0x4002000000008}]}, 0x4}]}) 17.710070096s ago: executing program 1 (id=14): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x7ad3db81}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000300), r4) sendmsg$NFC_CMD_DEP_LINK_UP(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x24, r5, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NFC_ATTR_COMM_MODE={0x5, 0xa, 0x1}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000) 15.921952151s ago: executing program 2 (id=15): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x7ad3db81}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) socket$phonet_pipe(0x23, 0x5, 0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000300), r4) sendmsg$NFC_CMD_DEP_LINK_UP(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x24, r5, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NFC_ATTR_COMM_MODE={0x5, 0xa, 0x1}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000) 15.921330868s ago: executing program 3 (id=16): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, 0x0, 0x28008084) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) unshare(0x2040400) r2 = getpgrp(0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5) r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, 0x0) ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f00000002c0)={0x28, 0x6, 0x0, 0x0, &(0x7f0000343000/0x3000)=nil, 0x3000, 0x10205}) ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000080)={0x28, 0x5, 0x0, 0x0, &(0x7f0000343000/0x3000)=nil, 0x3000, 0x8000000004000004}) ioctl$IOMMU_IOAS_COPY(r3, 0x3b83, &(0x7f0000000040)={0x28, 0x7, 0x0, 0x0, 0x3, 0xfffffffffffffffa, 0x3fff}) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x7, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) sched_rr_get_interval(r4, &(0x7f0000000080)) socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x74) syz_emit_ethernet(0x36, &(0x7f00000000c0)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x1100, 0x0, 0x3, 0x6, 0x0, @rand_addr=0x64010100, @local}, {{0x4e24, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2, 0x0, 0x0, 0xfffc}}}}}}, 0x0) socketpair(0x1d, 0x4, 0x5, &(0x7f0000000140)) 14.979156817s ago: executing program 0 (id=17): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) r2 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={0x0}}, 0x0) open_tree(0xffffffffffffff9c, 0x0, 0x89901) r4 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10) r5 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x4, 0x2}, 0x10) 12.919934869s ago: executing program 0 (id=18): r0 = socket$kcm(0x10, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x2e) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, 0x0, 0x0) getsockopt$sock_int(r5, 0x1, 0x9, 0x0, 0x0) prlimit64(0x0, 0x7, 0x0, 0x0) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000100000000000000000a00000087000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbff00000000000000000000000000000000000000000000000000d3e7de3a00"/97], 0xb8}}, 0x0) r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x10, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x1}, 0x50) r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000007c0)={0x0, 0x3ff}, 0xc) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x9, 0x27, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, [@cb_func={0x18, 0x7, 0x4, 0x0, 0x2}, @jmp={0x5, 0x1, 0x6, 0x0, 0x1, 0x1}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xe277}, @ringbuf_query, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0xa000}, @map_val={0x18, 0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ff}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @cb_func={0x18, 0x9, 0x4, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}}, &(0x7f0000000600)='syzkaller\x00', 0x4, 0x0, 0x0, 0x1f00, 0x2, '\x00', 0x0, @cgroup_sock=0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x1, 0x785, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x4, &(0x7f00000008c0)=[0xffffffffffffffff, r7, r8, r9], &(0x7f0000000900)=[{0x4, 0x4, 0x3, 0xb}, {0x3, 0x4, 0xf, 0x7}, {0x0, 0x2, 0xa}, {0x4, 0x4, 0x9, 0xb}], 0x10, 0x4}, 0x94) sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000150001000000000000000000e00000020000000000000000a54bbee6516df0c600000000000000000000000100000000000000000a0010000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000100"/21], 0xb8}}, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x7a, 0x0, 0x0) syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000180)="d8000000180081064e81f782db4cb904021d0800fd127c05e8fe55a10a0007000140020203600e4109000800ac00060311000000160012000a00fc000000035c3b61c1d67f6f94007134cf6e8c0000a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000000008af26c8b7b55f4d2a6823a45f28fcb1d", 0xd8}], 0x1}, 0x0) 12.764667058s ago: executing program 3 (id=19): socket$kcm(0x10, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x2e) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, 0x0, 0x0) getsockopt$sock_int(r4, 0x1, 0x9, 0x0, 0x0) prlimit64(0x0, 0x7, 0x0, 0x0) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000100000000000000000a00000087000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbff00000000000000000000000000000000000000000000000000d3e7de3a00"/97], 0xb8}}, 0x0) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x10, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x1}, 0x50) r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000007c0)={0x0, 0x3ff}, 0xc) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x9, 0x27, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, [@cb_func={0x18, 0x7, 0x4, 0x0, 0x2}, @jmp={0x5, 0x1, 0x6, 0x0, 0x1, 0x1}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xe277}, @ringbuf_query, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0xa000}, @map_val={0x18, 0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ff}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @cb_func={0x18, 0x9, 0x4, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}}, &(0x7f0000000600)='syzkaller\x00', 0x4, 0x0, 0x0, 0x1f00, 0x2, '\x00', 0x0, @cgroup_sock=0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x1, 0x785, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x4, &(0x7f00000008c0)=[0xffffffffffffffff, r6, r7, r8], &(0x7f0000000900)=[{0x4, 0x4, 0x3, 0xb}, {0x3, 0x4, 0xf, 0x7}, {0x0, 0x2, 0xa}, {0x4, 0x4, 0x9, 0xb}], 0x10, 0x4}, 0x94) sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000150001000000000000000000e00000020000000000000000a54bbee6516df0c600000000000000000000000100000000000000000a0010000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000100"/21], 0xb8}}, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x7a, 0x0, 0x0) r9 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FE_SET_PROPERTY(r9, 0x40106f52, &(0x7f0000000000)={0x3, &(0x7f0000000340)=[{0x18, '\x00', @buffer={"84619e920fb77fc479305d95bb4d18b8addbb5b164bb2c5fab8815725bec3314", 0x20}, 0x2}, {0x9, '\x00', @data=0x5, 0x971f7f4}, {0x3, '\x00', @st={0x4, [{0x0, @uvalue=0xfffffffffffffff7}, {0x0, @uvalue=0x68000000000000}, {0x2, @uvalue=0xe52}, {0x2, @uvalue=0x4002000000008}]}, 0x4}]}) 12.608858547s ago: executing program 2 (id=20): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, 0x0, 0x28008084) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) unshare(0x2040400) r2 = getpgrp(0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5) r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, 0x0) ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f00000002c0)={0x28, 0x6, 0x0, 0x0, &(0x7f0000343000/0x3000)=nil, 0x3000, 0x10205}) ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000080)={0x28, 0x5, 0x0, 0x0, &(0x7f0000343000/0x3000)=nil, 0x3000, 0x8000000004000004}) ioctl$IOMMU_IOAS_COPY(r3, 0x3b83, &(0x7f0000000040)={0x28, 0x7, 0x0, 0x0, 0x3, 0xfffffffffffffffa, 0x3fff}) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x7, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) sched_rr_get_interval(r4, &(0x7f0000000080)) socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x74) syz_emit_ethernet(0x36, &(0x7f00000000c0)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x1100, 0x0, 0x3, 0x6, 0x0, @rand_addr=0x64010100, @local}, {{0x4e24, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2, 0x0, 0x0, 0xfffc}}}}}}, 0x0) socketpair(0x1d, 0x4, 0x5, &(0x7f0000000140)) 12.478430884s ago: executing program 4 (id=5): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DISCONNECT(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fedbdf253000000008000300", @ANYRES32=r2], 0x24}, 0x1, 0x0, 0x0, 0x2404c080}, 0x0) 10.359075476s ago: executing program 2 (id=21): socket$kcm(0x10, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x2e) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, 0x0, 0x0) getsockopt$sock_int(r4, 0x1, 0x9, 0x0, 0x0) prlimit64(0x0, 0x7, 0x0, 0x0) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000100000000000000000a00000087000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbff00000000000000000000000000000000000000000000000000d3e7de3a00"/97], 0xb8}}, 0x0) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x10, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x1}, 0x50) r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000007c0)={0x0, 0x3ff}, 0xc) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x9, 0x27, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, [@cb_func={0x18, 0x7, 0x4, 0x0, 0x2}, @jmp={0x5, 0x1, 0x6, 0x0, 0x1, 0x1}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xe277}, @ringbuf_query, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0xa000}, @map_val={0x18, 0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ff}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @cb_func={0x18, 0x9, 0x4, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}}, &(0x7f0000000600)='syzkaller\x00', 0x4, 0x0, 0x0, 0x1f00, 0x2, '\x00', 0x0, @cgroup_sock=0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x1, 0x785, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x4, &(0x7f00000008c0)=[0xffffffffffffffff, r6, r7, r8], &(0x7f0000000900)=[{0x4, 0x4, 0x3, 0xb}, {0x3, 0x4, 0xf, 0x7}, {0x0, 0x2, 0xa}, {0x4, 0x4, 0x9, 0xb}], 0x10, 0x4}, 0x94) sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000150001000000000000000000e00000020000000000000000a54bbee6516df0c600000000000000000000000100000000000000000a0010000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000100"/21], 0xb8}}, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x7a, 0x0, 0x0) r9 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FE_SET_PROPERTY(r9, 0x40106f52, &(0x7f0000000000)={0x3, &(0x7f0000000340)=[{0x18, '\x00', @buffer={"84619e920fb77fc479305d95bb4d18b8addbb5b164bb2c5fab8815725bec3314", 0x20}, 0x2}, {0x9, '\x00', @data=0x5, 0x971f7f4}, {0x3, '\x00', @st={0x4, [{0x0, @uvalue=0xfffffffffffffff7}, {0x0, @uvalue=0x68000000000000}, {0x2, @uvalue=0xe52}, {0x2, @uvalue=0x4002000000008}]}, 0x4}]}) 8.961975716s ago: executing program 3 (id=22): socket$kcm(0x10, 0x2, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x1, 0x8, 0x5, 0x8, 0xc1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x4, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @cgroup_sock_addr=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000100), 0x3f, r0}, 0x38) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r0, &(0x7f0000000340), &(0x7f00000004c0)=""/192}, 0x20) syz_open_dev$vim2m(&(0x7f0000000100), 0x2, 0x2) socket$vsock_stream(0x28, 0x1, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x1, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) pselect6(0x3b, &(0x7f00000000c0)={0x0, 0x67f, 0x3, 0x8, 0x2, 0xfffffffffffffffa, 0x1, 0x3}, 0x0, &(0x7f0000000080)={0x1ff, 0x3, 0x0, 0x4, 0x0, 0x1136f858, 0x0, 0xffffffffffffffff}, 0x0, 0x0) 8.412200224s ago: executing program 1 (id=23): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) syz_80211_inject_frame(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000a99"], 0x10) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x4008054) write$nci(r0, 0x0, 0x0) 8.342643293s ago: executing program 4 (id=24): socket$kcm(0x10, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x2e) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, 0x0, 0x0) getsockopt$sock_int(r4, 0x1, 0x9, 0x0, 0x0) prlimit64(0x0, 0x7, 0x0, 0x0) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000100000000000000000a00000087000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbff00000000000000000000000000000000000000000000000000d3e7de3a00"/97], 0xb8}}, 0x0) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x10, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x1}, 0x50) r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000007c0)={0x0, 0x3ff}, 0xc) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x9, 0x27, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, [@cb_func={0x18, 0x7, 0x4, 0x0, 0x2}, @jmp={0x5, 0x1, 0x6, 0x0, 0x1, 0x1}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xe277}, @ringbuf_query, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0xa000}, @map_val={0x18, 0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ff}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @cb_func={0x18, 0x9, 0x4, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}}, &(0x7f0000000600)='syzkaller\x00', 0x4, 0x0, 0x0, 0x1f00, 0x2, '\x00', 0x0, @cgroup_sock=0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x1, 0x785, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x4, &(0x7f00000008c0)=[0xffffffffffffffff, r6, r7, r8], &(0x7f0000000900)=[{0x4, 0x4, 0x3, 0xb}, {0x3, 0x4, 0xf, 0x7}, {0x0, 0x2, 0xa}, {0x4, 0x4, 0x9, 0xb}], 0x10, 0x4}, 0x94) sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000150001000000000000000000e00000020000000000000000a54bbee6516df0c600000000000000000000000100000000000000000a0010000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000100"/21], 0xb8}}, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x7a, 0x0, 0x0) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FE_SET_PROPERTY(0xffffffffffffffff, 0x40106f52, &(0x7f0000000000)={0x3, &(0x7f0000000340)=[{0x18, '\x00', @buffer={"84619e920fb77fc479305d95bb4d18b8addbb5b164bb2c5fab8815725bec3314", 0x20}, 0x2}, {0x9, '\x00', @data=0x5, 0x971f7f4}, {0x3, '\x00', @st={0x4, [{0x0, @uvalue=0xfffffffffffffff7}, {0x0, @uvalue=0x68000000000000}, {0x2, @uvalue=0xe52}, {0x2, @uvalue=0x4002000000008}]}, 0x4}]}) 5.969655548s ago: executing program 4 (id=25): r0 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_TRY_EXT_CTRLS(r0, 0xc0205649, &(0x7f0000000140)={0x980000, 0x0, 0x2, 0xffffffffffffffff, 0x0, 0x0}) 3.172589944s ago: executing program 0 (id=26): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/81, 0x0, 0x41000}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000001c0)={0x1, 0x0, [{0x0, 0x0, 0x0}]}) 3.109669994s ago: executing program 1 (id=27): wait4(0x0, &(0x7f0000000240), 0x8, 0x0) sched_setaffinity(0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000280)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$dri(0x0, 0x0, 0x0) r3 = socket(0x1e, 0x1, 0x0) connect$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10) bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r4 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r4, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10) sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x1c) 1.441279867s ago: executing program 1 (id=28): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) r2 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={0x0}}, 0x0) open_tree(0xffffffffffffff9c, 0x0, 0x89901) r4 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10) r5 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x4, 0x2}, 0x10) 0s ago: executing program 1 (id=29): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000300)={0xffffffffffffffff}, 0x111, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f00000003c0)={0x3, 0x40, 0xfa00, {{0xa, 0xfffc, 0xd4, @loopback, 0xa09c}, {0xa, 0x2, 0xfffffffe, @loopback, 0x6}, r2, 0x40099d}}, 0x48) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x40001e0, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r7, 0x6, 0x6, &(0x7f0000003d80)=0x6, 0x4) bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e21, @remote}, 0x10) sendmsg$inet(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0}, 0x68) r8 = syz_open_procfs(0x0, &(0x7f0000000300)='cmdline\x00') read$FUSE(r8, 0x0, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x1902) timer_settime(r9, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}}, 0x0) lsm_get_self_attr(0x64, 0x0, 0x0, 0x0) r10 = syz_open_dev$sg(&(0x7f0000000480), 0xfffffffffffffffa, 0x1841) writev(r10, &(0x7f00000000c0)=[{&(0x7f0000000240)="9b7185220700000000000000e57c489b51b14b7aea6ef45d0c085cb7df42ccf49eabcf03d0e97bb857dbd8d553a187d0e3", 0x31}, {&(0x7f0000000180)="c9c8659e5e73127db377775e5b5784e69c666ff1cabb995455b7cc569a9ff6fc58a2003748d5d605eab67a", 0x2b}], 0x2) recvfrom(r5, &(0x7f0000004000)=""/4112, 0xfffffffffffffedc, 0x2080, 0x0, 0x0) kernel console output (not intermixed with test programs): no interfaces have a carrier [ 65.942457][ T5457] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.965330][ T5457] eql: remember to turn off Van-Jacobson compression on your slave devices Starting crond: OK Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.156' (ED25519) to the list of known hosts. syzkaller login: [ 88.738107][ T5780] cgroup: Unknown subsys name 'net' [ 88.979534][ T5780] cgroup: Unknown subsys name 'cpuset' [ 89.034740][ T5780] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 90.938124][ T5780] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 92.006196][ T31] cfg80211: failed to load regulatory.db [ 93.403485][ T5112] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 93.413088][ T5112] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 93.417460][ T5112] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 93.426168][ T5112] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 93.436745][ T5112] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 93.437960][ T5112] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 93.462067][ T5801] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 93.462987][ T5801] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 93.465734][ T5801] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 93.467878][ T5801] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 93.470686][ T5801] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 93.480577][ T5797] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 93.482000][ T5801] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 93.504620][ T5112] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 93.506641][ T5801] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 93.570967][ T5801] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 93.573490][ T5112] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 93.590057][ T5112] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 93.591901][ T5112] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 93.592712][ T5112] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 93.642551][ T60] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 93.647056][ T60] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 93.650420][ T60] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 93.653210][ T60] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 93.656538][ T60] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 94.530309][ T5793] chnl_net:caif_netlink_parms(): no params data found [ 94.549666][ T5792] chnl_net:caif_netlink_parms(): no params data found [ 94.639218][ T5794] chnl_net:caif_netlink_parms(): no params data found [ 94.683396][ T5796] chnl_net:caif_netlink_parms(): no params data found [ 94.769011][ T5795] chnl_net:caif_netlink_parms(): no params data found [ 95.000324][ T5793] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.001560][ T5793] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.001973][ T5793] bridge_slave_0: entered allmulticast mode [ 95.003933][ T5793] bridge_slave_0: entered promiscuous mode [ 95.062046][ T5792] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.062164][ T5792] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.062530][ T5792] bridge_slave_0: entered allmulticast mode [ 95.065168][ T5792] bridge_slave_0: entered promiscuous mode [ 95.099325][ T5793] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.099454][ T5793] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.099660][ T5793] bridge_slave_1: entered allmulticast mode [ 95.101548][ T5793] bridge_slave_1: entered promiscuous mode [ 95.154188][ T5792] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.154322][ T5792] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.154833][ T5792] bridge_slave_1: entered allmulticast mode [ 95.156846][ T5792] bridge_slave_1: entered promiscuous mode [ 95.219601][ T5794] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.219732][ T5794] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.219904][ T5794] bridge_slave_0: entered allmulticast mode [ 95.222680][ T5794] bridge_slave_0: entered promiscuous mode [ 95.289918][ T5796] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.290065][ T5796] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.290583][ T5796] bridge_slave_0: entered allmulticast mode [ 95.292521][ T5796] bridge_slave_0: entered promiscuous mode [ 95.297917][ T5794] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.298235][ T5794] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.299555][ T5794] bridge_slave_1: entered allmulticast mode [ 95.309858][ T5794] bridge_slave_1: entered promiscuous mode [ 95.377566][ T5793] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.377829][ T5796] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.377975][ T5796] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.378148][ T5796] bridge_slave_1: entered allmulticast mode [ 95.380221][ T5796] bridge_slave_1: entered promiscuous mode [ 95.449015][ T5792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.449261][ T5795] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.449409][ T5795] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.449592][ T5795] bridge_slave_0: entered allmulticast mode [ 95.451680][ T5795] bridge_slave_0: entered promiscuous mode [ 95.465866][ T5793] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.521388][ T5792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.542533][ T5795] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.542645][ T5795] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.542777][ T5795] bridge_slave_1: entered allmulticast mode [ 95.559163][ T5795] bridge_slave_1: entered promiscuous mode [ 95.585532][ T60] Bluetooth: hci1: command tx timeout [ 95.585537][ T5112] Bluetooth: hci0: command tx timeout [ 95.591955][ T5794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.655076][ T5796] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.657798][ T5794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.669081][ T60] Bluetooth: hci2: command tx timeout [ 95.669630][ T5112] Bluetooth: hci3: command tx timeout [ 95.704867][ T5793] team0: Port device team_slave_0 added [ 95.729560][ T5796] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.744229][ T5112] Bluetooth: hci4: command tx timeout [ 95.763830][ T5792] team0: Port device team_slave_0 added [ 95.772943][ T5793] team0: Port device team_slave_1 added [ 95.783410][ T5795] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.813305][ T5792] team0: Port device team_slave_1 added [ 95.848922][ T5795] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.888824][ T5794] team0: Port device team_slave_0 added [ 95.923617][ T5796] team0: Port device team_slave_0 added [ 95.945883][ T5794] team0: Port device team_slave_1 added [ 95.946917][ T5793] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.946930][ T5793] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.946949][ T5793] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.003487][ T5796] team0: Port device team_slave_1 added [ 96.010044][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.010057][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 96.010076][ T5792] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.061177][ T5793] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.061191][ T5793] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 96.061210][ T5793] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.063601][ T5795] team0: Port device team_slave_0 added [ 96.127016][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.127030][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 96.127049][ T5792] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.190235][ T5795] team0: Port device team_slave_1 added [ 96.217386][ T5794] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.217403][ T5794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 96.217430][ T5794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.272066][ T5796] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.272081][ T5796] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 96.272101][ T5796] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.287505][ T5794] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.287561][ T5794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 96.287635][ T5794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.351307][ T5796] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.351359][ T5796] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 96.351422][ T5796] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.428243][ T5795] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.428258][ T5795] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 96.428277][ T5795] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.512629][ T5795] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.512644][ T5795] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 96.512663][ T5795] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.051300][ T5793] hsr_slave_0: entered promiscuous mode [ 97.052547][ T5793] hsr_slave_1: entered promiscuous mode [ 97.078766][ T5792] hsr_slave_0: entered promiscuous mode [ 97.079800][ T5792] hsr_slave_1: entered promiscuous mode [ 97.080622][ T5792] debugfs: 'hsr0' already exists in 'hsr' [ 97.080707][ T5792] Cannot create hsr debugfs directory [ 97.186395][ T5794] hsr_slave_0: entered promiscuous mode [ 97.188288][ T5794] hsr_slave_1: entered promiscuous mode [ 97.188930][ T5794] debugfs: 'hsr0' already exists in 'hsr' [ 97.188947][ T5794] Cannot create hsr debugfs directory [ 97.241193][ T5796] hsr_slave_0: entered promiscuous mode [ 97.242186][ T5796] hsr_slave_1: entered promiscuous mode [ 97.243133][ T5796] debugfs: 'hsr0' already exists in 'hsr' [ 97.243161][ T5796] Cannot create hsr debugfs directory [ 97.339471][ T5795] hsr_slave_0: entered promiscuous mode [ 97.340500][ T5795] hsr_slave_1: entered promiscuous mode [ 97.341193][ T5795] debugfs: 'hsr0' already exists in 'hsr' [ 97.341211][ T5795] Cannot create hsr debugfs directory [ 97.664356][ T5112] Bluetooth: hci1: command tx timeout [ 97.664381][ T60] Bluetooth: hci0: command tx timeout [ 97.744359][ T5112] Bluetooth: hci3: command tx timeout [ 97.744371][ T60] Bluetooth: hci2: command tx timeout [ 97.825740][ T60] Bluetooth: hci4: command tx timeout [ 98.347359][ T5793] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 98.395215][ T5793] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 98.431399][ T5793] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 98.466809][ T5793] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 98.594745][ T5792] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 98.641082][ T5792] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 98.660398][ T5792] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 98.723581][ T5792] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 98.850547][ T5795] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 98.882709][ T5795] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 98.923824][ T5795] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 98.988825][ T5795] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 99.110439][ T5794] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 99.159603][ T5794] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 99.207199][ T5794] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 99.259382][ T5794] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 99.401614][ T5796] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 99.446096][ T5796] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 99.482553][ T5793] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.499245][ T5796] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 99.546003][ T5796] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 99.656364][ T5793] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.700652][ T5792] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.726645][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.727410][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.745239][ T60] Bluetooth: hci1: command tx timeout [ 99.745274][ T60] Bluetooth: hci0: command tx timeout [ 99.795545][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.795655][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.824557][ T5112] Bluetooth: hci2: command tx timeout [ 99.824592][ T5112] Bluetooth: hci3: command tx timeout [ 99.862778][ T5792] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.904834][ T60] Bluetooth: hci4: command tx timeout [ 99.905778][ T5795] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.908980][ T1177] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.909197][ T1177] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.976385][ T1177] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.976569][ T1177] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.051957][ T5795] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.068856][ T5794] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.100419][ T152] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.100562][ T152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.166933][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.167103][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.211518][ T5794] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.260960][ T5796] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.275872][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.276087][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.330597][ T152] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.331249][ T152] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.433267][ T5796] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.482614][ T1501] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.483753][ T1501] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.550449][ T1501] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.550619][ T1501] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.639288][ T5793] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.918090][ T5792] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.921290][ T5793] veth0_vlan: entered promiscuous mode [ 100.976093][ T5793] veth1_vlan: entered promiscuous mode [ 101.202648][ T5793] veth0_macvtap: entered promiscuous mode [ 101.249139][ T5793] veth1_macvtap: entered promiscuous mode [ 101.268680][ T5792] veth0_vlan: entered promiscuous mode [ 101.318786][ T5792] veth1_vlan: entered promiscuous mode [ 101.331631][ T5795] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.342606][ T5794] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.353729][ T5793] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.411047][ T5793] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.450004][ T5796] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.470025][ T56] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.498800][ T56] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.524260][ T56] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.534972][ T56] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.648302][ T5792] veth0_macvtap: entered promiscuous mode [ 101.742324][ T5792] veth1_macvtap: entered promiscuous mode [ 101.824355][ T60] Bluetooth: hci0: command tx timeout [ 101.824388][ T60] Bluetooth: hci1: command tx timeout [ 101.856997][ T5794] veth0_vlan: entered promiscuous mode [ 101.904300][ T60] Bluetooth: hci2: command tx timeout [ 101.904345][ T5112] Bluetooth: hci3: command tx timeout [ 101.946199][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.953101][ T1177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.953124][ T1177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.995964][ T5112] Bluetooth: hci4: command tx timeout [ 101.999653][ T5794] veth1_vlan: entered promiscuous mode [ 102.029491][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.030266][ T5796] veth0_vlan: entered promiscuous mode [ 102.112135][ T152] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.119865][ T174] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.119925][ T174] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.134153][ T152] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.159281][ T152] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.176905][ T5796] veth1_vlan: entered promiscuous mode [ 102.182220][ T152] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.215798][ T5795] veth0_vlan: entered promiscuous mode [ 102.320665][ T5795] veth1_vlan: entered promiscuous mode [ 102.420612][ T5794] veth0_macvtap: entered promiscuous mode [ 102.510867][ T5794] veth1_macvtap: entered promiscuous mode [ 102.521853][ T174] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.521877][ T174] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.597462][ T5796] veth0_macvtap: entered promiscuous mode [ 102.697743][ T5796] veth1_macvtap: entered promiscuous mode [ 102.725983][ T174] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.726004][ T174] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.773487][ T5911] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 102.807467][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.808376][ T5795] veth0_macvtap: entered promiscuous mode [ 102.852410][ T5795] veth1_macvtap: entered promiscuous mode [ 102.870791][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.899104][ T5796] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.916554][ T2228] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.921834][ T2228] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.943792][ T2228] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.961756][ T2228] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.976482][ T5796] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 103.047903][ T5795] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 103.054226][ T1501] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.095684][ T1501] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.172644][ T1501] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.210486][ T1501] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.225523][ T5795] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 103.624617][ T56] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.632665][ T56] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.254663][ T56] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.425346][ T56] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.834198][ T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.834222][ T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.649935][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.649960][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.769425][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.769447][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.854077][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.864067][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.874045][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.884038][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.887440][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.894041][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.904044][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.914041][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.924047][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.934039][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 106.376515][ T1501] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.376537][ T1501] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.449385][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.449407][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.508932][ T5925] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 107.375764][ T38] audit: type=1326 audit(1771340093.837:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5931 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c030ebf79 code=0x7ffc0000 [ 107.376132][ T38] audit: type=1326 audit(1771340093.837:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5931 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c030ebf79 code=0x7ffc0000 [ 107.377372][ T38] audit: type=1326 audit(1771340093.857:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5931 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f6c030ebf79 code=0x7ffc0000 [ 107.377736][ T38] audit: type=1326 audit(1771340093.867:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5931 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c030ebf79 code=0x7ffc0000 [ 107.378004][ T38] audit: type=1326 audit(1771340093.867:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5931 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c030ebf79 code=0x7ffc0000 [ 107.379170][ T38] audit: type=1326 audit(1771340093.877:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5931 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7f6c030ebf79 code=0x7ffc0000 [ 107.379500][ T38] audit: type=1326 audit(1771340093.887:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5931 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c030ebf79 code=0x7ffc0000 [ 107.379810][ T38] audit: type=1326 audit(1771340093.887:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5931 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c030ebf79 code=0x7ffc0000 [ 109.289455][ T5943] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'. [ 109.382237][ T174] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.382255][ T174] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.333283][ T5948] netlink: 104 bytes leftover after parsing attributes in process `syz.2.13'. [ 110.848808][ T5948] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 113.980396][ T5954] can: request_module (can-proto-5) failed. [ 115.784203][ T5972] can: request_module (can-proto-5) failed. [ 116.942074][ T5978] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5'. [ 117.374908][ T5977] netlink: 104 bytes leftover after parsing attributes in process `syz.3.19'. [ 119.882003][ T5991] netlink: 104 bytes leftover after parsing attributes in process `syz.4.24'. [ 121.196917][ T5984] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 122.738767][ T5996] netlink: 104 bytes leftover after parsing attributes in process `syz.0.18'. [ 122.914576][ T5998] netlink: 'syz.0.18': attribute type 7 has an invalid length. [ 123.244093][ T5996] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 123.808840][ T5985] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 128.206598][ T6011] netlink: 104 bytes leftover after parsing attributes in process `syz.2.21'. [ 128.225122][ T6011] ================================================================== [ 128.225147][ T6011] BUG: KASAN: slab-use-after-free in dvb_device_open+0xc4/0x360 [ 128.225195][ T6011] Read of size 8 at addr ffff88802baa3818 by task syz.2.21/6011 [ 128.225215][ T6011] [ 128.225237][ T6011] CPU: 0 UID: 0 PID: 6011 Comm: syz.2.21 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 128.225254][ T6011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 128.225270][ T6011] Call Trace: [ 128.225278][ T6011] [ 128.225286][ T6011] dump_stack_lvl+0xe8/0x150 [ 128.225310][ T6011] print_report+0xba/0x230 [ 128.225330][ T6011] ? dvb_device_open+0xc4/0x360 [ 128.225349][ T6011] kasan_report+0x117/0x150 [ 128.225368][ T6011] ? dvb_device_open+0xc4/0x360 [ 128.225391][ T6011] dvb_device_open+0xc4/0x360 [ 128.225414][ T6011] chrdev_open+0x4d0/0x5f0 [ 128.225432][ T6011] ? __pfx_chrdev_open+0x10/0x10 [ 128.225449][ T6011] ? fsnotify_open_perm_and_set_mode+0x138/0x6e0 [ 128.225474][ T6011] ? __pfx_chrdev_open+0x10/0x10 [ 128.225497][ T6011] do_dentry_open+0x83d/0x13e0 [ 128.225521][ T6011] vfs_open+0x3b/0x350 [ 128.225539][ T6011] ? path_openat+0x2e25/0x38a0 [ 128.225554][ T6011] path_openat+0x2e3d/0x38a0 [ 128.225581][ T6011] ? __pfx_path_openat+0x10/0x10 [ 128.225601][ T6011] ? do_raw_spin_lock+0x12b/0x2f0 [ 128.225623][ T6011] do_file_open+0x23e/0x4a0 [ 128.225636][ T6011] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 128.225658][ T6011] ? __pfx_do_file_open+0x10/0x10 [ 128.225671][ T6011] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 128.225695][ T6011] ? alloc_fd+0x64e/0x6c0 [ 128.225718][ T6011] do_sys_openat2+0x113/0x200 [ 128.225738][ T6011] ? lockdep_hardirqs_on+0x7a/0x110 [ 128.225757][ T6011] ? __pfx_do_sys_openat2+0x10/0x10 [ 128.225782][ T6011] __x64_sys_openat+0x138/0x170 [ 128.225805][ T6011] do_syscall_64+0x14d/0xf80 [ 128.225824][ T6011] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.225839][ T6011] ? clear_bhb_loop+0x40/0x90 [ 128.225856][ T6011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.225871][ T6011] RIP: 0033:0x7f99b3c8c84e [ 128.225888][ T6011] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 128.225901][ T6011] RSP: 002b:00007f99b1efcb28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 128.225920][ T6011] RAX: ffffffffffffffda RBX: 00007f99b1efd6c0 RCX: 00007f99b3c8c84e [ 128.225932][ T6011] RDX: 0000000000000002 RSI: 00007f99b1efcc00 RDI: ffffffffffffff9c [ 128.225943][ T6011] RBP: 00007f99b1efcc00 R08: 0000000000000000 R09: 0000000000000000 [ 128.225952][ T6011] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd [ 128.225962][ T6011] R13: 00007f99b3f46128 R14: 00007f99b3f46090 R15: 00007ffeb2a2c868 [ 128.225980][ T6011] [ 128.225985][ T6011] [ 128.225989][ T6011] Allocated by task 1: [ 128.225996][ T6011] kasan_save_track+0x3e/0x80 [ 128.226008][ T6011] __kasan_kmalloc+0x93/0xb0 [ 128.226021][ T6011] __kmalloc_cache_noprof+0x3a6/0x690 [ 128.226036][ T6011] dvb_register_device+0x2fd/0x2210 [ 128.226055][ T6011] dvb_register_frontend+0x665/0x970 [ 128.226071][ T6011] vidtv_bridge_probe+0x9aa/0xf80 [ 128.226092][ T6011] platform_probe+0xf9/0x190 [ 128.226113][ T6011] really_probe+0x267/0xaf0 [ 128.226126][ T6011] __driver_probe_device+0x18c/0x320 [ 128.226138][ T6011] driver_probe_device+0x4f/0x240 [ 128.226152][ T6011] __driver_attach+0x349/0x640 [ 128.226164][ T6011] bus_for_each_dev+0x23e/0x2c0 [ 128.226181][ T6011] bus_add_driver+0x348/0x670 [ 128.226199][ T6011] driver_register+0x23a/0x320 [ 128.226214][ T6011] vidtv_bridge_init+0x28/0x50 [ 128.226236][ T6011] do_one_initcall+0x250/0x840 [ 128.226256][ T6011] do_initcall_level+0x104/0x190 [ 128.226272][ T6011] do_initcalls+0x59/0xa0 [ 128.226285][ T6011] kernel_init_freeable+0x2a6/0x3d0 [ 128.226300][ T6011] kernel_init+0x1d/0x1d0 [ 128.226312][ T6011] ret_from_fork+0x51e/0xb90 [ 128.226328][ T6011] ret_from_fork_asm+0x1a/0x30 [ 128.226350][ T6011] [ 128.226353][ T6011] Freed by task 5996: [ 128.226359][ T6011] kasan_save_track+0x3e/0x80 [ 128.226371][ T6011] kasan_save_free_info+0x46/0x50 [ 128.226390][ T6011] __kasan_slab_free+0x5c/0x80 [ 128.226402][ T6011] kfree+0x1c1/0x690 [ 128.226413][ T6011] dvb_device_open+0x2d6/0x360 [ 128.226431][ T6011] chrdev_open+0x4d0/0x5f0 [ 128.226446][ T6011] do_dentry_open+0x83d/0x13e0 [ 128.226463][ T6011] vfs_open+0x3b/0x350 [ 128.226484][ T6011] path_openat+0x2e3d/0x38a0 [ 128.226496][ T6011] do_file_open+0x23e/0x4a0 [ 128.226508][ T6011] do_sys_openat2+0x113/0x200 [ 128.226526][ T6011] __x64_sys_openat+0x138/0x170 [ 128.226544][ T6011] do_syscall_64+0x14d/0xf80 [ 128.226562][ T6011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.226575][ T6011] [ 128.226579][ T6011] The buggy address belongs to the object at ffff88802baa3800 [ 128.226579][ T6011] which belongs to the cache kmalloc-512 of size 512 [ 128.226591][ T6011] The buggy address is located 24 bytes inside of [ 128.226591][ T6011] freed 512-byte region [ffff88802baa3800, ffff88802baa3a00) [ 128.226607][ T6011] [ 128.226610][ T6011] The buggy address belongs to the physical page: [ 128.226621][ T6011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2baa0 [ 128.226638][ T6011] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 128.226650][ T6011] flags: 0x80000000000040(head|node=0|zone=1) [ 128.226665][ T6011] page_type: f5(slab) [ 128.226679][ T6011] raw: 0080000000000040 ffff88813fe0dc80 dead000000000100 dead000000000122 [ 128.226693][ T6011] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 128.226707][ T6011] head: 0080000000000040 ffff88813fe0dc80 dead000000000100 dead000000000122 [ 128.226720][ T6011] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 128.226734][ T6011] head: 0080000000000002 ffffea0000aea801 00000000ffffffff 00000000ffffffff [ 128.226747][ T6011] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000004 [ 128.226755][ T6011] page dumped because: kasan: bad access detected [ 128.226765][ T6011] page_owner tracks the page as allocated [ 128.226770][ T6011] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 22764208870, free_ts 0 [ 128.226795][ T6011] post_alloc_hook+0x228/0x280 [ 128.226809][ T6011] get_page_from_freelist+0x28bb/0x2950 [ 128.226827][ T6011] __alloc_frozen_pages_noprof+0x18d/0x380 [ 128.226845][ T6011] allocate_slab+0x77/0x660 [ 128.226864][ T6011] refill_objects+0x334/0x3c0 [ 128.226882][ T6011] __pcs_replace_empty_main+0x328/0x5f0 [ 128.226903][ T6011] __kmalloc_cache_noprof+0x44e/0x690 [ 128.226917][ T6011] bus_add_driver+0x165/0x670 [ 128.226935][ T6011] driver_register+0x23a/0x320 [ 128.226951][ T6011] i2c_register_driver+0xbb/0x1a0 [ 128.226963][ T6011] do_one_initcall+0x250/0x840 [ 128.226983][ T6011] do_initcall_level+0x104/0x190 [ 128.226998][ T6011] do_initcalls+0x59/0xa0 [ 128.227012][ T6011] kernel_init_freeable+0x2a6/0x3d0 [ 128.227026][ T6011] kernel_init+0x1d/0x1d0 [ 128.227038][ T6011] ret_from_fork+0x51e/0xb90 [ 128.227054][ T6011] page_owner free stack trace missing [ 128.227059][ T6011] [ 128.227062][ T6011] Memory state around the buggy address: [ 128.227070][ T6011] ffff88802baa3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 128.227080][ T6011] ffff88802baa3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 128.227090][ T6011] >ffff88802baa3800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 128.227097][ T6011] ^ [ 128.227105][ T6011] ffff88802baa3880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 128.227114][ T6011] ffff88802baa3900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 128.227122][ T6011] ================================================================== [ 128.227189][ T6011] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 128.227210][ T6011] CPU: 0 UID: 0 PID: 6011 Comm: syz.2.21 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 128.227253][ T6011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 128.227263][ T6011] Call Trace: [ 128.227268][ T6011] [ 128.227273][ T6011] vpanic+0x1e0/0x670 [ 128.227296][ T6011] panic+0xc5/0xd0 [ 128.227315][ T6011] ? __pfx_panic+0x10/0x10 [ 128.227336][ T6011] ? preempt_schedule_thunk+0x16/0x30 [ 128.227353][ T6011] ? dvb_device_open+0xc4/0x360 [ 128.227390][ T6011] ? preempt_schedule_thunk+0x16/0x30 [ 128.227408][ T6011] ? dvb_device_open+0xc4/0x360 [ 128.227441][ T6011] check_panic_on_warn+0x89/0xb0 [ 128.227474][ T6011] ? dvb_device_open+0xc4/0x360 [ 128.227500][ T6011] end_report+0x6f/0x140 [ 128.227516][ T6011] kasan_report+0x128/0x150 [ 128.227533][ T6011] ? dvb_device_open+0xc4/0x360 [ 128.227557][ T6011] dvb_device_open+0xc4/0x360 [ 128.227580][ T6011] chrdev_open+0x4d0/0x5f0 [ 128.227597][ T6011] ? __pfx_chrdev_open+0x10/0x10 [ 128.227614][ T6011] ? fsnotify_open_perm_and_set_mode+0x138/0x6e0 [ 128.227640][ T6011] ? __pfx_chrdev_open+0x10/0x10 [ 128.227656][ T6011] do_dentry_open+0x83d/0x13e0 [ 128.227680][ T6011] vfs_open+0x3b/0x350 [ 128.227697][ T6011] ? path_openat+0x2e25/0x38a0 [ 128.227712][ T6011] path_openat+0x2e3d/0x38a0 [ 128.227738][ T6011] ? __pfx_path_openat+0x10/0x10 [ 128.227758][ T6011] ? do_raw_spin_lock+0x12b/0x2f0 [ 128.227779][ T6011] do_file_open+0x23e/0x4a0 [ 128.227793][ T6011] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 128.227814][ T6011] ? __pfx_do_file_open+0x10/0x10 [ 128.227827][ T6011] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 128.227851][ T6011] ? alloc_fd+0x64e/0x6c0 [ 128.227875][ T6011] do_sys_openat2+0x113/0x200 [ 128.227896][ T6011] ? lockdep_hardirqs_on+0x7a/0x110 [ 128.227919][ T6011] ? __pfx_do_sys_openat2+0x10/0x10 [ 128.227945][ T6011] __x64_sys_openat+0x138/0x170 [ 128.227968][ T6011] do_syscall_64+0x14d/0xf80 [ 128.227988][ T6011] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.228024][ T6011] ? clear_bhb_loop+0x40/0x90 [ 128.228042][ T6011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.228058][ T6011] RIP: 0033:0x7f99b3c8c84e [ 128.228070][ T6011] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 128.228083][ T6011] RSP: 002b:00007f99b1efcb28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 128.228099][ T6011] RAX: ffffffffffffffda RBX: 00007f99b1efd6c0 RCX: 00007f99b3c8c84e [ 128.228111][ T6011] RDX: 0000000000000002 RSI: 00007f99b1efcc00 RDI: ffffffffffffff9c [ 128.228122][ T6011] RBP: 00007f99b1efcc00 R08: 0000000000000000 R09: 0000000000000000 [ 128.228132][ T6011] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd [ 128.228142][ T6011] R13: 00007f99b3f46128 R14: 00007f99b3f46090 R15: 00007ffeb2a2c868 [ 128.228160][ T6011] [ 128.228760][ T6011] Kernel Offset: disabled